How do I point a mail client at Microsoft outlook?

Ranjan Maitra maitra at iastate.edu
Mon Jun 20 13:04:53 UTC 2011 

On Mon, 20 Jun 2011 05:24:12 -0500 Tim <ignored_mailbox at yahoo.com.au>
wrote:

> Tim:
> >> Who else gets to see *your* .fetchmailrc file?  In the normal run of
> >> things, these days, your homespace isn't accessible to other users,
> >> neither are the files in it.  If it is, then you've got plenty of other
> >> security concerns to worry about.
> 
> Ranjan Maitra:
> > I guess I worry that there is always the chance that the account
> > may be broken into and compromised.....
> 
> Is that any more likely than /them/ breaking into your mail account?

Perhaps more likely, if the mailer is at a well-protected central
account? In any case, this is an additional protection. Whether there
is value in additional protection at very little cost is an issue on
which we may legitimately disagree. 

> 
> I think that someone being able to break into your account would
> probably expose far more for you to worry about than just the
> fetchmailrc file with passwords in it.
> 
> Information cached by your web browser...  Passwords stored in other
> locations, even if seemingly encrypted (some encryption techniques are
> just useless)...  The ability of them to install something to snoop on
> you...

Of course, these are important issues, but I fail to see how following
an additional security "protocol" can hurt. 

> > I use ssl. Not sure if that takes into account your concerns, but in
> > any case, the one-time transmittal (in clear text if so, though
> > doubtful) seems to me may be a tad bit less worrisome than passwords
> > (assuredly clear-text) in an omnipresent .fetchmailrc. 
> 
> Assuming that passwords are sent through SSL, then they couldn't easily
> be snooped on.  Though various secure mail and messaging systems aren't
> always as secure as some people think.  Such as logon being secure, but
> not the actual message transmission.  So as soon as you get some email
> that confirms some of your logon credentials, or credit card details, or
> anything else you want kept confidential, by writing those details into
> the message, they're exposed.

Not sure how relevant this is. I am simply talking about an additional
layer of security which does not take care of every other security
issue.
 
> Anything that's not encrypted requires no effort to copy.  They don't
> have to hack into your account, all they have to do is listen to the
> traffic.
> 
> And then there's:  Maybe they can hack into the mail server, rather than
> your computer.

But that they can do anyway. I have no control over that. Only over my
machine(s). Once again, short of bluster, I can not see what harm an
additional layer of security can possibly cause. Note that a password
needs to be typed once only when a fetchmail command is initiated.
Since linux machines can run for months on end without reboot, that
effectively means only once in that many times. But, of course, as I
have already also said, to each his own.

> 
> >> Well, as I said, try it and see what happens.  
> 
> > Not clear how this pertains to my response.
> 
> In that you wondered whether you could omit the password, and whether it
> would prompt.  A simple experiment would have given you the answer.

Well, if you followed the threads, you would realize that you are
conflating someone else's query with my response. Your statement does
not make sense because it does not apply to me. As should have been
clear from my response, I know how to use fetchmail at least somewhat. 

> The same could be said about many queries on this mailing list.  And
> you'd know the answer straight away.

Of course, but one of the beauties of the fedora mailing list has been
the patience with which newcomers/not well-experiences have their
questions answered. I have found that very helpful in the past, and it
has helped me to the point that I can now sometimes help others with
their questions.

Best wishes,
Ranjan

More information about the users mailing list