Linux iad1-shared-b7-18 6.6.49-grsec-jammy+ #10 SMP Thu Sep 12 23:23:08 UTC 2024 x86_64
Apache
: 67.205.6.31 | : 216.73.216.47
Cant Read [ /etc/named.conf ]
8.2.29
fernandoquevedo
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
share /
doc /
mutt /
html /
[ HOME SHELL ]
Name
Size
Permission
Action
advancedusage.html
112.71
KB
-rw-r--r--
configuration.html
137.4
KB
-rw-r--r--
gettingstarted.html
90.03
KB
-rw-r--r--
index.html
33.53
KB
-rw-r--r--
intro.html
10.92
KB
-rw-r--r--
manual.html
894.41
KB
-rw-r--r--
mimesupport.html
53.8
KB
-rw-r--r--
miscellany.html
10.79
KB
-rw-r--r--
optionalfeatures.html
77.78
KB
-rw-r--r--
reference.html
405.42
KB
-rw-r--r--
security.html
8.2
KB
-rw-r--r--
tuning.html
8.49
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : optionalfeatures.html
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Chapter 6. Optional Features</title><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="home" href="index.html" title="The Mutt E-Mail Client" /><link rel="up" href="index.html" title="The Mutt E-Mail Client" /><link rel="prev" href="mimesupport.html" title="Chapter 5. Mutt's MIME Support" /><link rel="next" href="security.html" title="Chapter 7. Security Considerations" /><style xmlns="" type="text/css"> body { margin-left:2%; margin-right:2%; font-family:serif; } .toc, .list-of-tables, .list-of-examples { font-family:sans-serif; } h1, h2, h3, h4, h5, h6 { font-family:sans-serif; } p { text-align:justify; } div.table p.title, div.example p.title { font-size:smaller; font-family:sans-serif; } .email, .email a { font-family:monospace; } div.table-contents table, div.informaltable table { border-collapse:collapse; border:1px solid #c0c0c0; } div.table-contents table td, div.informaltable td, div.table-contents table th, div.informaltable table th { padding:5px; text-align:left; } div.table-contents table th, div.informaltable table th { font-family:sans-serif; background:#d0d0d0; font-weight:normal; vertical-align:top; } div.cmdsynopsis { border-left:1px solid #707070; padding-left:5px; } li div.cmdsynopsis { border-left:none; padding-left:0px; } pre.screen, div.note { background:#f0f0f0; border:1px solid #c0c0c0; padding:5px; margin-left:2%; margin-right:2%; } div.example p.title { margin-left:2%; } div.note h3 { font-size:small; font-style:italic; font-variant: small-caps; } div.note h3:after { content: ":" } div.note { margin-bottom: 5px; } .command { font-family: monospace; font-weight: normal; } .command strong { font-weight: normal; } tr { vertical-align: top; } .comment { color:#707070; } </style></head><body><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 6. Optional Features</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="mimesupport.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="security.html">Next</a></td></tr></table><hr /></div><div class="chapter"><div class="titlepage"><div><div><h1 class="title"><a id="optionalfeatures"></a>Chapter 6. Optional Features</h1></div></div></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="sect1"><a href="optionalfeatures.html#optionalfeatures-notes">1. General Notes</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#compile-time-features">1.1. Enabling/Disabling Features</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#url-syntax">1.2. URL Syntax</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#ssl">2. SSL/TLS Support</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#starttls">2.1. STARTTLS</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#secure-tunnel">2.2. Tunnel</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#pop">3. POP3 Support</a></span></dt><dt><span class="sect1"><a href="optionalfeatures.html#imap">4. IMAP Support</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#imap-browser">4.1. The IMAP Folder Browser</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#imap-authentication">4.2. Authentication</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#smtp">5. SMTP Support</a></span></dt><dt><span class="sect1"><a href="optionalfeatures.html#oauth">6. OAUTHBEARER Support</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#xoauth2">6.1. XOAUTH2 Support</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#account-hook">7. Managing Multiple Accounts</a></span></dt><dt><span class="sect1"><a href="optionalfeatures.html#caching">8. Local Caching</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#header-caching">8.1. Header Caching</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#body-caching">8.2. Body Caching</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#cache-dirs">8.3. Cache Directories</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#maint-cache">8.4. Maintenance</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#exact-address">9. Exact Address Generation</a></span></dt><dt><span class="sect1"><a href="optionalfeatures.html#sending-mixmaster">10. Sending Anonymous Messages via Mixmaster</a></span></dt><dt><span class="sect1"><a href="optionalfeatures.html#sidebar">11. Sidebar</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-intro">11.1. Introduction</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-variables">11.2. Variables</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-functions">11.3. Functions</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-whitelist">11.4. Commands</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-colors">11.5. Colors</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-sort">11.6. Sort</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#sidebar-see-also">11.7. See Also</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#compress">12. Compressed Folders Feature</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#compress-intro">12.1. Introduction</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#compress-commands">12.2. Commands</a></span></dt></dl></dd><dt><span class="sect1"><a href="optionalfeatures.html#autocryptdoc">13. Autocrypt</a></span></dt><dd><dl><dt><span class="sect2"><a href="optionalfeatures.html#autocryptdoc-requirements">13.1. Requirements</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#autocryptdoc-init">13.2. First Run</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#autocryptdoc-compose">13.3. Compose Menu</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#autocryptdoc-acctmgmt">13.4. Account Management</a></span></dt><dt><span class="sect2"><a href="optionalfeatures.html#autocryptdoc-keyrings">13.5. Alternative Key and Keyring Strategies</a></span></dt></dl></dd></dl></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="optionalfeatures-notes"></a>1. General Notes</h2></div></div></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="compile-time-features"></a>1.1. Enabling/Disabling Features</h3></div></div></div><p> Mutt supports several of optional features which can be enabled or disabled at compile-time by giving the <span class="emphasis"><em>configure</em></span> script certain arguments. These are listed in the <span class="quote">“<span class="quote">Optional features</span>”</span> section of the <span class="emphasis"><em>configure --help</em></span> output. </p><p> Which features are enabled or disabled can later be determined from the output of <code class="literal">mutt -v</code>. If a compile option starts with <span class="quote">“<span class="quote">+</span>”</span> it is enabled and disabled if prefixed with <span class="quote">“<span class="quote">-</span>”</span>. For example, if Mutt was compiled using GnuTLS for encrypted communication instead of OpenSSL, <code class="literal">mutt -v</code> would contain: </p><pre class="screen"> -USE_SSL_OPENSSL +USE_SSL_GNUTLS</pre></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="url-syntax"></a>1.2. URL Syntax</h3></div></div></div><p> Mutt optionally supports the IMAP, POP3 and SMTP protocols which require to access servers using URLs. The canonical syntax for specifying URLs in Mutt is (an item enclosed in <code class="literal">[]</code> means it is optional and may be omitted): </p><pre class="screen"> proto[s]://[username[:password]@]server[:port][/path] </pre><p> <span class="emphasis"><em>proto</em></span> is the communication protocol: <code class="literal">imap</code> for IMAP, <code class="literal">pop</code> for POP3 and <code class="literal">smtp</code> for SMTP. If <span class="quote">“<span class="quote">s</span>”</span> for <span class="quote">“<span class="quote">secure communication</span>”</span> is appended, Mutt will attempt to establish an encrypted communication using SSL or TLS. </p><p> Since all protocols supported by Mutt support/require authentication, login credentials may be specified in the URL. This has the advantage that multiple IMAP, POP3 or SMTP servers may be specified (which isn't possible using, for example, <a class="link" href="reference.html#imap-user" title="3.151. imap_user">$imap_user</a>). The username may contain the <span class="quote">“<span class="quote">@</span>”</span> symbol being used by many mail systems as part of the login name. The special characters <span class="quote">“<span class="quote">/</span>”</span> (<code class="literal">%2F</code>), <span class="quote">“<span class="quote">:</span>”</span> (<code class="literal">%3A</code>) and <span class="quote">“<span class="quote">%</span>”</span> (<code class="literal">%25</code>) have to be URL-encoded in usernames using the <code class="literal">%</code>-notation. </p><p> A password can be given, too but is not recommended if the URL is specified in a configuration file on disk. </p><p> If no port number is given, Mutt will use the system's default for the given protocol (usually consulting <code class="literal">/etc/services</code>). </p><p> The optional path is only relevant for IMAP and ignored elsewhere. </p><div class="example"><a id="ex-url"></a><p class="title"><strong>Example 6.1. URLs</strong></p><div class="example-contents"><pre class="screen"> pops://host/ imaps://user@host/INBOX/Sent smtp://user@host:587/ </pre></div></div><br class="example-break" /></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="ssl"></a>2. SSL/TLS Support</h2></div></div></div><p> If Mutt is compiled with IMAP, POP3 and/or SMTP support, it can also be compiled with support for SSL or TLS using either OpenSSL or GnuTLS ( by running the <span class="emphasis"><em>configure</em></span> script with the <span class="emphasis"><em>--enable-ssl=...