Provided by: mpop_1.4.18-1_amd64 
NAME
mpop - A POP3 client
SYNOPSIS
Mail retrieval mode (default):
mpop [option...] [--] [account...]
mpop --host=host [option...]
Configuration mode:
mpop --configure <mailaddress>
Server information mode:
mpop [option...] --serverinfo [account...]
mpop --host=host [option...] --serverinfo
DESCRIPTION
In mail retrieval mode of operation, mpop retrieves mails from one or more POP3 mailboxes,
optionally does some filtering, and delivers them through a mail delivery agent (MDA), to
a maildir folder, or to an mbox file. Mails that were successfully delivered before will
not be retrieved a second time, even if errors occur or mpop is terminated in the middle
of a session.
In server information mode, mpop prints information about one or more POP3 servers.
If no account names are given on the command line, one named default will be used.
The best way to start is probably to have a look at the EXAMPLES section.
EXIT STATUS
The standard sendmail exit codes are used, as defined in sysexits.h.
OPTIONS
Options override configuration file settings, for every used account.
General Options
--version
Print version information, including information about the libraries used.
--help Print help.
-P, --pretend
Print the configuration settings that would be used, but do not take further
action. An asterisk (`*') will be printed instead of your password.
-d, --debug
Print lots of debugging information, including the whole conversation with
the server. Be careful with this option: the (potentially dangerous) output
will not be sanitized, and your password may get printed in an easily
decodable format!
This option implies --half-quiet, because the progress output would
interfere with the debugging output.
Changing the mode of operation
--configure=mailaddress
Generate a configuration for the given mail address and print it. This can
be modified or copied unchanged to the configuration file. Note that this
only works for mail domains that publish appropriate SRV records; see RFC
8314.
-S, --serverinfo
Print information about the POP3 server(s) and exit. This includes
information about supported features (pipelining, authentication methods,
TOP command, ...), about parameters (time for which mails will not be
deleted, minimum time between logins, ...), and about the TLS certificate
(if TLS is active).
Configuration options
-C, --file=conffile
Use the given file instead of ~/.mpoprc or $XDG_CONFIG_HOME/mpop/config as
the user configuration file.
--host=hostname
Use this server with settings from the command line; do not use any
configuration file data. This option disables loading of the configuration
file. You cannot use both this option and account names on the command line.
--port=number
Set the port number to connect to. See the port command.
--source-ip=[IP]
Set or unset an IP address to bind the socket to. See the source_ip command.
--proxy-host=[IP|hostname]
Set or unset a SOCKS proxy to use. See the proxy_host command.
--proxy-port=[number]
Set or unset a port number for the proxy host. See the proxy_port command.
--socket=[socketname]
Set or unset a local unix domain socket name to connect to. See the socket
command.
--timeout=(off|seconds)
Set a network timeout. See the timeout command.
--pipelining=(auto|on|off)
Enable or disable POP3 pipelining. See the pipelining command.
--received-header[=(on|off)]
Enable or disable the Received header. See the received_header command.
--auth[=(on|method)]
Set the authentication method to automatic (with "on") or manually choose an
authentication method. See the auth command.
--user=[username]
Set or unset the user name for authentication. See the user command.
--passwordeval=[cmd]
Evaluate password for authentication. See the passwordeval command.
--tls[=(on|off)]
Enable or disable TLS/SSL. See the tls command.
--tls-starttls[=(on|off)]
Enable or disable STARTTLS for TLS. See the tls_starttls command.
--tls-trust-file=[file]
Set or unset a trust file for TLS. See the tls_trust_file command.
--tls-crl-file=[file]
Deprecated. Set or unset a certificate revocation list (CRL) file for TLS.
See the tls_crl_file command.
--tls-fingerprint=[fingerprint]
Set or unset the fingerprint of a trusted TLS certificate. See the
tls_fingerprint command.
--tls-key-file=[file]
Set or unset a key file for TLS. See the tls_key_file command.
