2 .\" ** The above line should force tbl to be used as a preprocessor **
4 .\" Man page for fetchmail
6 .\" For license terms, see the file COPYING in this directory.
9 fetchmail \- fetch mail from a POP, IMAP, or ETRN-capable server
12 \fBfetchmail\fR [\fIoptions\fR] [\fImailserver...\fR]
16 is a mail-retrieval and forwarding utility; it fetches
17 mail from remote mailservers and forwards it to your local (client)
18 machine's delivery system. You can then handle the retrieved mail
19 using normal mail user agents such as \fIelm\fR(1) or \fIMail\fR(1).
20 The \fBfetchmail\fR utility can be run in a daemon mode to repeatedly
21 poll one or more systems at a specified interval.
25 program can gather mail from servers supporting any of the common
26 mail-retrieval protocols: POP2, POP3, IMAP2bis, and IMAP4. It can
27 also use the ESMTP ETRN extension. (The RFCs describing all these
28 protocols are listed at the end of this document.)
32 is primarily intended to be used over on-demand TCP/IP links (such as
33 SLIP or PPP connections), it may also be useful as a message transfer
34 agent for sites which refuse for security reasons to permit
35 (sender-initiated) SMTP transactions with sendmail.
37 As each message is retrieved \fIfetchmail\fR normally delivers it via SMTP to
38 port 25 on the machine it is running on (localhost), just as though it
39 were being passed in over a normal TCP/IP link. The mail will then be
40 delivered locally via your system's MDA (Mail Delivery Agent, usually
41 \fIsendmail\fR(8) but your system may use a different one such
42 as \fIsmail\fR, \fImmdf\fR, or \fIqmail\fR). All the delivery-control
43 mechanisms (such as \fI.forward\fR files) normally available through
44 your system MDA and local delivery agents will therefore work.
48 is controlled by command-line options and a run control file,
49 \fI~/.fetchmailrc\fR, the syntax of which we describe below. Command-line
54 Each server name that you specify following the options on the
55 command line will be queried. If you don't specify any servers
56 on the command line, each server in your
60 To facilitate the use of
62 In scripts, pipelines, etc., it returns an appropriate exit code upon
63 termination -- see EXIT CODES below.
66 The following options modify the behavior of \fIfetchmail\fR. It is
67 seldom necessary to specify any of these once you have a
68 working \fI.fetchmailrc\fR file set up.
70 Almost all options have a corresponding keyword which can be used to
75 Some special options are not covered here, but are documented insttead
76 in sections on AUTHENTICATION and DAEMON MODE which follows.
80 Displays the version information for your copy of
82 No mail fetch is performed.
83 Instead, for each server specified, all option information
84 that would be computed if
86 were connecting to that server is displayed. Any non-printables in
87 passwords or other string names are shown as backslashed C-like
88 escape sequences. This option is useful for verifying that your
89 options are set the way you want them.
92 Return a status code to indicate whether there is mail waiting,
93 without actually fetching or deleting mail (see EXIT CODES below).
94 This option turns off daemon mode (in which it would be useless). It
95 doesn't play well with queries to multiple sites, and doesn't work
96 with ETRN. It will return a false positive if you leave read but
97 undeleted mail in your server mailbox and your fetch protocol can't
98 tell kept messages from new ones. This means it will work with IMAP,
99 not work with POP2, and may occasionally flake out under POP3.
102 Silent mode. Suppresses all progress/status messages that are normally
103 echoed to standard error during a fetch. The --verbose option
107 Verbose mode. All control messages passed between
109 and the mailserver are echoed to stderr. Overrides --silent.
114 Retrieve both old (seen) and new messages from the mailserver. The
115 default is to fetch only messages the server has not marked seen.
116 Note that POP2 retrieval behaves as though --all is always on (see
117 RETRIEVAL FAILURE MODES below) and this option does not work with ETRN.
121 Keep retrieved messages on the remote mailserver. Normally, messages
122 are deleted from the folder on the mailserver after they have been retrieved.
125 option causes retrieved messages to remain in your folder on the
126 mailserver. This option does not work with ETRN.
130 Delete retrieved messages from the remote mailserver. This
131 option forces retrieved mail to be deleted. It may be useful if
132 you have specified a default of \fBkeep\fR in your
133 \&\fI.fetchmailrc\fR. This option is forced on with ETRN.
136 POP3/IMAP only. Delete old (previously retrieved) messages from the mailserver
137 before retrieving new messages. This option does not work with ETRN.
138 Warning: if your local MTA hangs and fetchmail is aborted, the next
139 time you run fetchmail, it will delete mail that was never delivered to you.
140 What you probably want is the default setting: if you don't specify `-k', then
141 fetchmail will automatically delete messages after successful delivery.
142 .SS Protocol and Query Options
144 .B \-p, \--protocol proto
145 (Keyword: proto[col])
146 Specify the protocol to used when communicating with the remote
147 mailserver. If no protocol is specified,
149 will try each of the supported protocols in turn, terminating after
150 any successful attempt.
152 may be one of the following:
155 Post Office Protocol 2
157 Post Office Protocol 3
159 Use POP3 with MD5 authentication.
161 Use POP3 with RPOP authentication.
163 Use POP3 with Kerberos V4 authentication on port 1109.
165 IMAP2bis, IMAP4, or IMAP4rev1 (\fIfetchmail\fR autodetects their capabilities).
167 IMAP4, or IMAP4rev1 (\fIfetchmail\fR autodetects their capabilities)
168 with RFC 1731 Kerberos v4 authentication.
170 IMAP4, or IMAP4rev1 (\fIfetchmail\fR autodetects their capabilities)
171 with RFC 1731 GSSAPI authentication.
173 Use the ESMTP ETRN option.
175 All these alternatives work in basically the same way (communicating
176 with standard server daemons to fetch mail already delivered to a
177 mailbox on the server) except ETRN. The ETRN mode allows you to ask a
178 compliant ESMTP server (such as BSD sendmail at release 8.8.0 or
179 higher) to immediately open a sender-SMTP connection to your
180 client machine and begin forwarding any items addressed to your client
181 machine in the server's queue of undelivered mail.
185 Force UIDL use (effective only with POP3). Force client-side tracking
186 of `newness' of messages (UIDL stands for ``unique ID listing'' and is
187 described in RFC1725). Use with `keep' to use a mailbox as a baby
188 news drop for a group of users.
192 The option permits you to specify a TCP/IP port to connect on.
193 This option will seldom be necessary as all the supported protocols have
194 well-established default port numbers.
