~abcdw/rde-discuss

6 3

Keeping mail information private

Details
Message ID
<87k0cb7bhv.fsf@minikn.xyz>
DKIM signature
pass
Download raw message
Hello,

I've recently added a new mail account to my config whose information
(name, user, smtp server, ...) I do not want to share publicly. I was
wondering if there is a neat way to hide that information?

Specifically I'm talking about information like this:

--8<---------------cut here---------------start------------->8---
(mail-account
    (id 'work)
    (fqda "work email")
    (user "user name")
    (type 'work)
    (pass-cmd "pass show /path/to/pass"))


(feature-msmtp #:msmtp-provider-settings
                `((work . ((host . "smtp server")
                            (port . 587)))

(define work-isync-settings
  (generate-isync-serializer "imap server" work-folder-mapping))
--8<---------------cut here---------------end--------------->8---

I guess I could create a .scm while which exports these and just not put
it under (publicially accessible) source control. But that would require
manual step every time I set up a new machine or make changes to said
file. I'd like to avoid that.

Maybe I could encrypt the file with gpg and then decrypt it on the fly
to access it's content whenever needed? But I don't know how to
approacht this.

I mean for passwords we already use (pass-cmd ...) to get the
password. Could be possibly do the same for smtp/imap server and username?



-- 
Best regards / Mit freundlichen Grüßen,
Demis Balbach
Details
Message ID
<87pmlx2vc3.fsf@trop.in>
In-Reply-To
<87k0cb7bhv.fsf@minikn.xyz> (view parent)
DKIM signature
pass
Download raw message
On 2022-03-30 16:37, Demis Balbach wrote:

> Hello,
>
> I've recently added a new mail account to my config whose information
> (name, user, smtp server, ...) I do not want to share publicly. I was
> wondering if there is a neat way to hide that information?
>
> Specifically I'm talking about information like this:
>
> --8<---------------cut here---------------start------------->8---
> (mail-account
>     (id 'work)
>     (fqda "work email")
>     (user "user name")
>     (type 'work)
>     (pass-cmd "pass show /path/to/pass"))
>
>
> (feature-msmtp #:msmtp-provider-settings
>                 `((work . ((host . "smtp server")
>                             (port . 587)))
>
> (define work-isync-settings
>   (generate-isync-serializer "imap server" work-folder-mapping))
> --8<---------------cut here---------------end--------------->8---
>
> I guess I could create a .scm while which exports these and just not put
> it under (publicially accessible) source control. But that would require
> manual step every time I set up a new machine or make changes to said
> file. I'd like to avoid that.
>
> Maybe I could encrypt the file with gpg and then decrypt it on the fly
> to access it's content whenever needed? But I don't know how to
> approacht this.
>
> I mean for passwords we already use (pass-cmd ...) to get the
> password. Could be possibly do the same for smtp/imap server and username?

This is very good idea, but we need a support from msmtp and mbsync for
that.  We can either patch it ourselves or propose the changes to
upstream.  The second option looks better.

We need HostCmd for mbsync, and usereval, hosteval or similiar for msmtp.

Please propose those changes to upstream projects and I'll adjust
implementation to make it possible to obtain all those values from
password-store.

-- 
Best regards,
Andrew Tropin
Details
Message ID
<87ilraivhz.fsf@minikn.xyz>
In-Reply-To
<87pmlx2vc3.fsf@trop.in> (view parent)
DKIM signature
pass
Download raw message
Hello,

`mbsync` has open feature requests dating back to 2012 O_O .. Well, we
have to at least try. I created the feature requests:

- mbsync: https://sourceforge.net/p/isync/feature-requests/17/
- msmtp: https://github.com/marlam/msmtp-mirror/issues/73

-- 
Best regards / Mit freundlichen Grüßen,
Demis Balbach
Details
Message ID
<878rs222jr.fsf@trop.in>
In-Reply-To
<87ilraivhz.fsf@minikn.xyz> (view parent)
DKIM signature
pass
Download raw message
On 2022-04-15 10:47, Demis Balbach wrote:

> Hello,
>
> `mbsync` has open feature requests dating back to 2012 O_O .. Well, we
> have to at least try. I created the feature requests:
>
> - mbsync: https://sourceforge.net/p/isync/feature-requests/17/
> - msmtp: https://github.com/marlam/msmtp-mirror/issues/73

Thank you, let me know when there will be any progress, I'll updated
respective features and will write a documentation for pass usage.

P.S. We still have an option to maintain patches in rde for those
programs to extend there functionality, but let's wait and see on the
progress of those reports first.

-- 
Best regards,
Andrew Tropin
Details
Message ID
<87a69t3rnh.fsf@ngraves.fr>
In-Reply-To
<87pmlx2vc3.fsf@trop.in> (view parent)
DKIM signature
missing
Download raw message
Hi Dennis, Andrew,

I have dealt with this issue with (ice-9 popen) and dealing with output
of the real pass command, in my dotfiles
https://git.sr.ht/~ngraves/dotfiles (and I deal with every private
information this way).

Originally my goal was to rehabilitate and package the library
https://github.com/xatom/gpgme-with-guile, instead of calling popen, but
do not have enough time to deal with it for now.

I'm not entirely sure that there is no risk with this approach however.

Hope it will help, cheers,

Nicolas Graves
Details
Message ID
<87edz43enc.fsf@trop.in>
In-Reply-To
<87a69t3rnh.fsf@ngraves.fr> (view parent)
DKIM signature
pass
Download raw message
On 2022-07-01 15:10, Nicolas Graves wrote:

> Hi Dennis, Andrew,
>
> I have dealt with this issue with (ice-9 popen) and dealing with output
> of the real pass command, in my dotfiles
> https://git.sr.ht/~ngraves/dotfiles (and I deal with every private
> information this way).

This is a nice trick, a little impure, but does the thing.

>
> Originally my goal was to rehabilitate and package the library
> https://github.com/xatom/gpgme-with-guile, instead of calling popen, but
> do not have enough time to deal with it for now.
>
> I'm not entirely sure that there is no risk with this approach however.
>
> Hope it will help, cheers,

Cool literate config, BTW, share your experince with rde when you will
have time!

-- 
Best regards,
Andrew Tropin
Details
Message ID
<87czdn66ph.fsf@minikn.xyz>
In-Reply-To
<87pmlx2vc3.fsf@trop.in> (view parent)
DKIM signature
pass
Download raw message
Hello!

> Hope it will help, cheers,

Thank you Nicolas. I haven't had much time recently. Took a brief look
at your config. Seems pretty sophisticated for a noob like me :P

I'll check it out soon!

-- 
Best regards / Mit freundlichen Grüßen,
Demis Balbach
Reply to thread Export thread (mbox)