Hi Patrick, On Thu, Aug 16, 2012 at 09:10:18PM +0200, Patrick Ben Koetter wrote: > * martin f krafft <madd...@madduck.net>: > > also sprach Patrick Ben Koetter <p...@state-of-mind.de> [2012.08.16.2044 > > +0200]: > > > Putting passwords in configs isn't something I like, so > > > I pull them from the Gnome keyring: > > > > Not a bad idea, but now an attacker with access to the filesystem > > doesn't have to run 'cat ~/.muttrc' but 'gnome-keyring-query get mutt' > > instead. > > If mutt can use a TLS client certificate, you can use that to auth against > Dovecot.
Do you have a running setup that can use password and cert for one user? (e.g. via password for the webmail, and certificate for the MUA). Thanks, Andre -- Andre Klärner Telefon: 0351/79666546 Fax: 0351/79688547 Mobil: 0172/9838653
smime.p7s
Description: S/MIME cryptographic signature