196 .B \-r folder, --folder folder
198 Causes a specified non-default mail folder on the mailserver (or
199 comma-separated list of folders) to be retrieved. The syntax of the
200 folder name is server-dependent. This option is not available under
202 .SS Delivery Control Options
204 .B \-S host, --smtphost host
205 (Keyword: smtp[host])
206 Specify a hunt list of hosts to forward mail to (one or more
207 hostnames, comma-separated). In ETRN mode, set the host that the
208 mailserver is asked to ship mail to. Hosts are tried in list order;
209 the first one that is up becomes the forwarding or ETRN target for the
214 You can force mail to be passed to an MDA directly (rather than
215 forwarded to port 25) with the -mda or -m option. If \fIfetchmail\fR
216 is running as root, it sets its userid to that of the target user
217 while delivering mail through an MDA. Some possible MDAs are
218 "/usr/sbin/sendmail -oem", "/usr/lib/sendmail -oem",
219 "/usr/bin/formail", and "/usr/bin/deliver". Local delivery addresses
220 will be inserted into the MDA command wherever you place a %T; the
221 mail message's From address will be inserted where you place an %F. Do
222 \fInot\fR use an MDA invocation like
223 "sendmail -oem -t" that dispatches on the contents of To/Cc/Bcc, it
224 will create mail loops and bring the just wrath of many postmasters
226 .SS Resource Limit Control Options
230 Takes a maximum octet size argument. Messages larger than this size
231 will not be fetched, not be marked seen, and will be left on the
232 server (in foreground sessions, the progress messages will note that
233 they are "oversized"). An explicit --limit of 0 overrides any limits set
234 in your run control file. This option is intended for those needing to
235 strictly control fetch time in interactive mode. It may not be used
236 with daemon mode, as users would never receive a notification that
237 messages were waiting. This option does not work with ETRN.
240 (Keyword: batchlimit)
241 Specify the maximum number of messages that will be shipped to an SMTP
242 listener before the connection is deliberately torn down and rebuilt
243 (defaults to 0, meaning no limit). An explicit --batchlimit of 0
244 overrides any limits set in your run control file. While
245 \fBsendmail\fR(8) normally initiates delivery of a message immediately
246 after receiving the message terminator, some SMTP listeners are not so
247 prompt. MTAs like \fIqmail\fR(8) and \fIsmail\fR(8) may wait till the
248 delivery socket is shut down to deliver. This may produce annoying
251 is processing very large batches. Setting the batch limit to some
252 nonzero size will prevent these delays.
253 This option does not work with ETRN.
256 (Keyword: fetchlimit)
257 Limit the number of messages accepted from a given server in a single
258 poll. By default there is no limit. An explicit --fetchlimit of 0
259 overrides any limits set in your run control file.
260 This option does not work with ETRN.
264 When talking to an IMAP server,
266 normally issues an EXPUNGE command after each deletion in order to
267 force the deletion to be done immediately. This is safest when your
268 connection to the server is flaky and expensive, as it avoids
269 resending duplicate mail after a line hit. However, on large
270 mailboxes the overhead of re-indexing after every message can slam the
271 server pretty hard, so if your connection is reliable it is good to do
272 expunges less frequently. If you specify this option to an integer N,
275 to only issue expunges on every Nth delete. An argument
276 of zero suppresses expunges entirely (so no expunges at all will be
277 done until the end of run).
278 This option does not work with ETRN, POP2, or POP3.
279 .SS Authentication Options
281 .B \-u name, --username name
282 (Keyword: user[name])
283 Specifies the user identification to be used when logging in to the mailserver.
284 The appropriate user identification is both server and user-dependent.
285 The default is your login name on the client machine that is running
287 See USER AUTHENTICATION below for a complete description.
289 .B \-I specification, --interface specification
291 Require that a specific interface device be up and have a specific local
292 IP address (or range) before polling. Frequently
294 is used over a transient point-to-point TCP/IP link established directly
295 to a mailserver via SLIP or PPP. That is a relatively secure channel.
296 But when other TCP/IP routes to the mailserver exist (e.g. when the link
297 is connected to an alternate ISP), your username and password may be
298 vulnerable to snooping (especially when daemon mode automatically polls
299 for mail, shipping a clear password over the net at predictable
300 intervals). The --interface option may be used to prevent this. When
301 the specified link is not up or is not connected to a matching IP
302 address, polling will be skipped. The format is:
304 interface/iii.iii.iii.iii/mmm.mmm.mmm.mmm
306 The field before the first slash is the interface name (i.e. sl0, ppp0
307 etc.). The field before the second slash is the acceptable IP address.
308 The field after the second slash is a mask which specifies a range of
309 IP addresses to accept. If no mask is present 255.255.255.255 is
310 assumed (i.e. an exact match). This option is currently only supported
313 .B \-M interface, --monitor interface
315 Daemon mode can cause transient links which are automatically taken down
316 after a period of inactivity (e.g. PPP links) to remain up
317 indefinitely. This option identifies a system TCP/IP interface to be
318 monitored for activity. After each poll interval, if the link is up but
319 no other activity has occurred on the link, then the poll will be
320 skipped. This option is currently only supported under Linux.
323 (Keyword: auth[enticate])
324 This option permits you to specify a preauthentication type (see USER
325 AUTHENTICATION below for details). The possible values are
326 \&`\fBpassword\fR' and `\fBkerberos\fR' (or, for excruciating
327 exactness, `\fBkerberos_v4\fR'). This option is provided
328 primarily for developers; choosing KPOP protocol automatically selects
329 Kerberos preauthentication, and all other alternatives use
330 password authentication (though APOP uses a generated one-time
331 key as the password and IMAP-K4 uses RFC1731 Kerberos v4 authentication).
332 This option does not work with ETRN.
333 .SS Miscellaneous Options
335 .B \-f pathname, --fetchmailrc pathname
336 Specify a non-default name for the
338 run control file. Unless the --version option is also on, the file must have
339 permissions no more open than 0600 (u=rw,g=,o=) or else be /dev/null.
341 .B \-i pathname, --idfile pathname
342 Specify an alternate name for the .fetchids file used to save POP3
346 (Keyword: no rewrite)
349 edits RFC-822 address headers (To, From, Cc, Bcc, and Reply-To) in
350 fetched mail so that any mail IDs local to the server are expanded to
351 full addresses (@ and the mailserver hostname are appended). This enables
352 replies on the client to get addressed correctly (otherwise your
353 mailer might think they should be addressed to local users on the
354 client machine!). This option disables the rewrite. (This option is
355 provided to pacify people who are paranoid about having an MTA edit
356 mail headers and want to know they can prevent it, but it is generally
357 not a good idea to actually turn off rewrite.)
