Menu
▾
▴
Re: [Fetchmail-users] Fetchmail without passwords in plaintext file?
|
From: grarpamp <gra...@gm...> - 2018-11-19 19:02:31
|
On 11/18/18, Susan Ruiz <sus...@gm...> wrote: > Hi, to retrieve my emails using POP3, both from gmail and from my > company email account, I am working with fetchmail version 6.3.26, I > would like to know if there is any way to avoid leaving my password in > the .fetchmailrc file. > > How to encrypt it? Thanks in advance Fetchmail does not yet support any sort of file encryption passphrase input during invocation. If it did, that could cover all sorts of key material, server, and account disclosure, etc that is present in the rc, statefiles, and even possibly the maildir / mbox itself for later export. There's probably some password options in the manpage for use on command line. Though some programs do not hide that from the ps or environment. The .fetchmail rc should be chmod 0600. And you should be using full disk encryption. And or any relavant filesystem or file based encryption if FDE is insufficient defense, or unavailable. Some VM schemes may offer encrypted containers. |
