IMAP configuration

imap.host (required)

Represents the IMAP server hostname.

imap.port (required)

Represents the IMAP server port.

imap.login (required)

Represents the IMAP account login.

imap.passwd/oauth2 (required)

The IMAP account authentication mechanism:

  • imap.passwd: Regular password authentication.

    • imap.passwd.raw: Raw password (unsafe, not recommanded). [string]

    • imap.passwd.cmd: Password retrieved from the given shell command. [string]

    • imap.passwd.keyring: Password retrieved from your system’s default password manager at the given entry. [string]

  • imap.oauth2: OAuth 2.0 authorization mechanism. This mechanism requires additional options:

    • imap.oauth2.client-id (required): Client identifier issued to the client during the registration process described by Section 2.2. [string]

    • imap.oauth2.auth-url (required): URL of the authorization server’s authorization endpoint. [string]

    • imap.oauth2.token-url (required): URL of the authorization server’s token endpoint. [string]

    • imap.oauth2.method: OAuth 2.0 authentication method. Default: XOAUTH. [XOAUTH|OAUTHBEARER]

    • imap.oauth2.client-secret: Override how the client secret is retrieved:

      • imap.oauth2.client-secret.raw: Raw client secret (unsafe, not recommanded). [string]

      • imap.oauth2.client-secret.cmd: Client secret retrieved from the given shell command. [string]

      • imap.oauth2.client-secret.keyring: Client secret retrieved from your system’s default password manager at the given entry. [string]

      If omitted, the client secret is retrieves from your system’s default password manager at the entry <account-name>-imap.oauth2-client-secret.

    • imap.oauth2.access-token: Override how the access token is retrieved:

      • imap.oauth2.access-token.raw: Raw access token (for debugging purpose). [string]

      • imap.oauth2.access-token.cmd: Access token retrieved from the given shell command. [string]

      • imap.oauth2.access-token.keyring: Access token retrieved from your system’s default password manager at the given entry. [string]

      If omitted, the access token is retrieves from your system’s default password manager at the entry <account-name>-imap.oauth2-access-token.

    • imap.oauth2.refresh-token: Override how the refresh token is retrieved:

      • imap.oauth2.refresh-token.raw: Raw refresh token (for debugging purpose). [string]

      • imap.oauth2.refresh-token.cmd: Refresh token retrieved from the given shell command. [string]

      • imap.oauth2.refresh-token.keyring: Refresh token retrieved from your system’s default password manager at the given entry. [string]

      If omitted, the refresh token is retrieves from your system’s default password manager at the entry <account-name>-imap.oauth2-refresh-token.

    • imap.oauth2.pkce: Enable the Proof Key of Code Exchange. [bool]

    • imap.oauth2.scope: Access token scope, as defined by the authorization server. Variants possible:

      • imap.oauth2.scope: One scope. [string]

      • imap.oauth2.scopes: One or more scopes. [list[string]]

imap.encryption

The IMAP encryption protocol to use.

  • imap.encryption = "tls" | true (default): use required encryption (SSL/TLS).

  • imap.encryption = "start-tls": use opportunistic encryption (StartTLS).

  • imap.encryption = "none" | false: do not use any encryption.

imap.watch.timeout

Customize the timeout used to refresh the IMAP IDLE command in background.

Defaults to 29 min as defined in the RFC.

Examples

backend = "imap"

imap.host = "imap.localhost"
imap.port = 993
imap.login = "test@localhost"
imap.encryption = "tls"
imap.auth = "passwd"
# you can use directly your password from the config (unsafe, not recommanded):
imap.passwd.raw = "<your-password>"
# you can retrieve your app password via a shell command:
imap.passwd.cmd = "pass show my-account"
# supports pipelines:
imap.passwd.cmd = ["pass show my-account", "head -1"]
# you can also use the keyring system and override the entry name:
imap.passwd.keyring = "my-account-imap.passwd"

backend = "imap"

imap.host = "imap.localhost"
imap.port = 993
imap.login = "test@localhost"
imap.auth = "oauth2"
imap.oauth2.client-id = "my-oauth2-client-id"
imap.oauth2.auth-url = "http://localhost/oauth2/auth"
imap.oauth2.token-url = "http://localhost/oauth2/token"
imap.oauth2.pkce = true
imap.oauth2.scope = "all"
imap.encryption = true