--tls-cert-file=[file]
Set or unset a cert file for TLS. See the tls_cert_file command.
--tls-certcheck[=(on|off)]
Enable or disable server certificate checks for TLS. See the tls_certcheck
command.
--tls-priorities=[priorities]
Set or unset TLS priorities. See the tls_priorities command.
--tls-host-override=[host]
Set or unset override for TLS host verification. See the tls_host_override
command.
--tls-min-dh-prime-bits=[bits]
Deprecated, use --tls-priorities instead. Set or unset minimum bit size of
the Diffie-Hellmann (DH) prime. See the tls_min_dh_prime_bits command.
Options specific to mail retrieval mode
-q, --quiet
Do not print status or progress information.
-Q, --half-quiet
Print status but not progress information.
-a, --all-accounts
Query all accounts in the configuration file.
-A, --auth-only
Authenticate only; do not retrieve mail. Useful for SMTP-after-POP.
-s, --status-only
Print number and size of mails in each account only; do not retrieve mail.
-n, --only-new[=(on|off)]
Process only new messages. See the only_new command.
-k, --keep[=(on|off)]
Do not delete mails from POP3 servers, regardless of other options or
settings. See the keep command.
--killsize=(off|size)
Set or unset kill size. See the killsize command.
--skipsize=(off|size)
Set or unset skip size. See the skipsize command.
--filter=[program]
Set a filter which will decide whether to retrieve, skip, or delete each
mail by investigating the mail's headers. See the filter command.
--delivery=method,method_arguments...
How to deliver messages received from this account. See the delivery
command. Note that a comma is used instead of a blank to separate the method
from its arguments.
--uidls-file=filename
File to store UIDLs in. See the uidls_file command.
USAGE
A suggestion for a suitable configuration file can be generated using the --configure
option. The default configuration file is ~/.mpoprc or $XDG_CONFIG_HOME/mpop/config.
Settings in this file can be changed by command line options.
A configuration file is a simple text file. Empty lines and comment lines (first non-blank
character is '#') are ignored. Every other line must contain a command and may contain an
argument to that command. The argument may be enclosed in double quotes (").
If a file name starts with the tilde (~), this tilde will be replaced by $HOME.
If a command accepts the argument on, it also accepts an empty argument and treats that as
if it was on.
Commands are organized in accounts. Each account starts with the account command and
defines the settings for one POP3 account.
Commands are as follows:
defaults
Set defaults. The following configuration commands will set default values for all
following account definitions.
account name [:account[,...]]
Start a new account definition with the given name. The current default values are
filled in.
If a colon and a list of previously defined accounts is given after the account
name, the new account, with the filled in default values, will inherit all settings
from the accounts in the list.
eval cmd
Replace the current configuration file line with the first line of the output
(stdout) of the command cmd. This can be used to decrypt settings or to create them
via scripts. For example, eval echo host localhost replaces the current line with
host localhost.
Note that every eval line will be evaluated when the configuration file is read.
Note that for passwords you can also use the passwordeval command instead of eval
password cmd. This has the advantage that the command is only evaluated if needed.
host hostname
The POP3 server to retrieve mails from. The argument may be a host name or a
network address. Every account definition must contain this command.
port number
The port that the POP3 server listens on. The default is 110 ("pop3"), unless TLS
without STARTTLS is used, in which case it is 995 ("pop3s").
source_ip [IP]
Set a source IP address to bind the outgoing connection to. Useful only in special
cases on multi-home systems. An empty argument disables this.
proxy_host [IP|hostname]
Use a SOCKS proxy. All network traffic will go through this proxy host, including
DNS queries, except for a DNS query that might be necessary to resolve the proxy
host name itself (this can be avoided by using an IP address as proxy host name).
