2
I'm setting up my email client (mutt) on a new laptop (running Mac OSX Lion). I want to use SMTP with TLS for sending email. Searching for SMTP+Mutt+TLS reveals that Mutt's inbuilt secure SMTP stuff is vulnerable to man-in-the-middle attacks. That's okay as I can use an external MTA to send the mail. However, as I want to use TLS then I need to provide it with a username and password. Trouble is, if I want to have that done automatically then all the MTAs I've looked at so far (such as postfix) seem to store the password in an easily accessible manner (well, in a manner a bit too plain for my paranoid liking).
So my question is: Is there an MTA with SMTP+TLS support which can store the password in a secure manner?
How can it be stored "securely" if the client must know the plaintext? – user1686 – 2012-06-12T08:44:44.533
@grawity I don't know much about how SMTP+TLS authentication works - does the client send the password in plaintext? How do programs like Thunderbird or OSX's Mail store the password securely? – Loop Space – 2012-06-12T08:48:07.823