.\" For license terms, see the file COPYING in this directory.
.TH fetchmail LOCAL
.SH NAME
-fetchmail \- retrieve mail from a mailserver using POP or IMAP
+fetchmail \- retrieve mail from a mailserver using POP2, POP3, APOP, or IMAP
.SH SYNOPSIS
.B fetchmail
[\fI options \fR] \fI [server-host...]\fR
.SH DESCRIPTION
.I fetchmail
-is a mail retrieval client which supports
-POP2 (as specified in RFC 937), POP3 (RFC 1725), IMAP2bis (as
-implemented by the 4.4BSD imapd program), and IMAP4 (RFC1730).
-It can use (but does not require) the RPOP and LAST facilities
-removed from later POP3 versions.
+is a batch mail retrieval utility intended to be used over on-demand
+TCP/IP links (such as SLIP or PPP connections). It fetches mail from
+remote mail servers and forwards it to your local (client) machine's
+delivery system, where it can then be be read by normal mail user
+agents such as \fIelm\fR(1) or \fIMail\fR(1).
.PP
-The,
-.I fetchmail
-program may be used to download mail in batch from the remote
-mailserver specified by
-.I host
-to a mail folder on the local disk. The retrieved mail can then be
-manipulated using a local mail reader, such as
-.I mail
-or
-.I elm.
-.PP
-To facilitate the use of
+The
.I fetchmail
-in scripts, pipelines, etc, it returns an appropriate exit code upon
-termination -- see EXIT CODES below.
+program can gather mail from servers supporting POP2 (as specified in RFC
+937), POP3 (RFC 1725), IMAP2bis (as implemented by the 4.4BSD imapd
+program), and IMAP4 (RFC1730). It can use (but does not require) the
+RPOP and LAST facilities removed from later POP3 versions.
.PP
The behavior of
.I fetchmail
-is controlled by comand-line options and a control file,
-.I ~/.fetchrc
+is controlled by comand-line options and a run control file,
+.I ~/.fetchmailrc
the syntax of which we describe below. Command-line options override
-.I ~/.fetchrc
+.I ~/.fetchmailrc
declarations.
+.PP
+To facilitate the use of
+.I fetchmail
+in scripts, pipelines, etc, it returns an appropriate exit code upon
+termination -- see EXIT CODES below.
.SH OPTIONS
Each server name that you specify (following the options on the
command line) will be queried. If you don't specify any servers
on the command line, each server in your
-.I ~/.fetchrc
+.I ~/.fetchmailrc
file will be queried.
.TP
.B \-2
With this option you can specify another host to deliver to.
.TP
.B \-m mda, --mda mda
-Specify a mail delivery agent to use. This can be used to pass
-fetched mail to programs like procmail. If the MDA string contains
-%s, that escape will be expanded into your username on the client
-machine.
+Specify a mail delivery agent to use. See OUTPUT OPTIONS below for a
+complete description.
.TP
.B \-o folder, --local folder
Causes retrieved messages to be appended to file named by the folder
options on the same command line.
.TP
.B \-F, --flush
-POP3 only. Delete old (previously retrieved) messages from the mailserver
+POP3/IMAP only. Delete old (previously retrieved) messages from the mailserver
before retrieving new messages.
.TP
-.B \-f pathname, --fetchrc pathname
-Specify an alternate name for the .fetchrc file.
-.TP
-.B \-i pathname, --idfile pathname
-Specify an alternate name for the .popids file.
+.B \-f pathname, --fetchmailrc pathname
+Specify an alternate name for the .fetchmailrc run control file.
.TP
.B \-k, --keep
Keep retrieved messages in folder on remote mailserver. Normally, messages
.RS
.IP IMAP
IMAP2bis, a compatible subset of IMAP4.
-.IP POP2
+.IP POP2
Post Office Protocol 2
.IP POP3
Post Office Protocol 3
.I fetchmail
and ensures that your password will not be compromised. You may also specify
your password in your
-.I ~/.fetchrc
+.I ~/.fetchmailrc
file. This is convenient when using
.I fetchmail
-with automated scripts.