</em></span> option for OpenSSL or <span class="emphasis"><em>--enable-gnutls=...</em></span> for GnuTLS). Mutt can then attempt to encrypt communication with remote servers if these protocols are suffixed with <span class="quote">“<span class="quote">s</span>”</span> for <span class="quote">“<span class="quote">secure communication</span>”</span>. </p><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="starttls"></a>2.1. STARTTLS</h3></div></div></div><p> When non-secure URL protocols <code class="literal">imap://</code>, <code class="literal">pop://</code>, and <code class="literal">smtp://</code> are used, the initial connection to the server will be unencrypted. <code class="literal">STARTTLS</code> can be used to negotiate an encrypted connection after the initial unencrypted connection and exchange. </p><p> Two configuration variables control Mutt's behavior with <code class="literal">STARTTLS</code>. <a class="link" href="reference.html#ssl-starttls" title="3.366. ssl_starttls">$ssl_starttls</a> will initiate <code class="literal">STARTTLS</code> if the server advertises support for it. <a class="link" href="reference.html#ssl-force-tls" title="3.364. ssl_force_tls">$ssl_force_tls</a> will always try to initiate it, whether the server advertises support or not. </p><p> Mutt <span class="emphasis"><em>highly recommends</em></span> setting <a class="link" href="reference.html#ssl-force-tls" title="3.364. ssl_force_tls">$ssl_force_tls</a> unless you need to connect to an unencrypted server. It's possible for an attacker to spoof interactions during the initial connection and hide support for <code class="literal">STARTTLS</code>. The only way to prevent these attacks is by forcing <code class="literal">STARTTLS</code> with the <a class="link" href="reference.html#ssl-force-tls" title="3.364. ssl_force_tls">$ssl_force_tls</a> configuration variable. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="secure-tunnel"></a>2.2. Tunnel</h3></div></div></div><p> When connecting through a <a class="link" href="reference.html#tunnel" title="3.396. tunnel">$tunnel</a> and <a class="link" href="reference.html#tunnel-is-secure" title="3.397. tunnel_is_secure">$tunnel_is_secure</a> is set (the default), Mutt will assume the connection to the server through the pipe is already secured. Mutt will ignore <a class="link" href="reference.html#ssl-starttls" title="3.366. ssl_starttls">$ssl_starttls</a> and <a class="link" href="reference.html#ssl-force-tls" title="3.364. ssl_force_tls">$ssl_force_tls</a>, behaving as if TLS has already been negotiated. </p><p> When <a class="link" href="reference.html#tunnel-is-secure" title="3.397. tunnel_is_secure">$tunnel_is_secure</a> is unset, Mutt will respect the values of <a class="link" href="reference.html#ssl-starttls" title="3.366. ssl_starttls">$ssl_starttls</a> and <a class="link" href="reference.html#ssl-force-tls" title="3.364. ssl_force_tls">$ssl_force_tls</a>. It is <span class="emphasis"><em>highly recommended</em></span> to set <a class="link" href="reference.html#ssl-force-tls" title="3.364. ssl_force_tls">$ssl_force_tls</a> in this case, to force <code class="literal">STARTTLS</code> negotiation. Note that doing so will prevent connection to an IMAP server configured for preauthentication (<code class="literal">PREAUTH</code>). If you use this configuration, it is recommended to use a secure tunnel. </p></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="pop"></a>3. POP3 Support</h2></div></div></div><p> If Mutt is compiled with POP3 support (by running the <span class="emphasis"><em>configure</em></span> script with the <span class="emphasis"><em>--enable-pop</em></span> flag), it has the ability to work with mailboxes located on a remote POP3 server and fetch mail for local browsing. </p><p> Remote POP3 servers can be accessed using URLs with the <code class="literal">pop</code> protocol for unencrypted and <code class="literal">pops</code> for encrypted communication, see <a class="xref" href="optionalfeatures.html#url-syntax" title="1.2. URL Syntax">Section 1.2, “URL Syntax”</a> for details. </p><p> Polling for new mail is more expensive over POP3 than locally. For this reason the frequency at which Mutt will check for mail remotely can be controlled by the <a class="link" href="reference.html#pop-checkinterval" title="3.246. pop_checkinterval">$pop_checkinterval</a> variable, which defaults to every 60 seconds. </p><p> POP is read-only which doesn't allow for some features like editing messages or changing flags. However, using <a class="xref" href="optionalfeatures.html#header-caching" title="8.1. Header Caching">Section 8.1, “Header Caching”</a> and <a class="xref" href="optionalfeatures.html#body-caching" title="8.2. Body Caching">Section 8.2, “Body Caching”</a> Mutt simulates the new/old/read flags as well as flagged and replied. Mutt applies some logic on top of remote messages but cannot change them so that modifications of flags are lost when messages are downloaded from the POP server (either by Mutt or other tools). </p><a id="fetch-mail"></a><p> Another way to access your POP3 mail is the <code class="literal"><fetch-mail></code> function (default: G). It allows to connect to <a class="link" href="reference.html#pop-host" title="3.248. pop_host">$pop_host</a>, fetch all your new mail and place it in the local <a class="link" href="reference.html#spoolfile" title="3.361. spoolfile">$spoolfile</a>. After this point, Mutt runs exactly as if the mail had always been local. </p><div class="note"><h3 class="title">Note</h3><p> If you only need to fetch all messages to a local mailbox you should consider using a specialized program, such as <code class="literal">fetchmail(1)</code>, <code class="literal">getmail(1)</code> or similar. </p></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="imap"></a>4. IMAP Support</h2></div></div></div><p> If Mutt was compiled with IMAP support (by running the <span class="emphasis"><em>configure</em></span> script with the <span class="emphasis"><em>--enable-imap</em></span> flag), it has the ability to work with folders located on a remote IMAP server. </p><p> You can access the remote inbox by selecting the folder by its URL (see <a class="xref" href="optionalfeatures.html#url-syntax" title="1.2. URL Syntax">Section 1.2, “URL Syntax”</a> for details) using the <code class="literal">imap</code> or <code class="literal">imaps</code> protocol. Alternatively, a pine-compatible notation is also supported, i.e. <code class="literal">{[username@]imapserver[:port][/ssl]}path/to/folder</code> </p><p> Note that not all servers use <span class="quote">“<span class="quote">/</span>”</span> as the hierarchy separator. Mutt should correctly notice which separator is being used by the server and convert paths accordingly. </p><p> When browsing folders on an IMAP server, you can toggle whether to look at only the folders you are subscribed to, or all folders with the <span class="emphasis"><em>toggle-subscribed</em></span> command. See also the <a class="link" href="reference.html#imap-list-subscribed" title="3.141. imap_list_subscribed">$imap_list_subscribed</a> variable. </p><p> Polling for new mail on an IMAP server can cause noticeable delays. So, you'll want to carefully tune the <a class="link" href="reference.html#mail-check" title="3.161. mail_check">$mail_check</a> and <a class="link" href="reference.html#timeout" title="3.389. timeout">$timeout</a> variables. Reasonable values are: </p><pre class="screen"> set mail_check=90 set timeout=15 </pre><p> with relatively good results even over slow modem lines. </p><div class="note"><h3 class="title">Note</h3><p> Note that if you are using mbox as the mail store on UW servers prior to v12.250, the server has been reported to disconnect a client if another client selects the same folder. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="imap-browser"></a>4.1. The IMAP Folder Browser</h3></div></div></div><p> As of version 1.2, Mutt supports browsing mailboxes on an IMAP server. This is mostly the same as the local file browser, with the following differences: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> In lieu of file permissions, Mutt displays the string <span class="quote">“<span class="quote">IMAP</span>”</span>, possibly followed by the symbol <span class="quote">“<span class="quote">+</span>”</span>, indicating that the entry contains both messages and subfolders. On Cyrus-like servers folders will often contain both messages and subfolders. A mailbox name with a trailing delimiter (usually <span class="quote">“<span class="quote">/</span>”</span> or <span class="quote">“<span class="quote">.</span>”</span>) indicates subfolders. </p></li><li class="listitem"><p> For the case where an entry can contain both messages and subfolders, the selection key (bound to <code class="literal">enter</code> by default) will choose to descend into the subfolder view. If you wish to view the messages in that folder, you must use <code class="literal">view-file</code> instead (bound to <code class="literal">space</code> by default). </p></li><li class="listitem"><p> You can create, delete and rename mailboxes with the <code class="literal"><create-mailbox></code>, <code class="literal"><delete-mailbox></code>, and <code class="literal"><rename-mailbox></code> commands (default bindings: <code class="literal">C</code>, <code class="literal">d</code> and <code class="literal">r</code>, respectively). You may also <code class="literal"><subscribe></code> and <code class="literal"><unsubscribe></code> to mailboxes (normally these are bound to <code class="literal">s</code> and <code class="literal">u</code>, respectively). </p></li></ul></div></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="imap-authentication"></a>4.2. Authentication</h3></div></div></div><p> Mutt supports four authentication methods with IMAP servers: SASL, GSSAPI, CRAM-MD5, and LOGIN (there is a patch by Grant Edwards to add NTLM authentication for you poor exchange users out there, but it has yet to be integrated into the main tree). There is also support for the pseudo-protocol ANONYMOUS, which allows you to log in to a public IMAP server without having an account. To use ANONYMOUS, simply make your username blank or <span class="quote">“<span class="quote">anonymous</span>”</span>. </p><p> SASL is a special super-authenticator, which selects among several protocols (including GSSAPI, CRAM-MD5, ANONYMOUS, and DIGEST-MD5) the most secure method available on your host and the server. Using some of these methods (including DIGEST-MD5 and possibly GSSAPI), your entire session will be encrypted and invisible to those teeming network snoops. It is the best option if you have it. To use it, you must have the Cyrus SASL library installed on your system and compile Mutt with the <span class="emphasis"><em>--with-sasl</em></span> flag. </p><p> Mutt will try whichever methods are compiled in and available on the server, in the following order: SASL, ANONYMOUS, GSSAPI, CRAM-MD5, LOGIN. </p><p> There are a few variables which control authentication: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> <a class="link" href="reference.html#imap-user" title="3.151. imap_user">$imap_user</a> - controls the username under which you request authentication on the IMAP server, for all authenticators. This is overridden by an explicit username in the mailbox path (i.e. by using a mailbox name of the form <code class="literal">{user@host}</code>). </p></li><li class="listitem"><p> <a class="link" href="reference.html#imap-pass" title="3.144. imap_pass">$imap_pass</a> - a password which you may preset, used by all authentication methods where a password is needed. </p></li><li class="listitem"><p> <a class="link" href="reference.html#imap-authenticators" title="3.132. imap_authenticators">$imap_authenticators</a> - a colon-delimited list of IMAP authentication methods to try, in the order you wish to try them. If specified, this overrides Mutt's default (attempt everything, in the order listed above). </p></li></ul></div></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="smtp"></a>5. SMTP Support</h2></div></div></div><p> Besides supporting traditional mail delivery through a sendmail-compatible program, Mutt supports delivery through SMTP if it was configured and built with <code class="literal">--enable-smtp</code>. </p><p> If the configuration variable <a class="link" href="reference.html#smtp-url" title="3.353. smtp_url">$smtp_url</a> is set, Mutt will contact the given SMTP server to deliver messages; if it is unset, Mutt will use the program specified by <a class="link" href="reference.html#sendmail" title="3.300. sendmail">$sendmail</a>. </p><p> For details on the URL syntax, please see <a class="xref" href="optionalfeatures.html#url-syntax" title="1.2. URL Syntax">Section 1.2, “URL Syntax”</a>. </p><p> The built-in SMTP support supports encryption (the <code class="literal">smtps</code> protocol using SSL or TLS) as well as SMTP authentication using SASL. The authentication mechanisms for SASL are specified in <a class="link" href="reference.html#smtp-authenticators" title="3.350. smtp_authenticators">$smtp_authenticators</a> defaulting to an empty list which makes Mutt try all available methods from most-secure to least-secure. </p></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="oauth"></a>6. OAUTHBEARER Support</h2></div></div></div><p> Preliminary OAUTH support for IMAP, POP, and SMTP is provided via external scripts. </p><p> At least for Gmail, you can use the <code class="literal">oauth2.py</code> script from Google's gmail-oauth2-tools: <a class="ulink" href="https://github.com/google/gmail-oauth2-tools/blob/master/python/oauth2.py" target="_top">https://github.com/google/gmail-oauth2-tools/blob/master/python/oauth2.py</a> </p><p> You'll need to get your own oauth client credentials for Gmail here: <a class="ulink" href="https://console.developers.google.com/apis/credentials" target="_top">https://console.developers.google.com/apis/credentials</a> </p><p> Then, you'd use <code class="literal">oauth2.py</code> with <code class="literal">--generate_oauth2_token</code> to get a refresh token, and configure mutt with: </p><pre class="screen"> set imap_authenticators="oauthbearer" set imap_oauth_refresh_command="/path/to/oauth2.py --quiet --user=[email_address]\ --client_id=[client_id] --client_secret=[client_secret]\ --refresh_token=[refresh_token]" </pre><p> Substitute pop or smtp for imap in the above example to configure for those. </p><p> An alternative script is <a class="ulink" href="https://gitlab.com/muttmua/mutt/tree/master/contrib/mutt_oauth2.py" target="_top">contrib/mutt_oauth2.py</a> script. For more details see <a class="ulink" href="https://gitlab.com/muttmua/mutt/tree/master/contrib/mutt_oauth2.py.README" target="_top">contrib/mutt_oauth2.py.README</a>. </p><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="xoauth2"></a>6.1. XOAUTH2 Support</h3></div></div></div><p> Support for the deprecated XOAUTH2 protocol is also available. To enable this, add <span class="quote">“<span class="quote">xoauth2</span>”</span> to the <a class="link" href="reference.html#imap-authenticators" title="3.132. imap_authenticators">$imap_authenticators</a>, <a class="link" href="reference.html#pop-authenticators" title="3.245. pop_authenticators">$pop_authenticators</a>, or <a class="link" href="reference.html#smtp-authenticators" title="3.350. smtp_authenticators">$smtp_authenticators</a> config variables. XOAUTH2 uses the same refresh command configuration variables as OAUTHBEARER: <a class="link" href="reference.html#imap-oauth-refresh-command" title="3.143. imap_oauth_refresh_command">$imap_oauth_refresh_command</a>, <a class="link" href="reference.html#pop-oauth-refresh-command" title="3.250. pop_oauth_refresh_command">$pop_oauth_refresh_command</a>, and <a class="link" href="reference.html#smtp-oauth-refresh-command" title="3.351. smtp_oauth_refresh_command">$smtp_oauth_refresh_command</a>. Those will need to be set to a script to generate the appropriate XOAUTH2 token. </p></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="account-hook"></a>7. Managing Multiple Accounts</h2></div></div></div><p> Usage: </p><div class="cmdsynopsis"><p><code class="command">account-hook</code> <em class="replaceable"><code>regexp</code></em> <em class="replaceable"><code>command</code></em> </p></div><p> If you happen to have accounts on multiple IMAP, POP and/or SMTP servers, you may find managing all the authentication settings inconvenient and error-prone. The <a class="link" href="optionalfeatures.html#account-hook" title="7. Managing Multiple Accounts"><span class="command"><strong>account-hook</strong></span></a> command may help. This hook works like <a class="link" href="configuration.html#folder-hook" title="9. Setting Variables Based Upon Mailbox"><span class="command"><strong>folder-hook</strong></span></a> but is invoked whenever Mutt needs to access a remote mailbox (including inside the folder browser), not just when you open the mailbox. This includes (for example) polling for new mail, storing Fcc messages and saving messages to a folder. As a consequence, <a class="link" href="optionalfeatures.html#account-hook" title="7. Managing Multiple Accounts"><span class="command"><strong>account-hook</strong></span></a> should only be used to set connection-related settings such as passwords or tunnel commands but not settings such as sender address or name (because in general it should be considered unpredictable which <a class="link" href="optionalfeatures.html#account-hook" title="7. Managing Multiple Accounts"><span class="command"><strong>account-hook</strong></span></a> was last used). </p><p> Some examples: </p><pre class="screen"> account-hook . 