An empty hostname argument disables proxy usage. The supported SOCKS protocol
version is 5. If you want to use this with Tor, see also "Using mpop with Tor"
below.
proxy_port [number]
Set the port number for the proxy host. An empty number argument resets this to the
default port, which is 1080 ("socks").
socket socketname
Set the file name of a unix domain socket to connect to. This overrides both
host/port and proxy_host/proxy_port.
timeout (off|seconds)
Set or unset a network timeout, in seconds. The default is 180 seconds. The
argument off means that no timeout will be set, which means that the operating
system default will be used.
pipelining (auto|on|off)
Enable or disable POP3 pipelining. You should never need to change the default
setting, which is auto: mpop enables pipelining for POP3 servers that advertise
this capability, and disables it for all other servers. Pipelining can speed up a
POP3 session substantially.
auth [(on|method)]
Choose an authentication method. The default argument on chooses a method
automatically.
Usually a user name and a password are used for authentication. The user name is
specified in the configuration file with the user command. There are five different
methods to specify the password:
1. Add the password to the system key ring. Currently supported key rings are the
Gnome key ring and the Mac OS X Keychain. For the Gnome key ring, use the command
secret-tool (part of Gnome's libsecret) to store passwords: secret-tool store
--label=mpop host pop.freemail.example service pop3 user joe.smith. On Mac OS X,
use the following command: security add-internet-password -s pop.freemail.example
-r pop3 -a joe.smith -w. In both examples, replace pop.freemail.example with the
POP3 server name, and joe.smith with your user name.
2. Store the password in an encrypted files, and use passwordeval to specify a
command to decrypt that file, e.g. using GnuPG. See EXAMPLES.
3. Store the password in the configuration file using the password command.
(Usually it is not considered a good idea to store passwords in cleartext files.
If you do it anyway, you must make sure that the file can only be read by
yourself.)
4. Store the password in ~/.netrc. This method is probably obsolete.
5. Type the password into the terminal when it is required.
It is recommended to use method 1 or 2.
Multiple authentication methods exist. Most servers support only some of them.
Historically, sophisticated methods were developed to protect passwords from being
sent unencrypted to the server, but nowadays everybody needs TLS anyway, so the
simple methods suffice since the whole session is protected. A suitable
authentication method is chosen automatically, and when TLS is disabled for some
reason, only methods that avoid sending cleartext passwords are considered.
The following user / password methods are supported: user (a simple plain text
method supported by all servers), plain (another simple cleartext method, supported
by almost all servers), scram-sha-1 (a method that avoids cleartext passwords),
scram-sha-256 (same but with stronger hash), apop (an obsolete method that avoids
cleartext passwords, but is not considered secure anymore), cram-md5 (an obsolete
method that avoids cleartext passwords, but is not considered secure anymore),
digest-md5 (an overcomplicated obsolete method that avoids cleartext passwords, but
is not considered secure anymore), login (a non-standard cleartext method similar
to but worse than the plain method), ntlm (an obscure non-standard method that is
now considered broken; it sometimes requires a special domain parameter passed via
ntlmdomain).
There are currently three authentication methods that are not based on user /
password information and have to be chosen manually: oauthbearer or its predecessor
xoauth2 (an OAuth2 token from the mail provider is used as the password. See the
documentation of your mail provider for details on how to get this token. The
passwordeval command can be used to pass the regularly changing tokens into mpop
from a script or an environment variable), external (the authentication happens
outside of the protocol, typically by sending a TLS client certificate, and the
method merely confirms that this authentication succeeded), and gssapi (the
Kerberos framework takes care of secure authentication, only a user name is
required).
It depends on the underlying authentication library and its version whether a
particular method is supported or not. Use --version to find out which methods are
supported.
user login
Set the user name for authentication. An empty argument unsets the user name.
password secret
Set the password for authentication. An empty argument unsets the password.
Consider using the passwordeval command or a key ring instead of this command, to
avoid storing cleartext passwords in the configuration file.
passwordeval [cmd]
Set the password for authentication to the output (stdout) of the command cmd.