+in daemon mode or with scripts.
.PP
On mailservers that do not provide ordinary user accounts, your user-id and
password are usually assigned by the server administrator when you apply for
POP3 versions up to the RFC1225 version supported an alternate
authentication mechanism called RPOP intended to remove the security
risk inherent in sending unencrypted account passwords across the net
-(in RFC1460 this facility was replaced with APOP). If your .fetchrc
-file specifies an RPOP id and a connection port in the privileged
-range (1..1024),
+(in RFC1460 this facility was replaced with APOP). If you specify the
+RPOP protocol and a connection port in the privileged range (1..1024),
.I fetchmail will
-ship the id with an RPOP command rather than sending a password.
+ship your password entry to the mail server as an RPOP id.
(Note: you'll need to be running fetchmail setuid root for RPOP to
work --
.I fetchmail
has to bind to a privileged port locally in order for the mail
server to believe it's allowed to bind to a privileged remote port.)
.PP
+RFC1460 introduced APOP authentication. In this variant of POP3,
+you register an APOP password on your server host (the program
+to do this with on the server is probably called \fIpopauth\fR(8)). You
+put the same password in your
+.I .fetchmailrc
+file. Each time
+.I fetchmail
+logs in, it sends a cryptographically secure hash of your password and
+the server greeting time to the server, which can verify it by
+checking its authorization database.
+.PP
.SH OUTPUT OPTIONS
The default behavior of
.I fetchmail
-is to ship mail to the the SMTP port on the machine it is running on
-(localhost), as though it were being passed over a normal TCP/IP link.
+is to ship mail via SMTP to port 25 on the machine it is running on
+(localhost), just as though it were being passed in over a normal TCP/IP link.
This normally results in the mail being delivered locally via your
system's default MDA (Mail Delivery Agent, usually
.I /usr/lib/sendmail
but your system may use a different MDA).
.PP
-You can force mail to be passed to an MDA directly with the -mda or -m option.
-Some possible MDAs are "/usr/lib/sendmail -oem %s", "/usr/formail",
-and "/usr/bin/deliver %s". This shouldn't be necessary unless
-for some reason you want to bypass your system's default MDA.
+You can force mail to be passed to an MDA directly with the -mda or -m
+option. Some possible MDAs are "/usr/lib/sendmail -oem %s",
+"/usr/formail", and "/usr/bin/deliver %s" (if the MDA string contains
+%s, that escape will be expanded into your username on the client
+machine). This shouldn't be necessary unless for some reason you
+want to bypass your system's default MDA.
.PP
Using the
.B \-o
fetchmail -d 900
.PP
will, therefore, poll the hosts described in your
-.I ~/.fetchrc
+.I ~/.fetchmailrc
file once every fifteen minutes.
.PP
Only one daemon process is permitted per user; in daemon mode,
option allows you to redirect status messages emitted while in daemon
mode into a specified logfile (follow the option with the logfile name).
This is primarily useful for debugging configurations.
-.SH THE FETCHRC FILE
+.SH THE RUN CONTROL FILE
The preferred way to set up fetchmail (and the only way if you want to
-specify a password) is to write a .fetchrc file in your home directory.
-To protect the security of your passwords, your ~/.fetchrc may not have
+specify a password) is to write a .fetchmailrc file in your home directory.
+To protect the security of your passwords, your ~/.fetchmailrc may not have
more than u+r,u+w permissions;
.I fetchmail
will complain and exit otherwise.
protocol (or proto)
username (or user)
password (or pass)
- rpopid
remotefolder (or remote)
localfolder (or local)
mda
flush
fetchall
rewrite
+ skip
nokeep
noflush
nofetchall
norewrite
+ noskip
port
.PP
+All these correspond to the obvuious command-line arguments except
+two: \fBpassword\fR and \fBskip\fR.