'unset imap_user; unset imap_pass; unset tunnel' account-hook imap://host1/ 'set imap_user=me1 imap_pass=foo' account-hook imap://host2/ 'set tunnel="ssh host2 /usr/libexec/imapd"' account-hook smtp://user@host3/ 'set tunnel="ssh host3 /usr/libexec/smtpd"' </pre><p> To manage multiple accounts with, for example, different values of <a class="link" href="reference.html#record" title="3.274. record">$record</a> or sender addresses, <a class="link" href="configuration.html#folder-hook" title="9. Setting Variables Based Upon Mailbox"><span class="command"><strong>folder-hook</strong></span></a> has to be used together with the <a class="link" href="configuration.html#mailboxes" title="16. Monitoring Incoming Mail"><span class="command"><strong>mailboxes</strong></span></a> command. </p><div class="example"><a id="ex-multiaccount"></a><p class="title"><strong>Example 6.2. Managing multiple accounts</strong></p><div class="example-contents"><pre class="screen"> mailboxes imap://user@host1/INBOX folder-hook imap://user@host1/ 'set folder=imap://host1/ ; set record=+INBOX/Sent' mailboxes imap://user@host2/INBOX folder-hook imap://user@host2/ 'set folder=imap://host2/ ; set record=+INBOX/Sent' </pre></div></div><br class="example-break" /><p> In example <a class="xref" href="optionalfeatures.html#ex-multiaccount" title="Example 6.2. Managing multiple accounts">Example 6.2, “Managing multiple accounts”</a> the folders are defined using <a class="link" href="configuration.html#mailboxes" title="16. Monitoring Incoming Mail"><span class="command"><strong>mailboxes</strong></span></a> so Mutt polls them for new mail. Each <a class="link" href="configuration.html#folder-hook" title="9. Setting Variables Based Upon Mailbox"><span class="command"><strong>folder-hook</strong></span></a> triggers when one mailbox below each IMAP account is opened and sets <a class="link" href="reference.html#folder" title="3.95. folder">$folder</a> to the account's root folder. Next, it sets <a class="link" href="reference.html#record" title="3.274. record">$record</a> to the <span class="emphasis"><em>INBOX/Sent</em></span> folder below the newly set <a class="link" href="reference.html#folder" title="3.95. folder">$folder</a>. Please notice that the value the <span class="quote">“<span class="quote">+</span>”</span> <a class="link" href="advancedusage.html#shortcuts" title="10. Mailbox Shortcuts">mailbox shortcut</a> refers to depends on the <span class="emphasis"><em>current</em></span> value of <a class="link" href="reference.html#folder" title="3.95. folder">$folder</a> and therefore has to be set separately per account. Setting other values like <a class="link" href="reference.html#from" title="3.107. from">$from</a> or <a class="link" href="reference.html#signature" title="3.318. signature">$signature</a> is analogous to setting <a class="link" href="reference.html#record" title="3.274. record">$record</a>. </p></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="caching"></a>8. Local Caching</h2></div></div></div><p> Mutt contains two types of local caching: <span class="emphasis"><em>(1)</em></span> the so-called <span class="quote">“<span class="quote">header caching</span>”</span> and <span class="emphasis"><em>(2)</em></span> the so-called <span class="quote">“<span class="quote">body caching</span>”</span> which are both described in this section. </p><p> Header caching is optional as it depends on external libraries, body caching is always enabled if Mutt is compiled with POP and/or IMAP support as these use it (body caching requires no external library). </p><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="header-caching"></a>8.1. Header Caching</h3></div></div></div><p> Mutt provides optional support for caching message headers for the following types of folders: IMAP, POP, Maildir and MH. Header caching greatly speeds up opening large folders because for remote folders, headers usually only need to be downloaded once. For Maildir and MH, reading the headers from a single file is much faster than looking at possibly thousands of single files (since Maildir and MH use one file per message.) </p><p> Header caching can be enabled via the configure script and the <span class="emphasis"><em>--enable-hcache</em></span> option. It's not turned on by default because external database libraries are required: one of tokyocabinet, kyotocabinet, lmdb, qdbm, gdbm or bdb must be present. </p><p> If enabled, <a class="link" href="reference.html#header-cache" title="3.111. header_cache">$header_cache</a> can be used to either point to a file or a directory. If set to point to a file, one database file for all folders will be used (which may result in lower performance), but one file per folder if it points to a directory. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="body-caching"></a>8.2. Body Caching</h3></div></div></div><p> Both cache methods can be combined using the same directory for storage (and for IMAP/POP even provide meaningful file names) which simplifies manual maintenance tasks. </p><p> In addition to caching message headers only, Mutt can also cache whole message bodies. This results in faster display of messages for POP and IMAP folders because messages usually have to be downloaded only once. </p><p> For configuration, the variable <a class="link" href="reference.html#message-cachedir" title="3.180. message_cachedir">$message_cachedir</a> must point to a directory. There, Mutt will create a hierarchy of subdirectories named like the account and mailbox path the cache is for. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="cache-dirs"></a>8.3. Cache Directories</h3></div></div></div><p> For using both, header and body caching, <a class="link" href="reference.html#header-cache" title="3.111. header_cache">$header_cache</a> and <a class="link" href="reference.html#message-cachedir" title="3.180. message_cachedir">$message_cachedir</a> can be safely set to the same value. </p><p> In a header or body cache directory, Mutt creates a directory hierarchy named like: <code class="literal">proto:user@hostname</code> where <code class="literal">proto</code> is either <span class="quote">“<span class="quote">pop</span>”</span> or <span class="quote">“<span class="quote">imap.</span>”</span> Within there, for each folder, Mutt stores messages in single files and header caches in files with the <span class="quote">“<span class="quote">.hcache</span>”</span> extension. All files can be removed as needed if the consumed disk space becomes an issue as Mutt will silently fetch missing items again. Pathnames are always stored in UTF-8 encoding. </p><p> For Maildir and MH, the header cache files are named after the MD5 checksum of the path. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="maint-cache"></a>8.4. Maintenance</h3></div></div></div><p> Mutt does not (yet) support maintenance features for header cache database files so that files have to be removed in case they grow too big. It depends on the database library used for header caching whether disk space freed by removing messages is re-used. </p><p> For body caches, Mutt can keep the local cache in sync with the remote mailbox if the <a class="link" href="reference.html#message-cache-clean" title="3.179. message_cache_clean">$message_cache_clean</a> variable is set. Cleaning means to remove messages from the cache which are no longer present in the mailbox which only happens when other mail clients or instances of Mutt using a different body cache location delete messages (Mutt itself removes deleted messages from the cache when syncing a mailbox). As cleaning can take a noticeable amount of time, it should not be set in general but only occasionally. </p></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="exact-address"></a>9. Exact Address Generation</h2></div></div></div><p> Mutt supports the <span class="quote">“<span class="quote">Name <user@host></span>”</span> address syntax for reading and writing messages, the older <span class="quote">“<span class="quote">user@host (Name)</span>”</span> syntax is only supported when reading messages. The <span class="emphasis"><em>--enable-exact-address</em></span> switch can be given to configure to build it with write-support