358 When using ETRN, the rewrite option is ineffective.
362 This option changes the header
364 assumes will carry a copy of the mail's envelope address. Normally
365 this is `X-Envelope-To' but as this header is not standard, practice
366 varies. See the discussion of multidrop address handling below. As a
367 special case, `envelope "Received"' enables parsing of sendmail-style
368 Received lines. This is the default, and it should not be necessary
369 unless you have globally disabled Received parsing with `no envelope'
370 in the \fI.fetchmailrc\fR file.
374 The string assigned to this option will be removed from the user
375 name found in the header specified with the \fIenvelope\fR option.
376 This option is useful if you are using
378 to collect the mail for an entire domain and your ISP (or your mail
379 redirection provider) is using qmail.
380 One of the basic features of qmail is the
384 message header. Whenever qmail delivers a message to a local mailbox
385 it puts the username and hostname of the envelope recipient on this
386 line. The major reason for this is to prevent mail loops. To set up
387 qmail to batch mail for a disconnected site the ISP-mailhost will have
388 normally put that site in its `Virtualhosts' control file so it will
389 add a prefix to all mail addresses for this site. This results in mail
390 sent to 'username@userhost.userdom.dom.com' having a
391 \&`Delivered-To:' line of the form:
393 Delivered-To: mbox-userstr-username@userhost.userdom.dom.com
395 The ISP can make the 'mbox-userstr-' prefix anything they choose
396 but a string matching the user host name is likely.
397 By using the option `envelope Delivered-To:' you can make fetchmail reliably
398 identify the original envelope recipient, but you have to strip the
399 `mbox-userstr-' prefix to deliver to the correct user.
400 This is what this option is for.
402 .SH USER AUTHENTICATION
403 Every mode except ETRN requires authentication of the client.
404 Normal user authentication in
406 is very much like the authentication mechanism of
408 The correct user-id and password depend upon the underlying security
409 system at the mailserver.
411 If the mailserver is a Unix machine on which you have an ordinary user
412 account, your regular login name and password are used with
414 If you use the same login name on both the server and the client machines,
415 you needn't worry about specifying a user-id with the
418 the default behavior is to use your login name on the client machine as the
419 user-id on the server machine. If you use a different login name
420 on the server machine, specify that login name with the
422 option. e.g. if your login name is 'jsmith' on a machine named 'mailgrunt',
427 fetchmail -u jsmith mailgrunt
429 The default behavior of
431 is to prompt you for your mailserver password before the connection is
432 established. This is the safest way to use
434 and ensures that your password will not be compromised. You may also specify
435 your password in your
437 file. This is convenient when using
439 in daemon mode or with scripts.
441 If you do not specify a password, and
443 cannot extract one from your
445 file, it will look for a
447 file in your home directory before requesting one interactively; if an
448 entry matching the mailserver is found in that file, the password will
451 man page for details of the syntax of the
453 file. (This feature may allow you to avoid duplicating password
454 information in more than one file.)
456 On mailservers that do not provide ordinary user accounts, your user-id and
457 password are usually assigned by the server administrator when you apply for
458 a mailbox on the server. Contact your server administrator if you don't know
459 the correct user-id and password for your mailbox account.
461 Early versions of POP3 (RFC1081, RFC1225) supported a crude form of
462 independent authentication using the
464 file on the mailserver side. Under this RPOP variant, a fixed
465 per-user ID equivalent to a password was sent in clear over a link to
466 a reserved port, with the command RPOP rather than PASS to alert the
467 server that it should do special checking. RPOP is supported
470 (you can specify `protocol RPOP' to have the program send `RPOP'
471 rather than `PASS') but its use is strongly discouraged. This
472 facility was vulnerable to spoofing and was withdrawn in RFC1460.
474 RFC1460 introduced APOP authentication. In this variant of POP3,
475 you register an APOP password on your server host (the program
476 to do this with on the server is probably called \fIpopauth\fR(8)). You
477 put the same password in your
481 logs in, it sends a cryptographically secure hash of your password and
482 the server greeting time to the server, which can verify it by
483 checking its authorization database.
485 If your \fIfetchmail\fR was built with Kerberos support and you specify
486 Kerberos preauthentication (either with --auth or the \fI.fetchmailrc\fR
487 option \fBauthenticate kerberos_v4\fR) it will try to get a Kerberos
488 ticket from the mailserver at the start of each query.
490 If you use IMAP-K4, \fIfetchmail\fR will expect the IMAP server to have
491 RFC1731-conformant AUTHENTICATE KERBEROS_V4 capability, and will use it.
493 If you use IMAP-GSS, \fIfetchmail\fR will expect the IMAP server to have
494 RFC1731-conformant AUTHENTICATE GSSAPI capability, and will use it.
495 Currently this has only been tested over Kerberos V, so you're expected
496 to already have a ticket-granting ticket. You may pass a username different
497 from your principal name using the standard \fB--user\fR command or by
498 the \fI.fetchmailrc\fR option \fBuser\fR.
500 If you are using POP3, and the server issues a one-time-password
501 challenge conforming to RFC1938, \fIfetchmail\fR will use your
502 password as a pass phrase to generate the required response. This
503 avoids sending secrets over the net unencrypted.
505 Compuserve's RPA authentication (similar to APOP) is supported. If
506 you are using POP3, and the RPA code has been compiled into your
507 binary, and you query a server in the Compuserve csi.com domain,
508 \fIfetchmail\fR will try to perform an RPA pass-phrase authentication
509 instead of sending over the password en clair.
518 in daemon mode. You must specify a numeric argument which is a
519 polling interval in seconds.
523 puts itself in background and runs forever, querying each specified
524 host and then sleeping for the given polling interval.
530 will, therefore, poll all the hosts described in your
532 file (except those explicitly excluded with the `skip' verb) once
533 every fifteen minutes.
535 It is possible to set a polling interval
538 file by saying `set daemon <interval>', where <interval> is an
539 integer number of seconds. If you do this, fetchmail will always
540 start in daemon mode unless you override it with the command-line
541 option --daemon 0 or -d0.
543 Only one daemon process is permitted per user; in daemon mode,
545 makes a per-user lockfile to guarantee this.
547 Normally, calling fetchmail with a daemon in the background sends a
548 wakeup signal to the daemon, forcing it to poll mailservers
549 immediately. (The wakeup signal is SIGHUP if fetchmail is running as
550 root, SIGUSR1 otherwise.)
