Python bindings for offlineimap to use gpg instead of storing cleartext passwords
Requirements: a working GPG set-up. Ideally with gpg-agent. Should work out of the box on most modern Linux desktop environments.
-
Enable IMAP in gmail (if you have two factor authentication, you need to create an app-specific password)
-
Create a directory
~/Mail
-
In
~/Mail
, create a password filepasswords-gmail.txt
. Format:account@gmail.com password
. Look at the example file in this directory. -
ENCRYPT the file:
gpg -e passwords-gmail.txt
. It should create a filepasswords-gmail.txt.gpg
. Check you can decrypt it:gpg -d passwords-gmail.txt.gpg
: it will ask you for your GPG password and show it to you. -
Copy
offlineimaprc
in your home directory as.offlineimaprc
and edit it by following the comments. Minimal items to configure: theremoteuser
field and thepythonfile
parameter pointing at theofflineimap.py
file in this directory. -
Run it:
offlineimap
. It should ask you for your GPG passphrase to decrypt the password file. -
If all works well, delete the cleartext password file.