I have recently posted a pdf explaining how to configure Mutt if you are a student or employee at Wageningen University and wish to use your WURnet email account on your own computer. In that HOWTO the program used to send mail (msmtp) is configured to use DavMail instead of directly connecting to the universities SMTP server. For those of you who do want to connect directly instead, the following lines may be used in “~/.msmtprc”.
# Configuration for direct connection (no DavMail needed)
account WUR
host smtp.wur.nl
port 25
from <firstname.lastname@wur.nl>
tls on
tls_trust_file /usr/local/share/certs/ca-root-nss.crt
tls_starttls on
auth on
user <firstname.lastname@wur.nl>
password <your WURnet password>
This configuration will work on FreeBSD, where the ca-certificates are found in the location /usr/local/share/certs. If you use a different system, then you may need to specify a different directory. Alternatively, it would also be possible (with decreasing security) to use (a) the tls_fingerprint option or (b) the tls_certcheck option (see “man msmtp”). For the tls_fingerprint option, you will need to specify the SHA1 fingerprint of the certificate that the server uses, which you can find by executing e.g.:
$> msmtp –serverinfo –tls –tls-certcheck=off –host=smtp.wur.nl | grep SHA | sed -r ‘s/.{14}//’
If this also doesn’t work (and it really should!), then you could also just use “tls_certcheck no”. But this can leave your email vulnerable to MitM’ing unpleasantness, so it is best avoided.