554 will kill a running daemon process instead of waking it up (if there
557 notifies you). If the --quit option is the only command-line option,
558 that's all there is to it.
560 The quit option may also be mixed with other command-line options; its
561 effect is to kill any running daemon before doing what the other
562 options specify in combination with the rc file.
568 option (keyword: timeout) allows you to set a server-nonresponse
569 timeout in seconds. If a mailserver does not send a greeting message
570 or respond to commands for the given number of seconds,
571 \fIfetchmail\fR will hang up on it. Without such a timeout
572 \fIfetchmail\fR might hang up indefinitely trying to fetch mail from a
573 down host. This would be particularly annoying for a \fIfetchmail\fR
574 running in background. There is a default timeout which fetchmail -V
581 option (keyword: set logfile) allows you to redirect status messages
582 emitted while detached into a specified logfile (follow the
583 option with the logfile name). The logfile is opened for append, so
584 previous messages aren't deleted. This is primarily useful for
585 debugging configurations.
589 option (keyword: syslog) allows you to redirect status and error
590 messages emitted to the
592 system daemon if available.
593 Messages are logged with an id of \fBfetchmail\fR, the facility \fBLOG_MAIL\fR,
594 and priorities \fBLOG_ERR\fR, \fBLOG_ALERT\fR or \fBLOG_INFO\fR.
595 This option is intended for logging status and error messages which
596 indicate the status of the daemon and the results while fetching mail
598 Error messages for command line options and parsing the \fI.fetchmailrc\fR
599 file are still written to stderr, or the specified log file if the
607 option tries to make fetchmail invisible. Normally, fetchmail behaves
608 like any other MTA would -- it generates a Received header into each
609 message describing its place in the chain of transmission, and tells
610 the MTA it forwards to that the mail came from the machine fetchmail
611 itself is running on. If the invisible option is on, the Received
612 header is suppressed and fetchmail tries to spoof the MTA it forwards
613 to into thinking it came directly from the mailserver host.
617 or --nodetach option suppresses backgrounding and detachment of the
618 daemon process from its control terminal. This is primarily useful
619 for debugging. Note that this also causes the logfile option to be
620 ignored (though perhaps it shouldn't).
622 Note that while running in daemon mode polling a POP2 or POP3 server,
623 transient errors (such as DNS failures or sendmail delivery refusals)
624 may force the fetchall option on for the duration of the next polling
625 cycle. This is a robustness feature. It means that if a message is
626 fetched (and thus marked seen by the mailserver) but not delivered
627 locally due to some transient error, it will be re-fetched during the
628 next poll cycle. (The IMAP logic doesn't delete messages until
629 they're delivered, so this problem does not arise.)
631 .SH RETRIEVAL FAILURE MODES
632 The protocols \fIfetchmail\fR uses to talk to mailservers are next to
633 bulletproof. In normal operation forwarding to port 25, no message is
634 ever deleted (or even marked for deletion) on the host until the SMTP
635 listener on the client has acknowledged to \fIfetchmail\fR that the
636 message has been accepted for delivery. When forwarding to an MDA,
637 however, there is more possibility of error (because there's no way
638 for fetchmail to get a reliable positive acknowledgement from the MDA).
640 The normal mode of \fIfetchmail\fR is to try to download only `new'
641 messages, leaving untouched (and undeleted) messages you have already
642 read directly on the server (or fetched with a previous \fIfetchmail
643 --keep\fR). But you may find that messages you've already read on the
644 server are being fetched (and deleted) even when you don't specify
645 --all. There are several reasons this can happen.
647 One could be that you're using POP2. The POP2 protocol includes no
648 representation of `new' or `old' state in messages, so \fIfetchmail\fR
649 must treat all messages as new all the time. But POP2 is obsolete, so
652 Under POP3, blame RFC1725. That version of the POP3 protocol
653 specification removed the LAST command, and some POP servers follow it
654 (you can verify this by invoking \fIfetchmail -v\fR to the mailserver
655 and watching the response to LAST early in the query). The
656 \fIfetchmail\fR code tries to compensate by using POP3's UID feature,
657 storing the identifiers of messages seen in each session until the
658 next session, in the \fI.fetchids\fR file. But this doesn't track
659 messages seen with other clients, or read directly with a mailer on
660 the host but not deleted afterward. A better solution would be to
663 Another potential POP3 problem might be servers that insert messages
664 in the middle of mailboxes (some VMS implementations of mail are
665 rumored to do this). The \fIfetchmail\fR code assumes that new
666 messages are appended to the end of the mailbox; when this is not true
667 it may treat some old messages as new and vice versa. The only
668 real fix for this problem is to switch to IMAP.
670 The IMAP code uses the presence or absence of the server flag \eSeen
671 to decide whether or not a message is new. Under Unix, it counts on
672 your IMAP server to notice the BSD-style Status flags set by mail user
673 agents and set the \eSeen flag from them when appropriate. All Unix
674 IMAP servers we know of do this, though it's not specified by the IMAP
675 RFCs. If you ever trip over a server that doesn't, the symptom will
676 be that messages you have already read on your host will look new to
677 the server. In this (unlikely) case, only messages you fetched with
678 \fIfetchmail --keep\fR will be both undeleted and marked old.
680 In ETRN mode, \fIfetchmail\fR does not actually retrieve messages;
681 instead, it asks the server's SMTP listener to start a queue flush
682 to the client via SMTP. Therefore it sends only undelivered messages.
685 Many SMTP listeners allow administrators to set up `spam filters' that
686 block unsolicited email from specified domains. A MAIL FROM line that
687 triggers this feature will elicit an SMTP response which
688 (unfortunately) varies according to the listener.
692 return an error code of 571. This return value
693 is blessed by RFC1893 as "Delivery not authorized, message refused".
695 According to current drafts of the replacement for RFC821, the correct
696 thing to return in this situation is 550 "Requested action not taken:
697 mailbox unavailable" (the draft adds "[E.g., mailbox not found, no
698 access, or command rejected for policy reasons].").
702 MTA returns 501 "Syntax error in parameters or arguments" , but will
707 code recognizes any of these error codes and discards the message. This is the
709 circumstance under which fetchmail ever discards mail.
713 is fetching from an IMAP server, the antispam response will be detected and
714 the message rejected immediately after the headers have been fetched,
715 without reading the message body. Thus, you won't pay for downloading
718 .SH THE RUN CONTROL FILE
719 The preferred way to set up fetchmail is to write a
720 \&\fI.fetchmailrc\fR file in your home directory. When there is a
721 conflict between the command-line arguments and the arguments in this
722 file, the command-line arguments take precedence.
