Is there an MTA that can store TLS authentication details securely?

2

I'm setting up my email client (mutt) on a new laptop (running Mac OSX Lion). I want to use SMTP with TLS for sending email. Searching for SMTP+Mutt+TLS reveals that Mutt's inbuilt secure SMTP stuff is vulnerable to man-in-the-middle attacks. That's okay as I can use an external MTA to send the mail. However, as I want to use TLS then I need to provide it with a username and password. Trouble is, if I want to have that done automatically then all the MTAs I've looked at so far (such as postfix) seem to store the password in an easily accessible manner (well, in a manner a bit too plain for my paranoid liking).

So my question is: Is there an MTA with SMTP+TLS support which can store the password in a secure manner?

Loop Space

Posted 2012-06-12T08:35:30.740

Reputation: 123

How can it be stored "securely" if the client must know the plaintext? – user1686 – 2012-06-12T08:44:44.533

@grawity I don't know much about how SMTP+TLS authentication works - does the client send the password in plaintext? How do programs like Thunderbird or OSX's Mail store the password securely? – Loop Space – 2012-06-12T08:48:07.823

Answers

1

The msmtp MTA can store credentials in OS X Keychain, if it was compiled with --with-macosx-keyring option. (See, for example, msmtp on MacPorts.)

To use this functionality, create a keychain item named smtp://<smtp-host> of kind "Internet password" (replacing <smtp-host> with your SMTP server's address):

    Name: smtp.freemail.example
    Kind: Internet password
 Account: joe.smith
   Where: smtp://smtp.freemail.example

user1686

Posted 2012-06-12T08:35:30.740

Reputation: 283 655

This works just great! Thank you very much for figuring out what I wanted. – Loop Space – 2012-06-12T17:35:29.073

Asked: 2012-06-12T08:35:30.740

Viewed: 123 times

Active: 2012-06-12T08:51:19.907