for the latter syntax. <code class="literal">EXACT_ADDRESS</code> in the output of <code class="literal">mutt -v</code> indicates whether it's supported. </p><p> Note: If the full address contains non-ascii characters, or sequences that require RFC 2047 encoding, Mutt reverts to writing out the normalized <span class="quote">“<span class="quote">Name <user@host></span>”</span> form, in order to generate legal output. </p></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="sending-mixmaster"></a>10. Sending Anonymous Messages via Mixmaster</h2></div></div></div><p> You may also have compiled Mutt to co-operate with Mixmaster, an anonymous remailer. Mixmaster permits you to send your messages anonymously using a chain of remailers. Mixmaster support in Mutt is for mixmaster version 2.04 or later. </p><p> To use it, you'll have to obey certain restrictions. Most important, you cannot use the <code class="literal">Cc</code> and <code class="literal">Bcc</code> headers. To tell Mutt to use mixmaster, you have to select a remailer chain, using the mix function on the compose menu. </p><p> The chain selection screen is divided into two parts. In the (larger) upper part, you get a list of remailers you may use. In the lower part, you see the currently selected chain of remailers. </p><p> You can navigate in the chain using the <code class="literal"><chain-prev></code> and <code class="literal"><chain-next></code> functions, which are by default bound to the left and right arrows and to the <code class="literal">h</code> and <code class="literal">l</code> keys (think vi keyboard bindings). To insert a remailer at the current chain position, use the <code class="literal"><insert></code> function. To append a remailer behind the current chain position, use <code class="literal"><select-entry></code> or <code class="literal"><append></code>. You can also delete entries from the chain, using the corresponding function. Finally, to abandon your changes, leave the menu, or <code class="literal"><accept></code> them pressing (by default) the <code class="literal">Return</code> key. </p><p> Note that different remailers do have different capabilities, indicated in the %c entry of the remailer menu lines (see <a class="link" href="reference.html#mix-entry-format" title="3.194. mix_entry_format">$mix_entry_format</a>). Most important is the <span class="quote">“<span class="quote">middleman</span>”</span> capability, indicated by a capital <span class="quote">“<span class="quote">M</span>”</span>: This means that the remailer in question cannot be used as the final element of a chain, but will only forward messages to other mixmaster remailers. For details on the other capabilities, please have a look at the mixmaster documentation. </p></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="sidebar"></a>11. Sidebar</h2></div><div><h3 class="subtitle">Overview of mailboxes</h3></div></div></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-intro"></a>11.1. Introduction</h3></div></div></div><p> The Sidebar shows a list of all your mailboxes. The list can be turned on and off, it can be themed and the list style can be configured. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-variables"></a>11.2. Variables</h3></div></div></div><div class="table"><a id="table-sidebar-variables"></a><p class="title"><strong>Table 6.1. Sidebar Variables</strong></p><div class="table-contents"><table class="table" summary="Sidebar Variables" border="1"><colgroup><col /><col /><col /></colgroup><thead><tr><th>Name</th><th>Type</th><th>Default</th></tr></thead><tbody><tr><td><code class="literal">sidebar_delim_chars</code></td><td>string</td><td><code class="literal">/.</code></td></tr><tr><td><code class="literal">sidebar_divider_char</code></td><td>string</td><td><code class="literal">|</code></td></tr><tr><td><code class="literal">sidebar_folder_indent</code></td><td>boolean</td><td><code class="literal">no</code></td></tr><tr><td><code class="literal">sidebar_format</code></td><td>string</td><td><code class="literal">%B%* %n</code></td></tr><tr><td><code class="literal">sidebar_indent_string</code></td><td>string</td><td><code class="literal"> </code> (two spaces)</td></tr><tr><td><code class="literal">sidebar_new_mail_only</code></td><td>boolean</td><td><code class="literal">no</code></td></tr><tr><td><code class="literal">sidebar_next_new_wrap</code></td><td>boolean</td><td><code class="literal">no</code></td></tr><tr><td><code class="literal">sidebar_short_path</code></td><td>boolean</td><td><code class="literal">no</code></td></tr><tr><td><code class="literal">sidebar_sort_method</code></td><td>enum</td><td><code class="literal">unsorted</code></td></tr><tr><td><code class="literal">sidebar_visible</code></td><td>boolean</td><td><code class="literal">no</code></td></tr><tr><td><code class="literal">sidebar_width</code></td><td>number</td><td><code class="literal">20</code></td></tr></tbody></table></div></div><br class="table-break" /></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-functions"></a>11.3. Functions</h3></div></div></div><p> Sidebar adds the following functions to Mutt. By default, none of them are bound to keys. </p><div class="table"><a id="table-sidebar-functions"></a><p class="title"><strong>Table 6.2. Sidebar Functions</strong></p><div class="table-contents"><table class="table" summary="Sidebar Functions" border="1"><colgroup><col /><col /><col /></colgroup><thead><tr><th>Menus</th><th>Function</th><th>Description</th></tr></thead><tbody><tr><td>index,pager</td><td><code class="literal"><sidebar-next></code></td><td>Move the highlight to next mailbox</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-next-new></code></td><td>Move the highlight to next mailbox with new mail</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-open></code></td><td>Open highlighted mailbox</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-page-down></code></td><td>Scroll the Sidebar down 1 page</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-page-up></code></td><td>Scroll the Sidebar up 1 page</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-prev></code></td><td>Move the highlight to previous mailbox</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-prev-new></code></td><td>Move the highlight to previous mailbox with new mail</td></tr><tr><td>index,pager</td><td><code class="literal"><sidebar-toggle-visible></code></td><td>Make the Sidebar (in)visible</td></tr></tbody></table></div></div><br class="table-break" /></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-whitelist"></a>11.4. Commands</h3></div></div></div><div class="cmdsynopsis"><p><code class="command">sidebar_whitelist</code> <em class="replaceable"><code>mailbox</code></em> [ <em class="replaceable"><code>mailbox</code></em> ...]<br /><code class="command">unsidebar_whitelist</code> { <em class="replaceable"><code>*</code></em> | <em class="replaceable"><code>mailbox</code></em> ... }</p></div><p> This command specifies mailboxes that will always be displayed in the sidebar, even if <a class="link" href="reference.html#sidebar-new-mail-only" title="3.308. sidebar_new_mail_only">$sidebar_new_mail_only</a> is set and the mailbox does not contain new mail. </p><p> The <span class="quote">“<span class="quote">unsidebar_whitelist</span>”</span> command is used to remove a mailbox from the list of whitelisted mailboxes. Use <span class="quote">“<span class="quote">unsidebar_whitelist *</span>”</span> to remove all mailboxes. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-colors"></a>11.5. Colors</h3></div></div></div><div class="table"><a id="table-sidebar-colors"></a><p class="title"><strong>Table 6.3. Sidebar Colors</strong></p><div class="table-contents"><table class="table" summary="Sidebar Colors" border="1"><colgroup><col /><col /><col /></colgroup><thead><tr><th>Name</th><th>Default Color</th><th>Description</th></tr></thead><tbody><tr><td><code class="literal">sidebar_divider</code></td><td>default</td><td>The dividing line between the Sidebar and the Index/Pager panels</td></tr><tr><td><code class="literal">sidebar_flagged</code></td><td>default</td><td>Mailboxes containing flagged mail</td></tr><tr><td><code class="literal">sidebar_highlight</code></td><td>underline</td><td>Cursor to select a mailbox</td></tr><tr><td><code class="literal">sidebar_indicator</code></td><td>mutt <code class="literal">indicator</code></td><td>The mailbox open in the Index panel</td></tr><tr><td><code class="literal">sidebar_new</code></td><td>default</td><td>Mailboxes containing new mail</td></tr><tr><td><code class="literal">sidebar_spoolfile</code></td><td>default</td><td>Mailbox that receives incoming mail</td></tr></tbody></table></div></div><br class="table-break" /><p> If the <code class="literal">sidebar_indicator</code> color isn't set, then the default Mutt indicator color will be used (the color used in the index panel). </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-sort"></a>11.6. Sort</h3></div></div></div><div class="table"><a id="table-sidebar-sort"></a><p class="title"><strong>Table 6.4. Sidebar