This can be used e.g. to decrypt password files on the fly or to query key rings,
and thus to avoid storing cleartext passwords.
ntlmdomain [domain]
Set a domain for the ntlm authentication method. This is obsolete.
tls [(on|off)]
Enable or disable TLS (also known as SSL) for secured connections.
Transport Layer Security (TLS) "... provides communications privacy over the
Internet. The protocol allows client/server applications to communicate in a way
that is designed to prevent eavesdropping, tampering, or message forgery" (quote
from RFC2246).
A server can use TLS in one of two modes: via a STARTTLS command (the session
starts with the normal protocol initialization, and TLS is then started using the
protocol's STARTTLS command), or immediately (TLS is initialized before the normal
protocol initialization; this requires a separate port). The first mode is the
default, but you can switch to the second mode by disabling tls_starttls.
When TLS is started, the server sends a certificate to identify itself. To verify
the server identity, a client program is expected to check that the certificate is
formally correct and that it was issued by a Certificate Authority (CA) that the
user trusts. (There can also be certificate chains with intermediate CAs.)
The list of trusted CAs is specified using the tls_trust_file command. The default
value ist "system" and chooses the system-wide default, but you can also choose the
trusted CAs yourself.
A fundamental problem with this is that you need to trust CAs. Like any other
organization, a CA can be incompetent, malicious, subverted by bad people, or
forced by government agencies to compromise end users without telling them. All of
these things happened and continue to happen worldwide. The idea to have central
organizations that have to be trusted for your communication to be secure is
fundamentally broken.
Instead of putting trust in a CA, you can choose to trust only a single certificate
for the server you want to connect to. For that purpose, specify the certificate
fingerprint with tls_fingerprint. This makes sure that no man-in-the-middle can
fake the identity of the server by presenting you a fraudulent certificate issued
by some CA that happens to be in your trust list. However, you have to update the
fingerprint whenever the server certificate changes, and you have to make sure that
the change is legitimate each time, e.g. when the old certificate expired. This is
inconvenient, but it's the price to pay.
Information about a server certificate can be obtained with --serverinfo --tls
--tls-certcheck=off. This includes the issuer CA of the certificate (so you can
trust that CA via tls_trust_file), and the fingerprint of the certificate (so you
can trust that particular certificate via tls_fingerprint).
TLS also allows the server to verify the identity of the client. For this purpose,
the client has to present a certificate issued by a CA that the server trusts. To
present that certificate, the client also needs the matching key file. You can set
the certificate and key files using tls_cert_file and tls_key_file. This mechanism
can also be used to authenticate users, so that traditional user / password
authentication is not necessary anymore. See the external mechanism in auth.
You can also use client certificates stored on some external authentication device
by specifying GnuTLS device URIs in tls_cert_file and tls_key_file. You can find
the correct URIs using p11tool --list-privkeys --login (p11tool is bundled with
GnuTLS). If your device requires a PIN to access the data, you can specify that
using one of the password mechanisms (e.g. passwordeval, password).
tls_starttls [(on|off)]
Choose the TLS variant: start TLS from within the session (on, default), or tunnel
the session through TLS (off).
tls_trust_file file
Activate server certificate verification using a list of trusted Certification
Authorities (CAs). The default is the special value "system", which selects the
system default. An empty argument disables trust in CAs. If you select a file, it
must be in PEM format, and you should also use tls_crl_file.
tls_crl_file [file]
Deprecated. This sets a certificate revocation list (CRL) file for TLS, to check
for revoked certificates (an empty argument, which is the default, disables this).
Nowadays automatic OCSP checks replace CRL file checks.
tls_fingerprint [fingerprint]
Set the fingerprint of a single certificate to accept for TLS. This certificate
will be trusted regardless of its contents (this overrides tls_trust_file). The
fingerprint should be of type SHA256, but can for backwards compatibility also be
of type SHA1 or MD5 (please avoid this). The format should be 01:23:45:67:....