724 To protect the security of your passwords, when --version is not on
725 your \fI~/.fetchmailrc\fR may not have more than 0600 (u=rw,g=,o=) permissions;
727 will complain and exit otherwise.
729 You may read the \fI.fetchmailrc\fR file as a list of commands to
732 is called with no arguments.
733 .SS Run Control Syntax
735 Comments begin with a '#' and extend through the end of the line.
736 Otherwise the file consists of a series of server entries or global
737 option statements in a free-format, token-oriented syntax.
739 There are four kinds of tokens: grammar keywords, numbers
740 (i.e. decimal digit sequences), unquoted strings, and quoted strings.
741 A quoted string is bounded by double quotes and may contain
742 whitespace (and quoted digits are treated as a string). An unquoted
743 string is any whitespace-delimited token that is neither numeric, string
744 quoted nor contains the special characters `,', `;', `:', or `='.
746 Any amount of whitespace separates tokens in server entries, but is
747 otherwise ignored. You may use standard C-style escapes (\en, \et,
748 \eb, octal, and hex) to embed non-printable characters or string
749 delimiters in strings.
751 Each server entry consists of one of the keywords `poll' or `skip',
752 followed by a server name, followed by server options, followed by any
753 number of user descriptions. Note: the most common cause of syntax
754 errors is mixing up user and server options.
756 For backward compatibility, the word `server' is a synonym for `poll'.
758 You can use the noise keywords `and', `with',
759 \&`has', `wants', and `options' anywhere in an entry to make
760 it resemble English. They're ignored, but but can make entries much
761 easier to read at a glance. The punctuation characters ':', ';' and
762 \&',' are also ignored.
765 The `poll' verb tells fetchmail to query this host when it is run with
766 no arguments. The `skip' verb tells
768 not to poll this host unless it is explicitly named on the command
769 line. (The `skip' verb allows you to experiment with test entries
770 safely, or easily disable entries for hosts that are temporarily down.)
772 .SS Keyword/Option Summary
773 Here are the legal server options. Keyword suffixes enclosed in
774 square brackets are optional. Those corresponding to command-line
775 options are followed by `-' and the appropriate option letter.
782 Specify DNS name of mailserver, overriding poll name
785 Specify protocol (case insensitive):
786 POP2, POP3, IMAP, IMAP-K4, IMAP-GSS, APOP, KPOP
789 Specify TCP/IP service port
792 Set preauthentication type (default `password')
795 Server inactivity timout in seconds (default 300)
798 Specify envelope-address header name
801 Disable looking for envelope address
804 Qmail virtual domain prefix to remove from user name
807 Specify alternate DNS names of mailserver
810 specify IP interface(s) that must be up for server poll to take place
813 Specify IP address to monitor for activity
816 Enable DNS lookup for multidrop (default)
819 Disable DNS lookup for multidrop
822 Force POP3 to use client-side UIDLs
825 Turn off POP3 use of client-side UIDLs (default)
829 Here are the legal user options:
837 (local user name if name followed by `here')
840 Connect local and remote user names
843 Connect local and remote user names
846 Specify remote account password
849 Specify remote folder to query
852 Specify smtp host(s) to forward to
855 Specify MDA for local delivery
858 Command to be executed before each connection
861 Command to be executed after each connection
864 Don't delete seen messages from server
867 Flush all seen messages before querying
870 Fetch all messages whether seen or not
873 Rewrite destination addresses for reply (default)
876 Strip carriage returns from ends of lines
879 Force carriage returns at ends of lines
882 Force BODY=8BITMIME to ESMTP listener
885 Strip Status lines out of incoming mail
888 Delete seen messages from server (default)
891 Don't flush all seen messages before querying (default)
894 Retrieve only new messages (default)
897 Don't rewrite headers
900 Don't strip carriage returns (default)
903 Don't force carriage returns at EOL (default)
906 Don't force BODY=8BITMIME to ESMTP listener (default)
909 Don't drop Status headers (default)
912 Set message size limit
915 Max # messages to fetch in single connect
918 Max # messages to forward in single connect
921 Perform an expunge on every #th message (IMAP only)
924 Do error logging through syslog(3).
928 Remember that all user options must \fIfollow\fR all server options.
930 In the .fetchmailrc file, the `envelope' string argument may be
931 preceded by a whitespace-separated number. This number, if specified,
932 is the number of such headers to skip (that is, an argument of 1
933 selects the second header of the given type). This is sometime useful
934 for ignoring bogus Received headers created by an ISP's local delivery
936 .SS Keywords Not Corresponding To Option Switches
938 The `folder' and `smtphost' options (unlike their command-line
939 equivalents) can take a space- or comma-separated list of names
942 All options correspond to the obvious command-line arguments, except
943 the following: `via', `interval', `aka', `is', `to', `dns'/`no dns',
944 \&`password', \&`preconnect', \&`postconnect', `localdomains',
945 \&`stripcr'/`no stripcr', \&`forcecr'/`no forcecr', `pass8bits'/`no
946 pass8bits' `dropstatus/no dropstatus', and `no envelope'.
948 The `via' option is for use with ssh, or if you want to have more
949 than one configuration pointing at the same site. If it is present,
950 the string argument will be taken as the actual DNS name of the
951 mailserver host to query.
952 This will override the argument of poll, which can then simply be a
953 distinct label for the configuration (e.g. what you would give on the
954 command line to explicitly query this host).
955 If the `via' name is `localhost', the poll name will also still be
956 used as a possible match in multidrop mode; otherwise the `via' name
957 will be used instead and the poll name will be purely a label.
959 The `interval' option (which takes a numeric argument) allows you to poll a
960 server less frequently than the basic poll interval. If you say
961 \&`interval N' the server this option is attached to will only be
962 queried every N poll intervals.
964 The `is' or `to' keywords associate the following local (client)
965 name(s) (or server-name to client-name mappings separated by =) with
966 the mailserver user name in the entry. If an is/to list has `*' as
967 its last name, unrecognized names are simply passed through.
969 A single local name can be used to support redirecting your mail when
970 your username on the client machine is different from your name on the
971 mailserver. When there is only a single local name, mail is forwarded
972 to that local username regardless of the message's Received, To, Cc,
973 and Bcc headers. In this case
975 never does DNS lookups.