Sort</strong></p><div class="table-contents"><table class="table" summary="Sidebar Sort" border="1"><colgroup><col /><col /></colgroup><thead><tr><th>Sort</th><th>Description</th></tr></thead><tbody><tr><td><code class="literal">alpha</code></td><td>Alphabetically by path or label</td></tr><tr><td><code class="literal">count</code></td><td>Total number of messages</td></tr><tr><td><code class="literal">flagged</code></td><td>Number of flagged messages</td></tr><tr><td><code class="literal">name</code></td><td>Alphabetically by path or label</td></tr><tr><td><code class="literal">new</code></td><td>Number of unread messages</td></tr><tr><td><code class="literal">path</code></td><td>Alphabetically by path (ignores label)</td></tr><tr><td><code class="literal">unread</code></td><td>Number of unread messages</td></tr><tr><td><code class="literal">unsorted</code></td><td>Do not resort the paths</td></tr></tbody></table></div></div><br class="table-break" /></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="sidebar-see-also"></a>11.7. See Also</h3></div></div></div><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p><a class="link" href="advancedusage.html#regexp" title="2. Regular Expressions">Regular Expressions</a></p></li><li class="listitem"><p><a class="link" href="advancedusage.html#patterns" title="3. Patterns: Searching, Limiting and Tagging">Patterns</a></p></li><li class="listitem"><p><a class="link" href="configuration.html#color" title="11. Using Color and Mono Video Attributes">Color command</a></p></li></ul></div></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="compress"></a>12. Compressed Folders Feature</h2></div><div><h3 class="subtitle">Read from/write to compressed mailboxes</h3></div></div></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="compress-intro"></a>12.1. Introduction</h3></div></div></div><p> The Compressed Folder patch allows Mutt to read mailbox files that are compressed. But it isn't limited to compressed files. It works well with encrypted files, too. In fact, if you can create a program/script to convert to and from your format, then Mutt can read it. </p><p> The patch adds three hooks to Mutt: <code class="literal">open-hook</code>, <code class="literal">close-hook</code> and <code class="literal">append-hook</code>. They define commands to: uncompress a file; compress a file; append messages to an already compressed file. </p><p> There are some examples of both compressed and encrypted files, later. For now, the documentation will just concentrate on compressed files. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="compress-commands"></a>12.2. Commands</h3></div></div></div><div class="cmdsynopsis"><p><code class="command">open-hook</code> <em class="replaceable"><code>pattern</code></em> <em class="replaceable"><code>shell-command</code></em> <br /><code class="command">close-hook</code> <em class="replaceable"><code>pattern</code></em> <em class="replaceable"><code>shell-command</code></em> <br /><code class="command">append-hook</code> <em class="replaceable"><code>pattern</code></em> <em class="replaceable"><code>shell-command</code></em> </p></div><p> The shell-command must contain two placeholders for filenames: <code class="literal">%f</code> and <code class="literal">%t</code>. These represent <span class="quote">“<span class="quote">from</span>”</span> and <span class="quote">“<span class="quote">to</span>”</span> filenames. These placeholders should be placed inside single-quotes to prevent unintended shell expansions. </p><p> If you need the exact string <span class="quote">“<span class="quote">%f</span>”</span> or <span class="quote">“<span class="quote">%t</span>”</span> in your command, simply double up the <span class="quote">“<span class="quote">%</span>”</span> character, e.g. <span class="quote">“<span class="quote">%%f</span>”</span> or <span class="quote">“<span class="quote">%%t</span>”</span>. </p><div class="table"><a id="table-compress-optional"></a><p class="title"><strong>Table 6.5. Not all Hooks are Required</strong></p><div class="table-contents"><table class="table" summary="Not all Hooks are Required" border="1"><colgroup><col /><col /><col /><col /><col /></colgroup><thead><tr><th>Open</th><th>Close</th><th>Append</th><th>Effect</th><th>Useful if</th></tr></thead><tbody><tr><td>Open</td><td>-</td><td>-</td><td>Folder is readonly</td><td>The folder is just a backup</td></tr><tr><td>Open</td><td>Close</td><td>-</td><td>Folder is read/write, but the entire folder must be written if anything is changed</td><td>Your compression format doesn't support appending</td></tr><tr><td>Open</td><td>Close</td><td>Append</td><td>Folder is read/write and emails can be efficiently added to the end</td><td>Your compression format supports appending</td></tr><tr><td>Open</td><td>-</td><td>Append</td><td>Folder is readonly, but can be appended to</td><td>You want to store emails, but never change them</td></tr></tbody></table></div></div><br class="table-break" /><div class="note"><h3 class="title">Note</h3><p>The command:</p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>should return a non-zero exit status on failure</p></li><li class="listitem"><p>should not delete any files</p></li></ul></div></div><div class="sect3"><div class="titlepage"><div><div><h4 class="title"><a id="open-hook"></a>12.2.1. Read from compressed mailbox</h4></div></div></div><pre class="screen">open-hook regexp shell-command</pre><p> If Mutt is unable to open a file, it then looks for <code class="literal">open-hook</code> that matches the filename. </p><p> If your compression program doesn't have a well-defined extension, then you can use <code class="literal">.</code> as the regexp. </p><div class="example"><a id="compress-open-hook-example"></a><p class="title"><strong>Example 6.3. Example of open-hook</strong></p><div class="example-contents"><pre class="screen">open-hook '\.gz$' "gzip -cd '%f' > '%t'"</pre><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>Mutt finds a file, <span class="quote">“<span class="quote">example.gz</span>”</span>, that it can't read</p></li><li class="listitem"><p>Mutt has an <code class="literal">open-hook</code> whose regexp matches the filename: <code class="literal">\.gz$</code></p></li><li class="listitem"><p>Mutt uses the command <code class="literal">gzip -cd</code> to create a temporary file that it <span class="emphasis"><em>can</em></span> read</p></li></ul></div></div></div><br class="example-break" /></div><div class="sect3"><div class="titlepage"><div><div><h4 class="title"><a id="close-hook"></a>12.2.2. Write to a compressed mailbox</h4></div></div></div><pre class="screen">close-hook regexp shell-command</pre><p> When Mutt has finished with a compressed mail folder, it will look for a matching <code class="literal">close-hook</code> to recompress the file. This hook is <a class="link" href="optionalfeatures.html#table-compress-optional" title="Table 6.5. Not all Hooks are Required">optional</a>. </p><div class="note"><h3 class="title">Note</h3><p> If the folder has not been modified, the <code class="literal">close-hook</code> will not be called. </p></div><div class="example"><a id="compress-close-hook-example"></a><p class="title"><strong>Example 6.4. Example of close-hook</strong></p><div class="example-contents"><pre class="screen">close-hook '\.gz$' "gzip -c '%t' > '%f'"</pre><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>Mutt has finished with a folder, <span class="quote">“<span class="quote">example.gz</span>”</span>, that it opened with <code class="literal">open-hook</code></p></li><li class="listitem"><p>The folder has been modified</p></li><li class="listitem"><p>Mutt has a <code class="literal">close-hook</code> whose regexp matches the filename: <code class="literal">\.gz$</code></p></li><li class="listitem"><p>Mutt uses the command <code class="literal">gzip -c</code> to create a new compressed file</p></li></ul></div></div></div><br class="example-break" /></div><div class="sect3"><div class="titlepage"><div><div><h4 class="title"><a id="append-hook"></a>12.2.3. Append to a compressed mailbox</h4></div></div></div><pre class="screen">append-hook regexp shell-command</pre><p> When Mutt wants to append an email to a compressed mail folder, it will look for a matching <code class="literal">append-hook</code>. This hook is <a class="link" href="optionalfeatures.html#table-compress-optional" title="Table 6.5. Not all Hooks are Required">optional</a>. </p><p> Using the <code class="literal">append-hook</code> will save time, but Mutt won't be able to determine the type of the mail folder inside the compressed file. </p><p> Mutt will <span class="emphasis"><em>assume</em></span> the type to be that of the <code class="literal">$mbox_type</code> variable. Mutt also uses this type for temporary files. </p><p> Mutt will only use the <code class="literal">append-hook</code> for existing files. The <code class="literal">close-hook</code> will be used for empty, or missing files. </p><div class="note"><h3 class="title">Note</h3><p> If your command writes to stdout, it is vital that you use <code