2

I'm setting up my email client (mutt) on a new laptop (running Mac OSX Lion). I want to use SMTP with TLS for sending email. Searching for SMTP+Mutt+TLS reveals that Mutt's inbuilt secure SMTP stuff is vulnerable to man-in-the-middle attacks. That's okay as I can use an external MTA to send the mail. However, as I want to use TLS then I need to provide it with a username and password. Trouble is, if I want to have that done automatically then all the MTAs I've looked at so far (such as postfix) seem to store the password in an easily accessible manner (well, in a manner a bit too plain for my paranoid liking).

So my question is: Is there an MTA with SMTP+TLS support which can store the password in a secure manner?

Andrew Stacey
  • 123
  • 4
  • How can it be stored "securely" if the client must know the plaintext? – u1686_grawity Jun 12 '12 at 08:44
  • @grawity I don't know much about how SMTP+TLS authentication works - does the client send the password in plaintext? How do programs like Thunderbird or OSX's Mail store the password securely? – Andrew Stacey Jun 12 '12 at 08:48

1 Answers1

1

The msmtp MTA can store credentials in OS X Keychain, if it was compiled with --with-macosx-keyring option. (See, for example, msmtp on MacPorts.)

To use this functionality, create a keychain item named smtp://<smtp-host> of kind "Internet password" (replacing <smtp-host> with your SMTP server's address):

    Name: smtp.freemail.example
    Kind: Internet password
 Account: joe.smith
   Where: smtp://smtp.freemail.example
u1686_grawity
  • 426,297
  • 64
  • 894
  • 966