Mutt
What is Mutt?
Mutt is a small but very powerful text based program for reading and sending electronic mail under unix operating systems, including support for color terminals, MIME, OpenPGP, and a threaded sorting mode.
Installation
- Debian/Ubuntu Linux:
sudo apt install mutt
Configuration
Edit ~/.mutt/muttrc. Choose either IMAP or POP. What is the difference between IMAP and POP email servers?
Personal information
Add the following lines to ~/.mutt/muttrc:
# Account set realname = 'Foo Bar' set from = foo@riseup.net # Send set smtp_url = smtps://$imap_user@mail.riseup.net/ set smtp_pass = $imap_pass # Connection set ssl_force_tls = yes set ssl_starttls = yes
Using IMAP with mutt
Add the following lines to ~/.mutt/muttrc:
# Receive set imap_user = foo@riseup.net set imap_pass = 'password' set folder = imaps://foo@mail.riseup.net/ set imap_check_subscribed # Folder set spoolfile = +INBOX set postponed = +Drafts set record = +Sent
Using POP with mutt
Look at wiki.archlinux.org/index.php/Mutt#POP3 for more info.
Enhance your email security
- Encrypt your mail! For enhanced message security use Encrypted Email.
- There are many vulnerabilities with how secure connections work. If you need high security, you should always connect to Riseup services using the Riseup VPN. This will prevent a long list of potential attacks against your communication.
- To enhance connection security you can use Onion Service configuration to connect to Riseup’s .torify.net services for IMAP and SMTP. Look for the onion address for mail.riseup.net and smtp.riseup.net addresses and use those instead. Note: * SMTP port 465 is often blocked by exit nodes, but port 587 is less frequently blocked. If you have a problem sending mail, try port 587 or configure your client to use Riseup’s email hidden service in place of the regular
mail.riseup.netdomain. This is better than sending traffic through a Tor exit as it is MITM resistant, but it will generate certificate errors on the client side.
Using Encrypted Email in mutt
- Setup OpenPGP
- Add the following lines to ~/.mutt/muttrc and change
0xDBD0F842with sec key ingpg -K
set pgp_decode_command="gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f" set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f" set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f" set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f" set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f" set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0xDBD0F842 -- -r %r -- %f" set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xDBD0F842 -- -r %r -- %f" set pgp_import_command="gpg --no-verbose --import -v %f" set pgp_export_command="gpg --no-verbose --export --armor %r" set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r" set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys %r" set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r" set pgp_autosign=yes set pgp_sign_as=0xDBD0F842 set postpone_encrypt_as=0xDBD0F842 set postpone_encrypt=yes set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign="^gpg: Good signature from"
Using Onion Service configuration with mutt
For added security, access our mail service via Tor hidden service.
- Setup Tor.
- Replace the
mail.riseup.netwith the corresponding “.torify.net” address found on the Onion Service configuration page (in ~/.mutt/muttrc). - Add
alias mutt="torify mutt 2>/dev/null"to ~/.bashrc or ~/.zshenv. For fish users, addalias mutt="torify mutt ^ /dev/null"to ~/.config/fish/config.fish
Enjoy using mutt! Look at wiki.archlinux.org/index.php/Mutt for more info.