Re: smtp_pass: why is it unneeded?
Thus spake Kyle Wheeler [06/24/08 @ 12.15.21 -0500]:
> On Tuesday, June 24 at 12:20 PM, quoth dv1445@xxxxxxxxx:
> >> So... your IMAP server will let you log in without a password?
> >
> > No, but once I'm reading my mail, an "unset imap_pass" together with
> > "unset smtp_pass" still allows me to send.
>
> Ahh, yeah. Of course, mutt only consults $imap_pass if it needs to
> open a new IMAP connection. Existing connections don't need passwords,
> obviously.
>
> The thing about this type of setup is that it often relies on
> timeouts. As you (the client) change IP addresses, the server doesn't
> want to slowly open itself up to the whole world. So what often
> happens is that your IP is only approved to send mail for a certain
> amount of time (say, 15 minutes) after you log in (this policy makes
> more sense for POP3-before-SMTP, but the same tools are frequently
> used for IMAP-before-SMTP as well). Thus, if you tend to have long
> IMAP sessions (i.e. if you leave mutt open for hours on end), it's
> probably a good idea to use SMTP-AUTH even if your system uses an
> IMAP-before-SMTP approach.
This could indeed be what my server is doing, for all I know. I just
discovered the password-less behavior today, and all my testing was done within
seconds of starting mutt. So for all I know, after say half an hour I might
not be able to send mail without resetting smtp_pass. I'll leave smtp_pass
intact, then.
Thanks.
-g