A generator that updates certificate fingerprints in .offlineimaprc
A generator that updates cert_fingerprint
lines in .offlineimaprc
configuration file. OfflineIMAP is a GPLv2 software to dispose your mailbox(es) as a local Maildir(s), which can be used with notmuch to retrieve mail from (several) IMAP
servers and read and search through it.
The configuration contains cert_fingerprint
lines to store certificates, which get outdated frequently and need to be updated. The updating is a bit of a hassle, hence this automated solution, which generates a .offlineimaprc
file from a template file .offlineimaprct
(created by you).
GUIs, TUIs and CLUIs
Although I strongly adhere to the "when there a TUI, don't use a GUI and when there's a CLUI, don't use a TUI" adage, there are good GUIs for web browsing and e-mail. But OfflineIMAP
creates a great local backup of the e-mails on your server, which can be searched through very fast using notmuch
.
Turtle and openssl
Turtle
Turtle is a reimplementation of the Unix command line environment in Haskell so that you can use Haskell as a scripting language or a shell. Think of turtle as coreutils embedded within the Haskell language.
openssl
OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit for the Transport Layer Security (TLS) protocol formerly known as the Secure Sockets Layer (SSL) protocol. The protocol implementation is based on a full-strength general purpose cryptographic library, which can also be used stand-alone.
The openssl command that is used by the generator to retrieve certificate fingerprints is as follows:
1openssl s_client -connect youremailserverbasedomain:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin
Backup your OflineIMAP configuration
First backup your .offlineimaprc
configuration file! e.g. As follows:
cp ~/.offlineimaprc ~/.offlineimaprc.backup
.offlineimaprct template
Copy your .offlineimaprc
file to .offlineimaprct
and execute the generator program. Use the -v
option to get verbose output.
.offlineimaprct
(example)
1# Sample configuration file
2# Copyright (C) 2002-2011 John Goerzen & contributors
3#
4# This program is free software; you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by
6# the Free Software Foundation; either version 2 of the License, or
7# (at your option) any later version.
8#
9# This program is distributed in the hope that it will be useful,
10# but WITHOUT ANY WARRANTY; without even the implied warranty of
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12# GNU General Public License for more details.
13#
14# You should have received a copy of the GNU General Public License
15# along with this program; if not, write to the Free Software
16# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17
18# Looking for a quick start? Take a look at offlineimap.conf.minimal.
19
20##################################################
21# General definitions
22##################################################
23
24[general]
25metadata = ~/.offlineimap
26accounts = Contact,Private
27
28# Set to the number of accounts.
29maxsyncaccounts = 2
30
31ui = machineui
32ignore-readonly = no
33[mbnames]
34enabled = no
35filename = ~/Mutt/muttrc.mailboxes
36header = "mailboxes "
37peritem = "+%(accountname)s/%(foldername)s"
38sep = " "
39footer = "\n"
40[ui.Curses.Blinkenlights]
41statuschar = .
42postsynchook = ~/bin/offlineimap-postsync.sh
43
44##################################################
45# Accounts
46##################################################
47
48[Account Contact]
49localrepository = LocalContact
50remoterepository = RemoteContact
51[Repository LocalContact]
52type = Maildir
53localfolders = ~/notmuch/contact
54sep = .
55restoreatime = no
56[Repository RemoteContact]
57type = IMAP
58remotehost = mail.contactdomainname.com
59ssl = yes
60cert_fingerprint = hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh
61remoteuser = contact@contactdomainname.com
62remotepass = passwordgoeshere
63maxconnections = 2
64holdconnectionopen = no
65subscribedonly = no
66readonly = True
67
68[Account Private]
69localrepository = LocalPrivate
70remoterepository = RemotePrivate
71[Repository LocalPrivate]
72type = Maildir
73localfolders = ~/notmuch/private
74sep = .
75restoreatime = no
76[Repository RemotePrivate]
77type = IMAP
78remotehost = mail.privatedomainname.com
79ssl = yes
80cert_fingerprint = hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh
81remoteuser = private@privatedomainname.com
82remotepass = passwordgoeshere
83maxconnections = 2
84holdconnectionopen = no
85subscribedonly = no
86readonly = True
Cloning the project and its submodules
1git clone --recurse-submodules https://github.com/maridonkers/OfflineImapGenerator
If the publicsuffix-haskell
submodule is not created, then clone it manually, as follows:
1cd OfflineImapGenerator
2git clone https://github.com/wereHamster/publicsuffix-haskell/
Note: publicsuffix-haskell
is in a submodule because you may want to bump it (use script/bump
) to a more recent Public Suffix List.
Building and executing
See the Makefile. Under NixOS first use a make shell
before the other make
commands.
1cd OfflineImapGenerator/offlineimapgenerator
2make rebuild
3make run
To get a full path to the built executable use make ls
and e.g. ln -s
to create a symbolic link.
See the source code at maridonkers/OfflineImapGenerator on GitHub.
Disclaimer
This is a 'one shot' program (excuse my Haskell) that I'm using myself but have not checked extensively, not cleaned up the code. If I find some time or run into bugs then I'll clean it up (probably).