977 When there is more than one local name (or name mapping) the
978 \fIfetchmail\fR code does look at the Received, To, Cc, and Bcc
979 headers of retrieved mail (this is `multidrop mode'). It looks for
980 addresses with hostname parts that match your poll name or your `via',
981 `aka' or `localdomains' options, and usually also for hostname parts
982 which DNS tells it are aliases of the mailserver. See the discussion
983 of `dns', `localdomains', and `aka' for details on how matching
984 addresses are handled. If \fIfetchmail\fR cannot match any mailserver
985 usernames or localdomain addresses, the default recipient is the
986 calling user (as set by the USER or LOGNAME variable in the
987 environment; you could use this to redirect to an alias like postmaster).
989 The `dns' option (normally on) controls the way addresses from
990 multidrop mailboxes are checked. On, it enables logic to check each
991 host address that doesn't match an `aka' or `localdomains' declaration
992 by looking it up with DNS. When a mailserver username is recognized
993 attached to a matching hostname part, its local mapping is added to
994 the list of local recipients.
996 The `aka' option is for use with multidrop mailboxes. It allows you
997 to pre-declare a list of DNS aliases for a server. This is an
998 optimization hack that allows you to trade space for speed. When
1000 while processing a multidrop mailbox, grovels through message headers
1001 looking for names of the mailserver, pre-declaring common ones can
1002 save it from having to do DNS lookups.
1004 The `localdomains' option allows you to declare a list of domains
1005 which fetchmail should consider local. When fetchmail is parsing
1006 address lines in multidrop modes, and a trailing segment of a host
1007 name matches a declared local domain, that address is passed through
1008 to the listener or MDA unaltered (local-name mappings are \fInot\fR
1011 If you are using `localdomains', you may also need to specify \&`no
1012 envelope', which disables \fIfetchmail\fR's normal attempt to deduce
1013 an envelope address from the Received line or X-Envelope-To header or
1014 whatever header has been previously set by `envelope'. If you set `no
1015 envelope' in the defaults entry it is possible to undo that in
1016 individual entries by using `envelope <string>'. As a special case,
1017 \&`envelope "Received"' restores the default parsing of
1020 The \fBpassword\fR option requires a string argument, which is the password
1021 to be used with the entry's server.
1023 The `preconnect' keyword allows you to specify a shell command to be
1024 executed just before each time
1026 establishes a mailserver connection. This may be useful if you are
1027 attempting to set up secure POP connections with the aid of
1029 If the command returns a nonzero status, the poll of that mailserver
1032 Similarly, the `postconnect' keyword similarly allows you to specify a
1033 shell command to be executed just after each time a mailserver
1034 connection is taken down.
1036 The `forcecr' option controls whether lines terminated by LF only are
1037 given CRLF termination before forwarding. Strictly speaking RFC821
1038 requires this, but few MTAs enforce the requirement it so this option
1039 is normally off (only one such MTA, qmail, is in significant use at
1042 The `stripcr' option controls whether carriage returns are stripped
1043 out of retrieved mail before it is forwarded. It is normally not
1044 necessary to set this, because it defaults to `on' (CR stripping
1045 enabled) when there is an MDA declared but `off' (CR stripping
1046 disabled) when forwarding is via SMTP. If `stripcr' and `forcecr' are
1047 both on, `stripcr' will override.
1049 The `pass8bits' option exists to cope with Microsoft mail programs that
1050 stupidly slap a "Content-Transfer-Encoding: 7bit" on everything. With
1051 this option off (the default) and such a header present,
1053 declares BODY=7BIT to an ESMTP-capable listener; this causes problems for
1054 messages actually using 8-bit ISO or KOI-8 character sets, which will
1055 be garbled by having the high bits of all characters stripped. If
1056 \&`pass8bits' is on,
1058 is forced to declare BODY=8BITMIME to any ESMTP-capable listener. If
1059 the listener is 8-bit-clean (as all the major ones now are) the right
1060 thing will probably result.
1062 The `dropstatus' option controls whether nonempty Status lines are
1063 retained in fetched mail (the default) or discarded. Retaining them
1064 allows your MUA to see what messages (if any) were marked seen on the
1065 client. On the other hand, it can confuse some new-mail notifiers,
1066 which assume that anything with a Status line in it has been seen.
1067 (Note: the empty Status lines inserted by some buggy POP servers are
1068 unconditionally discarded.)
1070 .SS Miscellaneous Run Control Options
1071 The words `here' and `there' have useful English-like
1072 significance. Normally `user eric is esr' would mean that
1073 mail for the remote user `eric' is to be delivered to `esr',
1074 but you can make this clearer by saying `user eric there is esr here',
1075 or reverse it by saying `user esr here is eric there'
1077 Legal protocol identifiers for use with the `protocol' keyword are:
1083 imap-k4 (or IMAP-K4)
1084 imap-gss (or IMAP-GSS)
1089 Legal authentication types are `password' or `kerberos'. The former
1090 specifies authentication by normal transmission of a password (the
1091 password may be plaintext or subject to protocol-specific encryption
1092 as in APOP); the second tells \fIfetchmail\fR to try to get a Kerberos
1093 ticket at the start of each query instead, and send an arbitrary
1094 string as the password.
1096 Specifying `kpop' sets POP3 protocol over port 1109 with Kerberos V4
1097 preauthentication. These defaults may be overridden by later options.
1099 There are currently three global option statements; `set logfile'
1100 followed by a string sets the same global specified by --logfile. A
1101 command-line --logfile option will override this. Also, `set daemon'
1102 sets the poll interval as --daemon does. This can be overridden by
1103 a command-line --daemon option; in particular --daemon 0 can be used
1104 to force foreground operation. Finally, `set syslog' sends log
1105 messages to syslogd(8).
1107 .SH CONFIGURATION EXAMPLES
1111 poll SERVERNAME protocol PROTOCOL username NAME password PASSWORD
1117 poll pop.provider.net protocol pop3 username jsmith password secret1
1120 Or, using some abbreviations:
1123 poll pop.provider.net proto pop3 user jsmith password secret1
1126 Multiple servers may be listed:
1129 poll pop.provider.net proto pop3 user jsmith pass secret1
1130 poll other.provider.net proto pop2 user John.Smith pass My^Hat
1133 Here's a version of those two with more whitespace and some noise words:
1136 poll pop.provider.net proto pop3
1137 user jsmith, with password secret1, is jsmith here;
1138 poll other.provider.net proto pop2:
1139 user John.Smith, with password My^Hat, is John.Smith here;
1142 This version is much easier to read and doesn't cost significantly
1143 more (parsing is done only once, at startup time).