Use --serverinfo --tls --tls-certcheck=off --tls-fingerprint= to get the server
certificate fingerprint.
tls_key_file file
Send a client certificate to the server (use this together with tls_cert_file}).
The file must contain the private key of a certificate in PEM format. An empty
argument disables this feature.
tls_cert_file file
Send a client certificate to the server (use this together with tls_key_file). The
file must contain a certificate in PEM format. An empty argument disables this
feature.
tls_certcheck [(on|off)]
Enable or disable checks of the server certificate. They are enabled by default.
Disabling them will override tls_trust_file and tls_fingerprint. WARNING: When the
checks are disabled, TLS sessions will not be secure!
tls_priorities [priorities]
Set priorities for TLS session parameters. The default is set by the TLS library
and can be selected by using an empty argument to this command. The interpretation
of the priorities string depends on the TLS library. Use --version to find out
which TLS library you use.
For GnuTLS, see the section on Priority Strings in the manual.
For libtls, the priorites string is a space-separated list of parameter strings
prefixed with either PROTOCOLS=, CIPHERS=, or ECDHECURVES=. These parameter strings
will be passed to the functions tls_config_parse_protocols, tls_config_set_ciphers,
and tls_config_set_ecdhecurves. Unrecognized parts of the priorities string will be
ignored. Example: "PROTOCOLS=TLSv1.3 CIPHERS=ECDHE-RSA-AES128-SHA256
ECDHECURVES=P-384".
tls_host_override [host]
By default, TLS host verification uses the host name given by the host command.
This command allows one to use a different host name for verification. This is only
useful in special cases.
tls_min_dh_prime_bits [bits]
Deprecated, use tls_priorities instead. Set or unset the minimum number of Diffie-
Hellman (DH) prime bits accepted for TLS sessions. The default is set by the TLS
library and can be selected by using an empty argument to this command. Only lower
the default (for example to 512 bits) if there is no other way to make TLS work
with the remote server.
delivery method method_arguments...
How to deliver messages received from this account.
delivery mda command
Deliver the mails through a mail delivery agent (MDA).
All occurrences of %F in the command will be replaced with the envelope from
address of the current message (or MAILER-DAEMON if none is found). Note
that this address is guaranteed to contain only letters a-z and A-Z, digits
0-9, and any of ".@_-+/", even though that is only a subset of what is
theoretically allowed in a mail address. Other characters, including those
interpreted by the shell, are replaced with "_". Nevertheless, you should
put %F into single quotes: '%F'.
Use "delivery mda /usr/bin/procmail -f '%F' -d $USER" for the procmail MDA.
Use "delivery mda /usr/sbin/sendmail -oi -oem -f '%F' -- $USER" to let your
MTA handle the mail.
Use "delivery mda /usr/local/bin/msmtp --host=localhost --from='%F' --
$USER@`hostname`.`dnsdomainname`" to pass the mail to your MTA via SMTP.
(This is what fetchmail does by default.)
delivery maildir directory
Deliver the mails to the given maildir directory. The directory must exist
and it must have the maildir subdirectories cur, new, and tmp; mpop will not
create directories. This delivery type only works on file systems that
support hard links.
delivery mbox mbox-file
Deliver the mails to the given file in mbox format. The file will be locked
with fcntl(2). mpop uses the MBOXRD mbox format variant; see the
documentation of the mbox format.
delivery exchange directory
Deliver the mails to the given Exchange pickup directory. The directory must
exist.
If the delivery method needs to parse the mail headers for an envelope from address
(the mda method if the command contains %F, and the mbox method), then it needs to
create a temporary file to store the mail headers (but not the body) in. See
$TMPDIR in the FILES / ENVIRONMENT section.
uidls_file filename
The file to store UIDLs in. These are needed to identify new messages. %U in the
filename will be replaced by the username of the current account. %H in the
filename will be replaced by the hostname of the current account. If the filename
contains directories that do not exist, mpop will create them. mpop locks this
file for exclusive access when accessing the associated POP3 account.