class="literal">>></code> in the <span class="quote">“<span class="quote">append-hook</span>”</span>. If not, data will be lost. </p></div><div class="example"><a id="compress-append-hook-example"></a><p class="title"><strong>Example 6.5. Example of append-hook</strong></p><div class="example-contents"><pre class="screen">append-hook '\.gz$' "gzip -c '%t' >> '%f'"</pre><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>Mutt wants to append an email to a folder, <span class="quote">“<span class="quote">example.gz</span>”</span>, that it opened with <code class="literal">open-hook</code></p></li><li class="listitem"><p>Mutt has an <code class="literal">append-hook</code> whose regexp matches the filename: <code class="literal">\.gz$</code></p></li><li class="listitem"><p>Mutt knows the mailbox type from the <code class="literal">$mbox</code> variable</p></li><li class="listitem"><p>Mutt uses the command <code class="literal">gzip -c</code> to append to an existing compressed file</p></li></ul></div></div></div><br class="example-break" /></div><div class="sect3"><div class="titlepage"><div><div><h4 class="title"><a id="compress-empty"></a>12.2.4. Empty Files</h4></div></div></div><p> Mutt assumes that an empty file is not compressed. In this situation, unset <a class="link" href="reference.html#save-empty" title="3.289. save_empty">$save_empty</a>, so that the compressed file will be removed if you delete all of the messages. </p></div><div class="sect3"><div class="titlepage"><div><div><h4 class="title"><a id="compress-security"></a>12.2.5. Security</h4></div></div></div><p> Encrypted files are decrypted into temporary files which are stored in the <a class="link" href="reference.html#tmpdir" title="3.390. tmpdir">$tmpdir</a> directory. This could be a security risk. </p></div></div></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="autocryptdoc"></a>13. Autocrypt</h2></div></div></div><p> Mutt can be compiled with Autocrypt support by running <code class="literal">configure</code> with the <code class="literal">--enable-autocrypt</code> flag. Autocrypt provides easy to use, passive protection against data collection. Keys are distributed via an <code class="literal">Autocrypt:</code> header added to emails. It does <span class="emphasis"><em>not</em></span> protect against active adversaries, and so should not be considered a substitute for normal encryption via your keyring, using key signing and the web of trust to verify identities. With an understanding of these limitations, Autocrypt still provides an easy way to minimize cleartext emails sent between common correspondents, without having to explicitly exchange keys. More information can be found at <a class="ulink" href="https://autocrypt.org/" target="_top">https://autocrypt.org/</a>. </p><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="autocryptdoc-requirements"></a>13.1. Requirements</h3></div></div></div><p> Autocrypt requires support for ECC cryptography, and Mutt by default will generate ECC keys. Therefore GnuPG 2.1 or greater is required. Additionally, Mutt's Autocrypt implementation uses GPGME and requires at least version 1.8.0. </p><p> Account and peer information is stored in a sqlite3 database, and so Mutt must be configured with the <code class="literal">--with-sqlite3</code> flag when autocrypt is enabled. </p><p> It is highly recommended Mutt be configured <code class="literal">--with-idn</code> or <code class="literal">--with-idn2</code> so that Autocrypt can properly deal with international domain names. </p><p> While Mutt uses GPGME for Autocrypt, normal keyring operations can still be performed via classic mode (i.e. with <a class="link" href="reference.html#crypt-use-gpgme" title="3.69. crypt_use_gpgme">$crypt_use_gpgme</a> unset). However, to avoid unnecessary prompts, it is recommended gpg not be configured in <code class="literal">loopback pinentry</code> mode, and that <a class="link" href="reference.html#pgp-use-gpg-agent" title="3.237. pgp_use_gpg_agent">$pgp_use_gpg_agent</a> remain set (the default). </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="autocryptdoc-init"></a>13.2. First Run</h3></div></div></div><p> To enable Autocrypt, set <a class="link" href="reference.html#autocrypt" title="3.23. autocrypt">$autocrypt</a>, and if desired change the value of <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> in your muttrc. The first time Mutt is run after that, you will be prompted to create <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a>. Mutt will then automatically create an sqlite3 database and GPG keyring in that directory. Note since these files should be considered private, Mutt will create this directory with mode <code class="literal">700</code>. If you create the directory manually, you should do the same. </p><p> Mutt recommends keeping the <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> directory set differently from your GnuPG keyring directory (e.g. <code class="literal">~/.gnupg</code>). Keys are automatically imported into the keyring from <code class="literal">Autocrypt:</code> headers. Compared to standard <span class="quote">“<span class="quote">web of trust</span>”</span> keys, Autocrypt keys are somewhat ephemeral, and the autocrypt database is used to track when keys change or fall out of use. Having these keys mixed in with your normal keyring will make it more difficult to use features such as <a class="link" href="reference.html#crypt-opportunistic-encrypt" title="3.59. crypt_opportunistic_encrypt">$crypt_opportunistic_encrypt</a> and Autocrypt at the same time. </p><p> The <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> variable is not designed to be changed while Mutt is running. The database is created (if necessary) and connected to during startup. Changing the variable can result in a situation where Mutt is looking in one place for the database and a different place for the GPG keyring, resulting in strange behavior. </p><p> Once the directory, keyring, and database are created, Mutt will ask whether you would like to create an account. In order to use Autocrypt, each sending address needs an account. As a convenience you can create an account during the first run. If you would like to add additional accounts later, this can be done via the <code class="literal"><autocrypt-acct-menu></code> function in the index, by default bound to <code class="literal">A</code>. </p><p> Account creation will first ask you for an email address. Next, it will ask whether you want to create a new key or select an existing key. (Note key selection takes place from the <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> keyring, which will normally be empty during first run). Finally, it will ask whether this address should prefer encryption or not. Autocrypt 1.1 allows automatically enabling encryption if <span class="emphasis"><em>both</em></span> sender and receiver have set <span class="quote">“<span class="quote">prefer encryption</span>”</span>. Otherwise, you will need to manually enable autocrypt encryption in the compose menu. For more details, see the compose menu section below. </p><p> After optionally creating an account, Mutt will prompt you to scan mailboxes for Autocrypt headers. This step occurs because header cached messages are not re-scanned for Autocrypt headers. Scanning during this step will temporarily disable the header cache while opening each mailbox. If you wish to do this manually later, you can simulate the same thing by unsetting <a class="link" href="reference.html#header-cache" title="3.111. header_cache">$header_cache</a> and opening a mailbox. </p><p> A final technical note: the first run process takes place between reading the muttrc and opening the initial mailbox. Some muttrc files will <a class="link" href="configuration.html#push" title="25. Adding Key Sequences to the Keyboard Buffer">push</a> macros to be run after opening the mailbox. To prevent this from interfering with the first run prompts, Mutt disables all macros during the first run. