On Mon, Dec 28, 2009 at 03:15:53PM +0000, Anton Shterenlikht wrote: > I use fetchmail > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mail-fetchmail.html > to download all my mail from the Uni mail > server to my fbsd box. > > I typically run it in daemon mode, which requires > having my mail server password in plain text in .fetchmailrc > > I'm a little worried about the security of having > my password in plain text on the system.
chown you:yourgroup ~/.fetchmailrc chmod 400 ~/.fetchmailrc With these changes, only you and the superuser can read that file. You could put your /home directory on an ecrypted partition, so that ~/.fetchmailrc is only readable when /home is mounted. Note that this only provides protection after the machine has been powered down. > Is there a more secure arrangement that would > still allow running fetchmail in daemon mode? I'd be more worried that your password is sent as plaintext over the network using e.g. POP3. You should use the --ssl option if your mailserver allows it. > Or maybe there is another software solution > alltogether? Presumably you are running a mailserver on your box. You can ask the administrator to forward mail to your machine by making an MX record for it. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgpt2emvyFTQd.pgp
Description: PGP signature