IMAP configuration

left|right.backend.type (required)

[accounts.example]
left.backend.type = "imap"

left|right.backend.host (required)

The IMAP server hostname.

[accounts.example]
right.backend.type = "imap"
right.backend.host = "localhost"

left|right.backend.port (required)

The IMAP server port.

[accounts.example]
left.backend.type = "imap"
left.backend.port = 3143

left|right.backend.encryption

The IMAP encryption protocol to use.

  • left|right.backend.encryption = "tls" | true (default): use required encryption (SSL/TLS).

  • left|right.backend.encryption = "start-tls": use opportunistic encryption (StartTLS).

  • left|right.backend.encryption = "none" | false: do not use any encryption.

[accounts.example]
right.backend.type = "imap"
right.backend.encryption = "tls"

left|right.backend.login (required)

The IMAP account login.

[accounts.example]
right.backend.type = "imap"
right.backend.login = "example@localhost"

left|right.backend.passwd|oauth2 (required)

The IMAP account authentication mechanism.

left|right.backend.passwd

Regular password authentication.

  • left|right.backend.passwd.raw: Raw password (unsafe, not recommanded). [string]

  • left|right.backend.passwd.cmd: Password retrieved from the given shell command. [string]

  • left|right.backend.passwd.keyring: Password retrieved from your system’s default password manager at the given entry. [string]

left|right.backend.oauth2

OAuth 2.0 authorization mechanism.

  • left|right.backend.oauth2.client-id (required): Client identifier issued to the client during the registration process described by Section 2.2. [string]

  • left|right.backend.oauth2.auth-url (required): URL of the authorization server’s authorization endpoint. [string]

  • left|right.backend.oauth2.token-url (required): URL of the authorization server’s token endpoint. [string]

  • left|right.backend.oauth2.method: OAuth 2.0 authentication method. Default: XOAUTH. [XOAUTH|OAUTHBEARER]

  • left|right.backend.oauth2.client-secret: Override how the client secret is retrieved:

    • left|right.backend.oauth2.client-secret.raw: Raw client secret (unsafe, not recommanded). [string]

    • left|right.backend.oauth2.client-secret.cmd: Client secret retrieved from the given shell command. [string]

    • left|right.backend.oauth2.client-secret.keyring: Client secret retrieved from your system’s default password manager at the given entry. [string]

    If omitted, the client secret is retrieves from your system’s default password manager at the entry <account-name>-left|right.backend.oauth2-client-secret.

  • left|right.backend.oauth2.access-token: Override how the access token is retrieved:

    • left|right.backend.oauth2.access-token.raw: Raw access token (for debugging purpose). [string]

    • left|right.backend.oauth2.access-token.cmd: Access token retrieved from the given shell command. [string]

    • left|right.backend.oauth2.access-token.keyring: Access token retrieved from your system’s default password manager at the given entry. [string]

    If omitted, the access token is retrieves from your system’s default password manager at the entry <account-name>-left|right.backend.oauth2-access-token.

  • left|right.backend.oauth2.refresh-token: Override how the refresh token is retrieved:

    • left|right.backend.oauth2.refresh-token.raw: Raw refresh token (for debugging purpose). [string]

    • left|right.backend.oauth2.refresh-token.cmd: Refresh token retrieved from the given shell command. [string]

    • left|right.backend.oauth2.refresh-token.keyring: Refresh token retrieved from your system’s default password manager at the given entry. [string]

    If omitted, the refresh token is retrieves from your system’s default password manager at the entry <account-name>-left|right.backend.oauth2-refresh-token.

  • left|right.backend.oauth2.pkce: Enable the Proof Key of Code Exchange. [bool]

  • left|right.backend.oauth2.scope: Access token scope, as defined by the authorization server. Variants possible:

    • left|right.backend.oauth2.scope: One scope. [string]

    • left|right.backend.oauth2.scopes: One or more scopes. [list[string]]

Examples

left.backend.type = "imap"
left.backend.host = "localhost"
left.backend.port = 3143
left.backend.encryption = false
left.backend.login = "example@localhost"
left.backend.passwd.raw = "password"

right.backend = "imap"
right.backend.host = "localhost"
right.backend.port = 993
right.backend.login = "example@localhost"
right.backend.oauth2.client-id = "my-oauth2-client-id"
right.backend.oauth2.auth-url = "http://localhost/oauth2/auth"
right.backend.oauth2.token-url = "http://localhost/oauth2/token"
right.backend.oauth2.pkce = true
right.backend.oauth2.scope = "all"
right.backend.encryption = "tls"