The default value is "~/.mpop_uidls/%U_at_%H". You can also use a single UIDLS file
for multiple accounts, but then you cannot poll more than one of these accounts at
the same time.
only_new [(on|off)]
By default, mpop processes only new messages (new messages are those that were not
already successfully retrieved in an earlier session). If this option is turned
off, mpop will process all messages.
keep [(on|off)]
Keep all mails on the POP3 server, never delete them. The default behaviour is to
delete mails that have been successfully retrieved or filtered by kill filters.
killsize (off|size)
Mails larger than the given size will be deleted (unless the keep command is used,
in which case they will just be skipped). The size argument must be zero or
greater. If it is followed by a `k' or an `m', the size is measured in
kibibytes/mebibytes instead of bytes. Note that some POP3 servers report slightly
incorrect sizes for mails; see NOTES below.
When killsize is set to 0 and keep is set to on, then all mails are marked as
retrieved, but no mail gets deleted from the server. This can be used to
synchronize the UID list on the client to the UID list on the server.
skipsize (off|size)
Mails larger than the given size will be skipped (not downloaded). The size
argument must be zero or greater. If it is followed by a `k' or an `m', the size is
measured in kibibytes/mebibytes instead of bytes. Note that some POP3 servers
report slightly incorrect sizes for mails; see NOTES below.
filter [command]
Set a filter which will decide whether to retrieve, skip, or delete each mail by
investigating the mail's headers. The POP3 server must support the POP3 TOP command
for this to work; see option --serverinfo above. An empty argument disables
filtering.
All occurrences of %F in the command will be replaced with the envelope from
address of the current message (or MAILER-DAEMON if none is found). Note that this
address is guaranteed to contain only letters a-z and A-Z, digits 0-9, and any of
".@_-+/", even though that is only a subset of what is theoretically allowed in a
mail address. Other characters, including those interpreted by the shell, are
replaced with "_". Nevertheless, you should put %F into single quotes: '%F'.
All occurrences of %S in the command will be replaced with the size of the current
mail as reported by the POP3 server.
The mail headers (plus the blank line separating the headers from the body) will be
piped to the command. Based on the return code, mpop decides what to do with the
mail:
0: proceed normally; no special action
1: delete the mail; do not retrieve it
2: skip the mail; do not retrieve it
Return codes greater than or equal to 3 mean that an error occurred. The sysexits.h
error codes may be used to give information about the kind of the error, but this
is not necessary.
received_header [(on|off)]
Enable or disable adding a Received header. By default, mpop prepends a Received
header to the mail during delivery. This is required by the RFCs if the mail is
subsequently further delivered e.g. via SMTP.
FILTERING
There are three filtering commands available. They will be executed in the following
order:
killsize
skipsize
filter
If a filtering command applies to a mail, the remaining filters will not be executed.
