> >>> Is my password to my email account or my email address stored >>> anywhere? >> >> The password can (not must) be stored in the Mac OS X keychain. >> >>> Or sent anywhere? >> >> MailMate is not "cloud" - so except the mail server itself I assume it >> stays on your machine. >> >>> Is there any assurance of that? >> >> I hope Benny will answer your mail too and back me up :-)
> I back you up. Only thing to add is that one should make sure that SSL > is always enabled such that a password is never sent to the IMAP/SMTP > server in plain text. Note that most proper email servers wouldn't even > allow non-SSL connections. Is there a Privacy Policy shown during the installation by chance? -- Daniel On Jan 17, 2018, at 7:44 AM, [email protected] wrote: Send mailmate mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit https://lists.freron.com/listinfo/mailmate or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of mailmate digest..." Today's Topics: 1. forwarding HTML emails (Tracy Valleau) 2. Re: forwarding HTML emails (Bill Cole) 3. Security (uncat) 4. Re: Security (Fabian Blechschmidt) 5. Re: Security (Jan Erik =?utf-8?q?Mostr=C3=B6m?=) 6. Re: forwarding HTML emails (Benny Kjær Nielsen) 7. Re: Security (Benny Kjær Nielsen) 8. Re: Security (Steven M. Bellovin) 9. Re: How to get rid of a bad email address (Annamarie) 10. Re: Security (Benny Kjær Nielsen) ---------------------------------------------------------------------- Message: 1 Date: Tue, 16 Jan 2018 15:00:28 -0800 From: "Tracy Valleau" <[email protected]> To: [email protected] Subject: [MlMt] forwarding HTML emails Message-ID: <[email protected]> Content-Type: text/plain; charset="utf-8"; Format="flowed" Hello Do I take it that forwarding HTML emails can still only be done via attachment? If so, I'm curious as to why, technically. Since MM can show HTML emails now, why can't it (just) forward them? Tracy www.valleau.art -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.freron.com/pipermail/mailmate/attachments/20180116/791db7a4/attachment-0001.html> ------------------------------ Message: 2 Date: Wed, 17 Jan 2018 00:02:56 -0500 From: "Bill Cole" <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] forwarding HTML emails Message-ID: <[email protected]> Content-Type: text/plain; format=flowed On 16 Jan 2018, at 18:00 (-0500), Tracy Valleau wrote: > Hello > Do I take it that forwarding HTML emails can still only be done via > attachment? Not if you're using the 2.0BETA series, which has a plethora of controls for perpetuating a bad idea in the Composer panel of the Preferences... > If so, I'm curious as to why, technically. Since MM can show HTML > emails now, When couldn't it? I adopted MM circa v1.5 and my first pestering of Benny was to work out how to make it easier to config MM to only render HTML when absolutely needed. > why can't it (just) forward them? This is fundamentally problematic because "just forward them" does not have a well-defined technical meaning other than embedding the full original message as an attachment. If you want something else, I *THINK* the MM options for tweaking HTML forwarding should give you something you can live with. -- Bill Cole [email protected] or [email protected] (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Currently Seeking Steady Work: https://linkedin.com/in/billcole ------------------------------ Message: 3 Date: Tue, 16 Jan 2018 23:27:00 -0800 From: uncat <[email protected]> To: [email protected] Subject: [MlMt] Security Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii Hi, I'm interested in trying out MailMate. Questions: Is my password to my email account or my email address stored anywhere? Or sent anywhere? Is there any assurance of that? -- Daniel ------------------------------ Message: 4 Date: Wed, 17 Jan 2018 08:33:57 +0100 From: "Fabian Blechschmidt" <[email protected]> To: [email protected], "MailMate Users" <[email protected]> Subject: Re: [MlMt] Security Message-ID: <[email protected]> Content-Type: text/plain; format=flowed On 17 Jan 2018, at 8:27, uncat wrote: > Hi, > > I'm interested in trying out MailMate. Questions: Is my password to my > email account or my email address stored anywhere? Or sent anywhere? > Is there any assurance of that? > > -- > Daniel Hi Daniel, I'm only a user, so this answer are only observation - I have no access to the code. > Is my password to my email account or my email address stored > anywhere? The password can (not must) be stored in the Mac OS X keychain. > Or sent anywhere? MailMate is not "cloud" - so except the mail server itself I assume it stays on your machine. > Is there any assurance of that? I hope Benny will answer your mail too and back me up :-) ------------------------------ Message: 5 Date: Wed, 17 Jan 2018 10:05:29 +0100 From: "Jan Erik =?utf-8?q?Mostr=C3=B6m?=" <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] Security Message-ID: <[email protected]> Content-Type: text/plain; format=flowed On 17 Jan 2018, at 8:33, Fabian Blechschmidt wrote: > Or sent anywhere? > > > MailMate is not "cloud" - so except the mail server itself I assume it > stays on your machine. Except for the obvious thing of logging in to the mail server to validate that you is you. = jem ------------------------------ Message: 6 Date: Wed, 17 Jan 2018 11:49:04 +0100 From: "Benny Kjær Nielsen" <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] forwarding HTML emails Message-ID: <[email protected]> Content-Type: text/plain; format=flowed On 17 Jan 2018, at 6:02, Bill Cole wrote: >> why can't it (just) forward them? > > This is fundamentally problematic because "just forward them" does not > have a well-defined technical meaning other than embedding the full > original message as an attachment. If you want something else, I > *THINK* the MM options for tweaking HTML forwarding should give you > something you can live with. Yes, both 1.10 and 2.0BETA has the ability to embed the original HTML when needed. This is very similar to what other email clients do except for the fact that you cannot edit the HTML. If you try then MailMate tells you that it'll convert it to plain text first. It's very tricky (for all email clients) to embed HTML, because HTML wasn't designed for this purpose. MailMate uses an external CSS inliner (Premailer) to work around most of these problems, but as previously discussed on this list then this can be slow at times. (The problem of embedding HTML is even bigger for webmail clients.) -- Benny https://freron.com/become_a_mailmate_patron/ ------------------------------ Message: 7 Date: Wed, 17 Jan 2018 11:51:33 +0100 From: "Benny Kjær Nielsen" <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] Security Message-ID: <[email protected]> Content-Type: text/plain; format=flowed On 17 Jan 2018, at 8:33, Fabian Blechschmidt wrote: >> Is my password to my email account or my email address stored >> anywhere? > > The password can (not must) be stored in the Mac OS X keychain. > >> Or sent anywhere? > > MailMate is not "cloud" - so except the mail server itself I assume it > stays on your machine. > >> Is there any assurance of that? > > I hope Benny will answer your mail too and back me up :-) I back you up. Only thing to add is that one should make sure that SSL is always enabled such that a password is never sent to the IMAP/SMTP server in plain text. Note that most proper email servers wouldn't even allow non-SSL connections. -- Benny https://freron.com/become_a_mailmate_patron/ ------------------------------ Message: 8 Date: Wed, 17 Jan 2018 08:06:11 -0500 From: "Steven M. Bellovin" <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] Security Message-ID: <[email protected]> Content-Type: text/plain; charset=utf-8; format=flowed On 17 Jan 2018, at 5:51, Benny Kjær Nielsen wrote: > On 17 Jan 2018, at 8:33, Fabian Blechschmidt wrote: > >>> Is my password to my email account or my email address stored >>> anywhere? >> >> The password can (not must) be stored in the Mac OS X keychain. >> >>> Or sent anywhere? >> >> MailMate is not "cloud" - so except the mail server itself I assume >> it stays on your machine. >> >>> Is there any assurance of that? >> >> I hope Benny will answer your mail too and back me up :-) > > I back you up. Only thing to add is that one should make sure that SSL > is always enabled such that a password is never sent to the IMAP/SMTP > server in plain text. Note that most proper email servers wouldn't > even allow non-SSL connections. > What authentication options that don't involve sending passwords does MailMate support? Is there a way to configure MM to use only one of these safer options if available? I know that I use it with an IMAP server that only supports CRAM-MD5 and DIGEST-MD5. There are others possible, such as client-side certificates. (To the original querier: if you control your IMAP server, disable plaintext password logins.) --Steve Bellovin, https://www.cs.columbia.edu/~smb ------------------------------ Message: 9 Date: Wed, 17 Jan 2018 09:19:54 -0500 From: Annamarie <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] How to get rid of a bad email address Message-ID: <[email protected]> Content-Type: text/plain; charset="utf-8"; Format="flowed" Many thanks! Proving once again that the answer is a keystroke away. : ) Annamarie Annamarie Pluhar 802-451-1941 802-579-5975 (iPhone - not good when I'm at my desk.) On 16 Jan 2018, at 10:17, John Cooper wrote: > Annamarie wrote (at 6:31 on 16 Jan 2018): > >> So I have three emails I've sent out that misspell the address...MM >> annoyingly finds the misspelled one and uses it. I know I can fix >> this by deleting the misaddressed emails in my Sent Folder BUT I need >> the record of what I've sent so I don't want to delete them. >> >> What can I do to stop MM from using the bad one - beside paying close >> attention to it? > > I haven't personally tested these methods, but based on my > understanding of MailMate you have two methods from which to choose: > > 1. Move the misaddressed messages out of your Sent folder and into > another folder. > 2. Blacklist the incorrect addresses: > > a. Open a message that contains an incorrect address. > b. Right-click the address you want to tell MailMate not to use. > c. Click **Add "<address>" to Blacklist.** > > John > _______________________________________________ > mailmate mailing list > [email protected] > https://lists.freron.com/listinfo/mailmate -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.freron.com/pipermail/mailmate/attachments/20180117/07bff5d9/attachment-0001.html> ------------------------------ Message: 10 Date: Wed, 17 Jan 2018 16:44:20 +0100 From: "Benny Kjær Nielsen" <[email protected]> To: "MailMate Users" <[email protected]> Subject: Re: [MlMt] Security Message-ID: <[email protected]> Content-Type: text/plain; charset="utf-8"; Format="flowed" On 17 Jan 2018, at 14:06, Steven M. Bellovin wrote: > What authentication options that don't involve sending passwords does > MailMate support? Is there a way to configure MM to use only one of > these safer options if available? I know that I use it with an IMAP > server that only supports CRAM-MD5 and DIGEST-MD5. MailMate only supports `CRAM-MD5`. It can be forced to only use this by editing `Sources.plist` (and `Submission.plist`) to include this for each account: authMechanism = 'CRAM-MD5'; (`XOAUTH` is also supported for Gmail/Outlook.) The only real reason for the lack of support of other mechanisms is that I implemented it myself instead of using a library which probably supports more methods (I haven't checked recently). Also, most of the servers I have access to only support very few authentication methods. They don't even support `CRAM-MD5`. -- Benny https://freron.com/become_a_mailmate_patron/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.freron.com/pipermail/mailmate/attachments/20180117/2e8b7f22/attachment.html> ------------------------------ Subject: Digest Footer _______________________________________________ mailmate mailing list [email protected] https://lists.freron.com/listinfo/mailmate ------------------------------ End of mailmate Digest, Vol 82, Issue 15 **************************************** _______________________________________________ mailmate mailing list [email protected] https://lists.freron.com/listinfo/mailmate
