oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button

Secure Mail Reading on Mac OS X
Pages: 1, 2, 3

Setting up Mail

Now we turn to Mail, which we shall configure in a counterintuitive fashion to suit our needs. (I will note at this point that any good mail client will work here; before Mail, I pulled this same trick with Eudora. During those pre-version 10.1 days, in fact, it was the best client I could find, but since then Mail has given me more reasons to appreciate it. Anyway, if you do use a different client, adapt the specific instructions below as necessary.)

Select Preferences... from the File menu, and create a new account. Set it up in some fashion resembling this illustration. The key point is the field for your mail host; instead of filling in the name of your mail host, stretch the truth and type localhost here. (Localhost, in case you didn't know, is the traditional first-person pronoun for Unix machines. It maps to the IP address, aka the loopback address, which every Unix machine attaches to itself.)

Mail Preferences

Note: I happen to have my SMTP host defined as localhost as well, since I have Sendmail running on my Mac, allowing me to use it as an outgoing mail server. However, you can use your mail host here instead -- just don't use authentication with it (by checking that checkbox and filling out those bottom two fields), as that would send your password to it out in the open, and render all our work here rather pointless. (If your mail host insists on using SMTP authentication, well, that's a good excuse for you to set up Sendmail locally, isn't it?)

Now click the "Account Options" tab and supply the same port number you decided on earlier -- that would be port 1430, if you chose to follow this example exactly.

Using Port 1430

If all goes as it should, checking mail at this account will cause your Mac to reach into its own bellybutton and somehow pull out email from your remote mail host. Neato! (You may want to test this by sending some mail to yourself.)

So these are a couple of ways to read your email without letting the questionably scrupled read your login information. Speaking as one who has learned the hard way about security, I can confidently say that a little paranoia goes a long way on today's Internet.



<shill>For an exhaustive SSH reference, consult the O'Reilly & Associates book SSH: The Secure Shell (the snail book), available in fine online and dead tree editions.</shill>

Your Mac also has man pages dedicated to the topics we bring up here, under ssh, scp, and ssh-keygen. You can also peek at the sshd man page to learn about running SSH services on your Mac. (You can read man pages via the man command in Terminal, or through third-party software such as Carl Lindberg's ManOpen.


As noted in this article, PGP is a popular program for encrypting the actual text of email messages. Unencrypted email is much easier to intercept and read; even if you use methods such as described in this article to fetch it securely from your mail host, it still probably traveled as cleartext between the sender and your server. You may want to check out The OS X port of GnuPG (an open-source PGP clone), as well as the International PGP Home Page. There's also Simson Garfinkel's O'Reilly book about PGP.