On Mon,24.Aug.09, 11:37:53, Rob Gom wrote: > > Maybe I haven't been understood well. My mail provider gives me a > password. In mail program I add it to some wallet or let mail program > to encrypt it after setting up. If I want to use fetchmail, I have to > write it there in plain text (correct me if I'm wrong), which is not > what I like doing. Storing the password encrypted in some file has no benefit over storing the password in plain text, because anyone who gets the hash will be able to access your mail. And if you don't use SSL for connecting to the mail server you can encrypt the password as much as you like on your system, because it will be transmitted in clear over the wire. A potential attacker doesn't even have to break in your system. Even if you manage to avoid all these issues, root would still be able to get your password (basically you must assume you can't protect yourself from root). Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
Attachment:
signature.asc
Description: Digital signature