EXAMPLES
Configuration file
# Example for a user configuration file ~/.mpoprc
#
# This file focusses on TLS, authentication, and the mail delivery method.
# Features not used here include mail filtering, timeouts, SOCKS proxies,
# TLS parameters, and more.
# Set default values for all following accounts.
defaults
# Always use TLS.
tls on
# Set a list of trusted CAs for TLS. The default is to use system settings, but
# you can select your own file.
#tls_trust_file /etc/ssl/certs/ca-certificates.crt
# Deliver mail to an MBOX mail file:
delivery mbox ~/Mail/inbox
# Deliver mail to a maildir folder:
#delivery maildir ~/Mail/incoming
# Deliver mail via procmail:
#delivery mda "/usr/bin/procmail -f '%F' -d $USER"
# Deliver mail via the local SMTP server:
#delivery mda "/usr/bin/msmtp --host=localhost --from='%F' -- $USER"
# Deliver mail to an Exchange pickup directory:
#delivery exchange c:\exchange\pickup
# Use an UIDLS file in ~/.local/share instead of ~/.mpop_uidls
uidls_file ~/.local/share/%U_at_%H
# A freemail service
account freemail
# Host name of the POP3 server
host pop.freemail.example
# As an alternative to tls_trust_file, you can use tls_fingerprint
# to pin a single certificate. You have to update the fingerprint when the
# server certificate changes, but an attacker cannot trick you into accepting
# a fraudulent certificate. Get the fingerprint with
# $ mpop --serverinfo --tls --tls-certcheck=off --host=pop.freemail.example
#tls_fingerprint 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33
# Authentication. The password is given using one of five methods, see below.
user joe.smith
# Password method 1: Add the password to the system keyring, and let mpop get
# it automatically. To set the keyring password using Gnome's libsecret:
# $ secret-tool store --label=mpop \
# host pop.freemail.example \
# service pop3 \
# user joe.smith
# Password method 2: Store the password in an encrypted file, and tell mpop
# which command to use to decrypt it. This is usually used with GnuPG, as in
# this example. Usually gpg-agent will ask once for the decryption password.
passwordeval gpg2 --no-tty -q -d ~/.mpop-password.gpg
# Password method 3: Store the password directly in this file. Usually it is not
# a good idea to store passwords in cleartext files. If you do it anyway, at
# least make sure that this file can only be read by yourself.
#password secret123
# Password method 4: Store the password in ~/.netrc. This method is probably not
# relevant anymore.
# Password method 5: Do not specify a password. Mpop will then prompt you for
# it. This means you need to be able to type into a terminal when mpop runs.
# A second mail box at the same freemail service
account freemail2 : freemail
user joey
# The POP3 server of your ISP
account isp
host mail.isp.example
auth on
user 12345
# Your ISP runs SpamAssassin, so test each mail for the "X-Spam-Status: Yes"
# header, and delete all mails with this header before downloading them.
filter if [ "`grep "^X-Spam-Status: Yes"`" ]; then exit 1; else exit 0; fi
# Set a default account
account default : freemail
Filtering with SpamAssassin
The command filter "/path/to/spamc -c > /dev/null" will delete all mails that SpamAssassin
thinks are spam. Since no message body is passed to SpamAssassin, you should disable all
body-specific tests in the SpamAssassin configuration file; for example set use_bayes 0.
If your mail provider runs SpamAssassin for you, you just have to check for the result.
The following script can do that when used as an mpop filter:
#!/bin/sh
if [ "`grep "^X-Spam-Status: Yes"`" ]; then
exit 1 # kill this message
else
exit 0 # proceed normally
fi
Since the filter command is passed to a shell, you can also use this directly:
filter if [ "`grep "^X-Spam-Status: Yes"`" ]; then exit 1; else exit 0; fi
Using mpop with Tor
Use the following settings:
proxy_host 127.0.0.1
proxy_port 9050
tls on
Use an IP address as proxy host name, so that mpop does not leak a DNS query when
resolving it.
TLS is required to prevent exit hosts from reading your POP3 session.
FILES
~/.mpoprc or $XDG_CONFIG_HOME/mpop/config
Default configuration file.
~/.mpop_uidls
Default directory to store UIDLs files in.
~/.netrc and SYSCONFDIR/netrc
The netrc file contains login information. Before prompting for a password, msmtp
will search it in ~/.netrc and SYSCONFDIR/netrc.
ENVIRONMENT
$USER, $LOGNAME
These variables override the user's login name. $LOGNAME is only used if $USER is
unset. The user's login name is used for Received headers.
$TMPDIR
Directory to create temporary files in. If this is unset, a system specific default
directory is used.
AUTHOR
mpop was written by Martin Lambers <marlam@marlam.de>
Other authors are listed in the AUTHORS file in the source distribution.
SEE ALSO
procmail(1), spamassassin(1), netrc(5) or ftp(1), mbox(5), fcntl(2)
2022-06 MPOP(1)