1146 If you need to include whitespace in a parameter string, enclose the
1147 string in double quotes. Thus:
1150 poll mail.provider.net with proto pop3:
1151 user jsmith there has password "u can't krak this"
1152 is jws here and wants mda "/bin/mail"
1155 You may have an initial server description headed by the keyword
1156 `defaults' instead of `poll' followed by a name. Such a record
1157 is interpreted as defaults for all queries to use. It may be overwritten
1158 by individual server descriptions. So, you could write:
1163 poll pop.provider.net
1165 poll mail.provider.net
1166 user jjsmith there has password secret2
1169 It's possible to specify more than one user per server (this is only
1170 likely to be useful when running fetchmail in daemon mode as root).
1171 The `user' keyword leads off a user description, and every user specification
1172 in a multi-user entry must include it. Here's an example:
1175 poll pop.provider.net proto pop3 port 3111
1176 user jsmith with pass secret1 is smith here
1177 user jones with pass secret2 is jjones here
1180 This associates the local username `smith' with the pop.provider.net
1181 username `jsmith' and the local username `jjones' with the
1182 pop.provider.net username `jones'.
1184 Here's what a simple retrieval configuration for a multi-drop mailbox
1188 poll pop.provider.net:
1189 user maildrop with pass secret1 to golux hurkle=happy snark here
1192 This says that the mailbox of account `maildrop' on the server is a
1193 multi-drop box, and that messages in it should be parsed for the
1194 server user names `golux', `hurkle', and `snark'. It further
1195 specifies that `golux' and `snark' have the same name on the
1196 client as on the server, but mail for server user `hurkle' should be
1197 delivered to client user `happy'.
1199 Here's an example of another kind of multidrop connection:
1202 poll pop.provider.net localdomains loonytoons.org:
1203 user maildrop with pass secret1 to esr * here
1206 This also says that the mailbox of account `maildrop' on the server is
1207 a multi-drop box. It tells fetchmail that any address in the
1208 loonytoons.org domain (including subdomain addresses like
1209 `joe@daffy.loonytoons.org') should be passed through to the local SMTP
1210 listener without modification. Be careful of mail loops if you do this!
1212 Here's an example configuration using ssh. The queries go through an
1213 ssh connecting local port 1234 to port 110 on mailhost.net; the
1214 preconnect command sets up the ssh.
1217 poll mailhost.net via localhost port 1234 with pop3:
1218 preconnect "ssh -f -L 1234:mailhost.net:110
1219 mailhost.net sleep 20 </dev/null >/dev/null";
1222 .SH THE USE AND ABUSE OF MULTIDROP MAILBOXES
1223 Use the multiple-local-recipients feature with caution -- it can bite.
1224 Also note that all multidrop features are ineffective in ETRN mode.
1226 .SS Header vs. Envelope addresses
1227 The fundamental problem is that by having your mailserver toss several
1228 peoples' mail in a single maildrop box, you may have thrown away
1229 potentially vital information about who each piece of mail was
1230 actually addressed to (the `envelope address', as opposed to the
1231 header addresses in the RFC822 To/Cc/Bcc headers). This `envelope
1232 address' is the address you need in order to reroute mail properly.
1236 can deduce the envelope address. If the mailserver MTA is
1238 and the item of mail had just one recipient, the MTA will have written
1239 a `by/for' clause that gives the envelope addressee into its Received
1240 header. But this doesn't work reliably for other MTAs, nor if there is
1241 more than one recipient. By default, \fIfetchmail\fR looks for
1242 envelope addresses in these lines; you can restore this default with
1243 -E "Received" or \&`envelope Received'.
1245 Alternatively, some SMTP listeners and/or mail servers insert a header
1246 in each message containing a copy of the envelope addresses. This
1247 header (when it exists) is often `X-Envelope-To'. Fetchmail's
1248 assumption about this can be changed with the -E or `envelope' option.
1249 Note that writing an envelope header of this kind exposes the names of
1250 recipients (including blind-copy recopients) to all receivers of the
1251 messages; it is therefore regarded by some administrators as a
1252 security/privacy problem.
1254 A slight variation of the `X-Envelope-To' header is the `Delivered-To' put
1255 by qmail to avoid mail loops. It will probably prefix the user name with a
1256 string that normally matches the user's domain. To remove this prefix you
1257 can use the -Q or `qvirtual' option.
1259 Sometimes, unfortunately, neither of these methods works. When they
1260 all fail, fetchmail must fall back on the contents of To/Cc/Bcc
1261 headers to try to determine recipient addressees -- and these are not
1262 reliable. In particular, mailing-list software often ships mail with
1263 only the list broadcast address in the To header.
1267 cannot deduce a recipient address that is local, and the intended
1268 recipient address was anyone other than fetchmail's invoking user,
1269 mail will get lost. This is what makes the multidrop feature risky.
1271 A related problem is that when you blind-copy a mail message, the Bcc
1272 information is carried \fIonly\fR as envelope address (it's not put
1273 in the headers fetchmail can see unless there is an X-Envelope
1274 header). Thus, blind-copying to someone who gets mail over a
1275 fetchmail link will fail unless the the mailserver host routinely
1276 writes X-Envelope or an equivalent header into messages in your maildrop.
1278 .SS Good Ways To Use Multidrop Mailboxes
1279 Multiple local names can be used to administer a mailing list from the
1280 client side of a \fIfetchmail\fR collection. Suppose your name is
1281 \&`esr', and you want to both pick up your own mail and maintain a mailing
1282 list called (say) "fetchmail-friends", and you want to keep the alias
1283 list on your client machine.
1285 On your server, you can alias \&`fetchmail-friends' to `esr'; then, in
1286 your \fI.fetchmailrc\fR, declare \&`to esr fetchmail-friends here'.
1287 Then, when mail including `fetchmail-friends' as a local address
1288 gets fetched, the list name will be appended to the list of
1289 recipients your SMTP listener sees. Therefore it will undergo alias
1290 expansion locally. Be sure to include `esr' in the local alias
1291 expansion of fetchmail-friends, or you'll never see mail sent only to
1292 the list. Also be sure that your listener has the "me-too" option set
1293 (sendmail's -oXm command-line option or OXm declaration) so your name
1294 isn't removed from alias expansions in messages you send.
1296 This trick is not without its problems, however. You'll begin to see
1297 this when a message comes in that is addressed only to a mailing list
1298 you do \fInot\fR have declared as a local name. Each such message
1299 will feature an `X-Fetchmail-Warning' header which is generated
1300 because fetchmail cannot find a valid local name in the recipient
1301 addresses. Such messages default (as was described above) to being
1302 sent to the local user running
1304 but the program has no way to know that that's actually the right thing.
