2

I'm setting up my email client (mutt) on a new laptop (running Mac OSX Lion). I want to use SMTP with TLS for sending email. Searching for SMTP+Mutt+TLS reveals that Mutt's inbuilt secure SMTP stuff is vulnerable to man-in-the-middle attacks. That's okay as I can use an external MTA to send the mail. However, as I want to use TLS then I need to provide it with a username and password. Trouble is, if I want to have that done automatically then all the MTAs I've looked at so far (such as postfix) seem to store the password in an easily accessible manner (well, in a manner a bit too plain for my paranoid liking).

So my question is: Is there an MTA with SMTP+TLS support which can store the password in a secure manner?

Andrew Stacey
  • 123

1 Answers1

1

The msmtp MTA can store credentials in OS X Keychain, if it was compiled with --with-macosx-keyring option. (See, for example, msmtp on MacPorts.)

To use this functionality, create a keychain item named smtp://<smtp-host> of kind "Internet password" (replacing <smtp-host> with your SMTP server's address):

    Name: smtp.freemail.example
    Kind: Internet password
 Account: joe.smith
   Where: smtp://smtp.freemail.example
grawity
  • 501,077