I suspect this is an FAQ of sorts, but couldn't find an explicit answer to
this one (if it exists, please set flame-throwers to 'singe only').
I recently installed fetchmail 6.2.5 on my RH 7.3 GNU/Linux box. I set up a
crontab entry to have fetchmail periodically poll our central mail server
(which runs both IMAP and pop3), which is configured to handle both
kerberos, and TSL/SSL connections/authentication. Since I find kerberos a
pain, I decided to go with the SSL route, and the pop3 protocol.
I set up my .fetchmailrc to pull things off the server, and then route them
through the procmail MTA on my GNU/Linux machine. My .fetchmailrc looks
something like
poll machine.goes.here with proto pop3
user xyz123 is xyzabc here
no rewrite
password "blah blah blah"
ssl
mda "/usr/bin/procmail -f -"
This works fine, but I'm wondering about the security of having my password
sitting in plaint text in my .fetchmailrc file. Are there obvious things I
could do to eliminate the need to do this? Some way to interface fetchmail
with pgp, or some such?
Thanks in advance - and again, apologies if this is an "old question".