diff options
| author | Eric S. Raymond <esr@thyrsus.com> | 1997-07-17 20:54:32 +0000 |
|---|---|---|
| committer | Eric S. Raymond <esr@thyrsus.com> | 1997-07-17 20:54:32 +0000 |
| commit | 5b6b38cbd82468ac720d25b1889f63f4251bf4db (patch) | |
| tree | d12e69b8843a9388be9793b4ba32caa6d35f3c61 /fetchmail.man | |
| parent | 7b413aaa538cb43e69f954e2c7ee6a19951a48c8 (diff) | |
| download | fetchmail-5b6b38cbd82468ac720d25b1889f63f4251bf4db.tar.gz fetchmail-5b6b38cbd82468ac720d25b1889f63f4251bf4db.tar.bz2 fetchmail-5b6b38cbd82468ac720d25b1889f63f4251bf4db.zip | |
First round of changes for OPIE support.
svn path=/trunk/; revision=1173
Diffstat (limited to 'fetchmail.man')
| -rw-r--r-- | fetchmail.man | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/fetchmail.man b/fetchmail.man index 964beb4c..e2b4ce62 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -421,8 +421,13 @@ Kerberos preauthentication (either with --auth or the \fI.fetchmailrc\fR option \fBauthenticate kerberos_v4\fR) it will try to get a Kerberos ticket from the mailserver at the start of each query. .PP -If you use IMAP-K4 the code will expect the IMAP server to have -RFC1731-conformant AUTHENTICATE KERBEROS_V4 capability. +If you use IMAP-K4, \fIfetchmail\fR will expect the IMAP server to have +RFC1731-conformant AUTHENTICATE KERBEROS_V4 capability, and will use it. +.PP +If you are using POP3, and the server issues a one-time-password +challenge conforming to RFC1938, \fIfetchmail\fR will use your +password as a pass phrase to generate the required response. This +avoids sending secrets over the net unencrypted. .SH DAEMON MODE The @@ -1162,16 +1167,16 @@ The RFC822 parser used in multidrop mode chokes on some @-addresses that are technically legal but bizarre. Strange uses of quoting and embedded comments are likely to confuse it. .PP -Use of any of the supported protocols other than APOP, KPOP, IMAP-K4, -or ETRN requires that the program send unencrypted passwords over the -TCP/IP connection to the mailserver. This creates a risk that -name/password pairs might be snaffled with a packet sniffer or more -sophisticated monitoring software. Under Linux, the --interface -option can be used to restrict polling to availability of a specific -interface device with a specific local IP address, but snooping is -still possible if (a) either host has a network device that can be -opened in promiscuous mode, or (b) the intervening network link can be -tapped. +Use of any of the supported protocols other than POP3 with OTP, APOP, +KPOP, IMAP-K4, or ETRN requires that the program send unencrypted +passwords over the TCP/IP connection to the mailserver. This creates +a risk that name/password pairs might be snaffled with a packet +sniffer or more sophisticated monitoring software. Under Linux, the +--interface option can be used to restrict polling to availability of +a specific interface device with a specific local IP address, but +snooping is still possible if (a) either host has a network device +that can be opened in promiscuous mode, or (b) the intervening network +link can be tapped. .PP Send comments, bug reports, gripes, and the like to Eric S. Raymond <esr@thyrsus.com>. An HTML FAQ is available at the fetchmail home @@ -1208,3 +1213,6 @@ RFC 1730, RFC 1731, RFC 1732, RFC 2060, RFC 2061 .TP 5 ETRN: RFC 1985 +.TP 5 +OTP: +RFC 1938 |