1306 .SS Bad Ways To Abuse Multidrop Mailboxes
1307 Multidrop mailboxes and
1309 serving multiple users in daemon mode do not mix. The problem, again, is
1310 mail from mailing lists, which typically does not have an individual
1311 recipient address on it. Unless
1313 can deduce an envelope address, such mail will only go to the account
1314 running fetchmail (probably root). Also, blind-copied users are very
1315 likely never to see their mail at all.
1317 If you're tempted to use
1319 to retrieve mail for multiple users from a single mail drop via POP or
1320 IMAP, think again (and reread the section on header and envelope
1321 addresses above). It would be smarter to just let the mail sit in the
1322 mailserver's queue and use fetchmail's ETRN mode to trigger SMTP sends
1323 periodically (of course, this means you have to poll more frequently
1324 than the mailserver's expiry period). If you can't arrange this, try
1325 setting up a UUCP feed.
1327 If you absolutely \fImust\fR use multidrop for this purpose, make sure
1328 your mailserver writes an envelope-address header that fetchmail can
1329 see. Otherwise you \fIwill\fR lose mail and it \fIwill\fR come back
1332 .SS Speeding Up Multidrop Checking
1333 Normally, when multiple user are declared
1335 extracts recipient addresses as described above and checks each host
1336 part with DNS to see if it's an alias of the mailserver. If so, the
1337 name mappings described in the to ... here declaration are done and
1338 the mail locally delivered.
1340 This is the safest but also slowest method. To speed it up,
1341 pre-declare mailserver aliases with `aka'; these are checked before
1342 DNS lookups are done. If you're certain your aka list contains
1344 DNS aliases of the mailserver (and all MX names pointing at it)
1345 you can declare `no dns' to suppress DNS lookups entirely and
1346 \fIonly\fR match against the aka list.
1349 To facilitate the use of
1351 in shell scripts, an exit code is returned to give an indication
1352 of what occurred during a given connection.
1354 The exit codes returned by
1358 One or more messages were successfully retrieved.
1360 There was no mail awaiting retrieval. (There may have been old mail still
1361 on the server but not selected for retrieval.)
1363 An error was encountered when attempting to open a socket for the POP
1364 connection. If you don't know what a socket is, don't worry about it --
1365 just treat this as an 'unrecoverable error'.
1367 The user authentication step failed. This usually means that a bad
1368 user-id, password, or APOP id was specified.
1370 Some sort of fatal protocol error was detected.
1372 There was a syntax error in the arguments to
1375 The run control file had bad permissions.
1377 There was an error condition reported by the server. Can also
1380 timed out while waiting for the server.
1382 Client-side exclusion error. This means
1384 either found another copy of itself already running, or failed in such
1385 a way that it isn't sure whether another copy is running.
1387 The user authentication step failed because the server responded "lock
1388 busy". Try again after a brief pause! This error is not implemented
1389 for all protocols, nor for all servers. If not implemented for your
1390 server, "3" will be returned instead, see above. May be returned when
1391 talking to qpopper or other servers that can respond with "lock busy"
1392 or some similar text containing the word "lock".
1396 run failed while trying to do an SMTP port open or transaction.
1398 Fatal DNS error. Fetchmail encountered an error while performing
1399 a DNS lookup at startup and could not proceed.
1401 Internal error. You should see a message on standard error with
1406 queries more than one host, return status is 0 if \fIany\fR query
1407 successfully retrieved mail. Otherwise the returned error status is
1408 that of the last host queried.
1411 Eric S. Raymond <esr@snark.thyrsus.com>.
1412 This program is descended from and replaces
1414 by Carl Harris <ceharris@mal.com>; the internals are quite different,
1415 but some of its interface design is directly traceable to that
1421 default run control file
1424 default location of file associating hosts with last message IDs seen
1425 (used only with newer RFC1725-compliant POP3 servers supporting the
1429 your FTP run control file, which (if present) will be searched for
1430 passwords as a last resort before prompting for one interactively.
1433 lock file to help prevent concurrent runs (non-root mode).
1435 /var/run/fetchmail.pid
1436 lock file to help prevent concurrent runs (root mode, Linux systems).
1439 lock file to help prevent concurrent runs (root mode, systems without /var/run).
1442 For correct initialization,
1444 requires either that both the USER and HOME environment variables are
1445 correctly set, or that \fBgetpwuid\fR(3) be able to retrieve a password
1446 entry from your user ID.
1451 daemon is running as root, SIGHUP wakes it up from its sleep phase and
1452 forces a poll of all non-skipped servers (this is in accordance with
1453 the usual conventions for system daemons).
1457 is running in daemon mode as non-root, use SIGUSR1 to wake it (this is
1458 so SIGHUP due to logout can retain the default action of killing it).
1462 in foreground while a background fetchmail is running will do
1463 whichever of these is appropriate to wake it up.
1465 .SH BUGS AND KNOWN PROBLEMS
1466 The RFC822 parser used in multidrop mode chokes on some @-addresses that
1467 are technically legal but bizarre. Strange uses of quoting and
1468 embedded comments are likely to confuse it.
1470 Use of any of the supported protocols other than POP3 with OTP or RPA, APOP,
1471 KPOP, IMAP-K4, IMAP-GSS, or ETRN requires that the program send unencrypted
1472 passwords over the TCP/IP connection to the mailserver. This creates
1473 a risk that name/password pairs might be snaffled with a packet
1474 sniffer or more sophisticated monitoring software. Under Linux, the
1475 --interface option can be used to restrict polling to availability of
1476 a specific interface device with a specific local IP address, but
1477 snooping is still possible if (a) either host has a network device
1478 that can be opened in promiscuous mode, or (b) the intervening network
1481 Send comments, bug reports, gripes, and the like to Eric S. Raymond
1482 <esr@thyrsus.com>. An HTML FAQ is available at the fetchmail home
1483 page; surf to http://www.ccil.org/~esr/fetchmail or do a WWW search
1484 for pages with `fetchmail' in their titles.
1487 elm(1), mail(1), sendmail(8), popd(8), imapd(8)
1488 .SH APPLICABLE STANDARDS
1491 RFC 821, RFC 1869, RFC 1652, RFC 1870, RFC1983, RFC 1985
1500 RFC 1081, RFC 1225, RFC 1460, RFC 1725, RFC 1939
1503 RFC 1460, RFC 1725, RFC 1939
1512 RFC 1730, RFC 1731, RFC 1732, RFC 2060, RFC 2061