+.PP
+The \fBpassword\fR option requires a string argument, which is the password
+to be used with the entry's server.
+.PP
+The \fBskip\fR option tells
+.I fetchmail
+not to query this host unless it is explicitly named on the command
+line. A host entry with this flag will be skipped when
+.I fetchmail
+called with no arguments steps through all hosts in the run control file.
+(This option allows you to experiment with test entries safely.)
+.PP
Legal protocol identifiers are
auto (or AUTO)
host queried.
.SH AUTHOR
.I fetchmail
-was originated by Carl Harris at Virginia Polytechnic Institute and State
-University (a.k.a. Virginia Tech). Version 3.0 was extensively improved
-by Eric S. Raymond <esr@snark.thyrsus.com> and is now maintained by esr.
+was originated (under the name `popclient') by Carl Harris at Virginia
+Polytechnic Institute and State University (a.k.a. Virginia Tech).
+Version 3.0 of popclient was extensively rewritten and improved by
+Eric S. Raymond <esr@snark.thyrsus.com>. The program's name was
+then changed to
+.I fetchmail
+to reflect both the presence of IMAP support and the symmetry with sendmail
+created by the new SMTP forwarding default.
.PP
.SH FILES
.TP 5
-~/.fetchrc
-default configuration file
-.TP 5
-~/.popids
-default location of file associating hosts with last message IDs seen
-(used only with newer RFC1725-compliant servers supporting the UIDL command).
+~/.fetchmailrc
+default run control file
.TP 5
${TMPDIR}/fetchmail-${HOST}-${USER}
lock file to help prevent concurrent runs.
requires either that both the USER and HOME environment variables are
correctly set, or that \fBgetpwuid\fR(3) be able to retrieve a password
entry from your user ID.
-.SH BUGS
+.SH KNOWN PROBLEMS
+Use of any of the supported protocols other than APOP requires that
+the program send unencrypted passwords over the TCP/IP connection to
+the mail server. This creates a risk that name/password pairs might
+be snaffled with a packet sniffer or more sophisticated monitoring
+software.
+.pp
Running more than one concurrent instance of
.I fetchmail
on the same mailbox may cause messages to be lost or remain unfetched.
+(This is a design problem of the POP2, POP3 and IMAP2bis protocols.)
.PP
-When using POP2, the --smtphost option doesn't work, and mail headers
-are not rewritten to enable replies as described under --norewrite.
-This isn't a protocol problem, it's because the developer couldn't
-find a POP2 server to test the necessary code reorganization with.
-.PP
-The --remotefolder option doesn't work with POP3, the protocol won't
-support it.
+If, using POP3, you find that messages you've already read on the
+server are being fetched, blame RFC1725. That late version pf the
+POP3 protocol specification ill-advisedly removed the LAST command, and
+some servers (including the one distributed with at least some
+versions of SunOS) follow it (you can verify this by invoking
+.I fetchmail -v
+and watching the response to LAST early in the query). The fix is to
+install an older POP3 server with LAST or switch to an IMAP server.
.PP
-The RPOP support, and the UIDL support for RFC1725-compliant servers
-without LAST, are not yet well tested.
+The RPOP support is not yet well tested.
.PP
Send comments, bug reports, gripes, and the like to Eric S. Raymond
<esr@thyrsus.com>.
The --password option of previous (popclient) versions has been removed -- it
encouraged people to expose passwords in scripts. Passwords
must now be specified either interactively or in your
-.I ~/.fetchrc
+.I ~/.fetchmailrc
file. The short-form -p option now specifies the protocol to use.
.PP
The reason the password isn't stored encrypted is because this doesn't
actually add protection. Anyone who's acquired permissions to read your
-fetchrc file will be able to run
+fetchmailrc file will be able to run
.I fetchmail
as you anyway -- and if it's
your password they're after, they'd be able to use the necessary decoder from
projects / ~andy / fetchmail / blobdiff