In my case, I'm the only local user on this box so I'm not worried too
much. In the same case, I should store my password in my .fetchmailrc
file, but I'd rather do that than type in my password every time
fetchmail kicks up.
I would like to know how to make it more secure, however. But at
least it is secure past my local system.
> On 20010730.2244, Rafal Kupka said ...
> On Sun, Jul 29, 2001 at 04:44:57PM -0700, Rob Hudson wrote:
> [cut - about secure pop3 daemon]
> > I currently have fetchmail opening up a SSH tunnel, and get my mail
> > via popa3d. I'll attach relavent scripts...
> > /home/user/.fetchmailrc:
> > -----------------------
> > poll cogit8.org via localhost protocol pop3 port 12574:
> > preconnect "ssh -C -f -L 12574:cogit8.org:110 cogit8.org sleep 10"
> > password <your_password>;
> > I guess that's it. This basically says,
> > preconnect (do this before fetching mail)
> > open a SSH channel from server cogit8.org port 110 to localhost port
> > 12574 (arbitrary port number), wait 10 seconds for fetchmail to get in
> > there.
> > then,
> > fetchmail on localhost port 12574.
> This is unsecure - any localhost user can sniff your passwords.
> kupson@temp: ~$ nc -l -p 60001 # choosen port number
> USER kupson
> PASS <mypassword>
> kupson@temp: ~$
> Type "+OK" after fetchmail connects to netcat, then several times <ENTER> .
> Ssh didn't notify fetchmail that it cannot forwand
> remote port to localhost.
> You can run fetchmail as user root and choose port number < 1024,
> but it's even worse security problem.
> Somebody know how do it better ?
> [cut - rest]
> PS: Sorry for my english.
> Great software without the knowledge to run it is pretty useless.
> (Linux Gazette #1)
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
- From: "Moe Harley" <firstname.lastname@example.org>
- Re: pop3
- From: Pedro Zorzenon Neto <email@example.com>
- Re: pop3
- From: Rob Hudson <firstname.lastname@example.org>
- Re: pop3
- From: Rafal Kupka <email@example.com>