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="autocryptdoc-compose"></a>13.3. Compose Menu</h3></div></div></div><p> When enabled, Autocrypt will add a line to the compose menu with two fields: <code class="literal">Autocrypt:</code> and <code class="literal">Recommendation:</code>. </p><p> The <code class="literal">Autocrypt:</code> field shows whether the message will be encrypted by Autocrypt when sent. It has two values: <code class="literal">Encrypt</code> and <code class="literal">Off</code>. <code class="literal">Encrypt</code> can be enabled using the <code class="literal"><autocrypt-menu></code> function, by default bound to <code class="literal">o</code>. </p><p> The <code class="literal">Recommendation:</code> field shows the output of the Autocrypt recommendation engine. This can have one of five values: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> <code class="literal">Off</code> means the engine is disabled. This can happen if the From address doesn't have an autocrypt account, or if the account has been manually disabled. </p></li><li class="listitem"><p> <code class="literal">No</code> means one or more recipients are missing an autocrypt key, or the key found is unusable (i.e. expired, revoked, disabled, invalid, or not usable for encryption.) </p></li><li class="listitem"><p> <code class="literal">Discouraged</code> means a key was found for every recipient, but the engine is not confident the message will be decryptable by the recipient. This can happen if the key hasn't been used recently (compared to their last seen email). </p><p> It can also happen if the key wasn't seen first-hand from the sender. Autocrypt has a feature where recipient keys can be included in group-encrypted emails. This allows you to reply to a conversation where you don't have a key first-hand from one of the other recipients. However, those keys are not trusted as much as from first-hand emails, so the engine warns you with a <code class="literal">Discouraged</code> status. </p></li><li class="listitem"><p> <code class="literal">Available</code> means a key was found for every recipient, and the engine believes all keys are recent and seen from the recipient first hand. However, either you or one of the recipients chose not to specify <span class="quote">“<span class="quote">prefer encryption</span>”</span>. </p></li><li class="listitem"><p> <code class="literal">Yes</code> is the same as <code class="literal">Available</code>, with the addition that you and all recipients have specified <span class="quote">“<span class="quote">prefer encryption</span>”</span>. This value will automatically enable encryption, unless you have manually switched it off or enabled regular encryption or signing via the <code class="literal"><pgp-menu></code>. </p></li></ul></div><p> As mentioned above the <code class="literal"><autocrypt-menu></code> function, by default bound to <code class="literal">o</code>, can be used to change the <code class="literal">Encrypt:</code> field value. <code class="literal">(e)ncrypt</code> will toggle encryption on. <code class="literal">(c)lear</code> will toggle encryption off. If either of these are chosen, the field will remain in that state despite what the <code class="literal">Recommendation:</code> field shows. Lastly, <code class="literal">(a)utomatic</code> will set the value based on the recommendation engine's output. </p><p> Autocrypt encryption defers to normal encryption or signing. <span class="emphasis"><em>Anything</em></span> that enables normal encryption or signing will cause autocrypt encryption to turn off. The only exception is when replying to an autocrypt-encrypted email (i.e. an email decrypted from the <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> keyring). Then, if <a class="link" href="reference.html#autocrypt-reply" title="3.26. autocrypt_reply">$autocrypt_reply</a> is <span class="emphasis"><em>set</em></span>, autocrypt mode will be forced on, overriding the settings <a class="link" href="reference.html#crypt-autosign" title="3.56. crypt_autosign">$crypt_autosign</a>, <a class="link" href="reference.html#crypt-autoencrypt" title="3.54. crypt_autoencrypt">$crypt_autoencrypt</a>, <a class="link" href="reference.html#crypt-replyencrypt" title="3.65. crypt_replyencrypt">$crypt_replyencrypt</a>, <a class="link" href="reference.html#crypt-replysign" title="3.66. crypt_replysign">$crypt_replysign</a>, <a class="link" href="reference.html#crypt-replysignencrypted" title="3.67. crypt_replysignencrypted">$crypt_replysignencrypted</a>, and <a class="link" href="reference.html#crypt-opportunistic-encrypt" title="3.59. crypt_opportunistic_encrypt">$crypt_opportunistic_encrypt</a>. </p><p> When postponing a message, autocrypt will respect <a class="link" href="reference.html#postpone-encrypt" title="3.257. postpone_encrypt">$postpone_encrypt</a>, but will use the autocrypt account key to encrypt the message. Be sure to set <a class="link" href="reference.html#postpone-encrypt" title="3.257. postpone_encrypt">$postpone_encrypt</a> to ensure postponed messages marked for autocrypt encryption are encrypted. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="autocryptdoc-acctmgmt"></a>13.4. Account Management</h3></div></div></div><p> The Autocrypt Account Menu is available from the index via <code class="literal"><autocrypt-acct-menu></code>, by default bound to <code class="literal">A</code>. See <a class="link" href="reference.html#autocrypt-account-map" title="4.14. Autocrypt Account Menu">Autocrypt Account Menu</a> for the list of functions and their default keybindings. </p><p> In this menu, you can create new accounts, delete accounts, toggle an account active/inactive, and toggle the <span class="quote">“<span class="quote">prefer encryption</span>”</span> flag for an account. </p><p> Deleting an account only removes the account from the database. The GPG key is kept, to ensure you still have the ability to read past encrypted emails. </p><p> The Autocrypt 1.1 <span class="quote">“<span class="quote">Setup Message</span>”</span> feature is not available yet, but will be added in the future. </p></div><div class="sect2"><div class="titlepage"><div><div><h3 class="title"><a id="autocryptdoc-keyrings"></a>13.5. Alternative Key and Keyring Strategies</h3></div></div></div><p> Mutt by default partitions Autocrypt from normal keyring encryption/signing. It does this by using a separate GPG keyring (in <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a>) and creating a new ECC key in that keyring for accounts. There are good reasons for doing this by default. It keeps random keys found inside email headers out of your normal keyring. ECC keys are compact and better suited for email headers. Autocrypt key selection is completely different from <span class="quote">“<span class="quote">web of trust</span>”</span> key selection, based on last-seen rules as opposed to trust and validity. It also allows Mutt to distinguish Autocrypt encrypted emails from regular encrypted emails, and set the mode appropriately when replying to each type of email. </p><p> Still, some users may want to use an existing key from their normal keyring for Autocrypt too. There are two ways this can be accomplished. The <span class="emphasis"><em>recommended</em></span> way is to set <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> to your normal keyring directory (e.g. <code class="literal">~/.gnupg</code>). During account creation, choosing <span class="quote">“<span class="quote">(s)elect existing GPG key</span>”</span> will then list and allow selecting your existing key for the new account. </p><p> An alternative is to copy your key over to the Autocrypt keyring, but there is a severe downside. Mutt <span class="emphasis"><em>first</em></span> tries to decrypt messages using the Autocrypt keyring, and if that fails tries the normal keyring second. This means all encrypted emails to that key will be decrypted, and have signatures verified from, the Autocrypt keyring. Keys signatures and web of trust from your normal keyring will no longer show up in signatures when decrypting. </p><p> For that reason, if you want to use an existing key from your normal keyring, it is recommended to just set <a class="link" href="reference.html#autocrypt-dir" title="3.25. autocrypt_dir">$autocrypt_dir</a> to <code class="literal">~/.gnupg</code>. This allows <span class="quote">“<span class="quote">web of trust</span>”</span> to show an appropriate signature message for verified messages. Autocrypt header keys will be imported into your keyring, but if you don't want them mixed you should strongly consider using a separate autocrypt key and keyring instead. </p><p> Both methods have a couple additional caveats: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> Replying to an Autocrypt decrypted message by default forces Autocrypt mode on. By sharing the same key, all replies will then start in Autocrypt mode, even if a message wasn't sent by one of your Autocrypt peers. <a class="link" href="reference.html#autocrypt-reply" title="3.26. autocrypt_reply">$autocrypt_reply</a> can be <span class="emphasis"><em>unset</em></span> to allow manual control of the mode when replying. </p></li><li class="listitem"><p> When Mutt creates an account from a GPG key, it exports the public key, base64 encodes it, and stores that value in the sqlite3 database. The value is then used in the Autocrypt header added to outgoing emails. The ECC keys Mutt creates don't change, but if you use external keys that expire, when you resign to extend the expiration you will need to recreate the Autocrypt account using the <a class="link" href="optionalfeatures.html#autocryptdoc-acctmgmt" title="13.4. Account Management">account menu</a>. Otherwise the Autocrypt header will contain the old expired exported keydata. </p></li></ul></div></div></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="mimesupport.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="security.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 5. Mutt's MIME Support </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 7. Security Considerations</td></tr></table></div></body></html>
Close
