- I was searching for a minimalistic email setup.
- Here's how I installed the command-line email client Neomutt with a Gmail account.
- I solved some problems and got it working.
I try to claim back my inbox. Many blog posts advertise tips and tricks on how to spend less time on email. However, I'm on a quest to find my own efficient and minimalistic email setup. Constantly opening the basic Gmail window in a browser tab has been my primary interface for a long time. I've been spending a lot of time in a console recently, and a command-line email setup could be one viable option. The Mutt E-Mail Client is one popular option among command line MUA users. Its original author has stated that:
“All mail clients suck. This one just sucks less.” (Michael Elkins, ca 1995)
So probably, I just try to find an email setup that sucks less than other setups. Anyway, while trying out Mutt, I also stumbled upon Neomutt. It's a fork of Mutt with added features, so why not try it?
brew install neomutt
Neomutt searches for a configuration file, and the existing original Mutt configuration file .muttrc can be used. There is also a possibility to use a separate file just for Neomutt called .neomuttrc.
Here is a basic configuration setup for Gmail and G Suite. It has a security issue regarding saving passwords in a configuration file. The issue is addressed later in this post.
# Configure Internet Message Access Protocol for reading mail
# Username and password for your Gmail or G Suite account
set imap_user = "email@example.com"
set imap_pass = "YOURSECRETPASSWORD"# Specifies the default location of your mailboxes
set folder = "imaps://imap.gmail.com:993"# Configure Simple Mail Transfer Protocol for sending mail
set smtp_url = "smtp://firstname.lastname@example.org@smtp.gmail.com:587"
set smtp_pass = "YOURSECRETPASSWORD"# Location of inbox
set spoolfile = "+INBOX"
# Location of drafts
set postponed = "+[GMail]/Drafts"# Activate caching, as it can greatly improve speed
set header_cache = "~/.mutt/cache/headers"
set message_cachedir = "~/.mutt/cache/bodies"# Disable saving outgoing mail since Gmail saves them by default. set record = ""
smtp_url is different depending on whether you use Gmail or G Suite with your own domain:
# for Gmail users
set smtp_url = "smtps://email@example.com:587"# for G Suite with own domain
set smtp_url = "smtps://firstname.lastname@example.org@smtp.gmail.com:587"
You can find more mail locations on the Google Developer site.
In addition to the configuration file settings, some other setup is needed. Neomutt needs access rights to the Google server, which is done by enabling less secure apps to access your account.
Gmail and Less Secure Apps
Neomutt does not meet the security standards of Gmail, which causes Google to block connections, and Neomutt won't work. You have to let less secure apps access your account.
Passwords and Security
It's not a good idea to save passwords in a configuration file as it is a security issue. One option is to let Neomutt prompt passwords each time. Another option is to use application-specific passwords and save them in an encrypted file. In this last scenario, passwords are decrypted and read automatically.
No authenticators available -problem
I encountered a problem when sending mail. The basic installation worked for receiving mail, but sending mail was not working. Neomutt advised there were "No authenticators available." The advice has something to do with SMTP authentication. You can set authentication in the neomutt configuration file using the following:
set smtp_authenticators = ""
Neomutt's documentation states that:
Authentication methods are any SASL mechanism, e.g. “plain”, “digest-md5”, “gssapi” or “cram-md5”. … If it is “unset” (the default) NeoMutt will try all available methods, in order from most-secure to least-secure. Support for the “plain” mechanism is bundled; other mechanisms are provided by an external SASL library …
I was probably missing some SASL library. Could Neomutt still work without them? As documentation states, Neomutt should try all available methods in order, but somehow it was not working. Support for the plain SASL mechanism should be bundled, so let's try if we could use that by defining it in the configuration file.
But let's first check what authentication methods Gmail uses and if plain is supported. Let's connect smtp.gmail.com:587 using Swaks (Swiss Army Knife for SMTP). Port 587 requires TLS, and that's what Neomutt is going to use.
swaks -t email@example.com -s smtp.gmail.com:587 -tls
Swaks output shows what is happening during the SMTP conversation. As presented in RFC4954, after starting the TLS connection, the SMTP server introduces possible SMTP authorization methods, which in Gmail are the following:
<~ 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH ...
The plain method is supported. Some solutions I found suggested adding set smtp_authenticators= "gssapi:login" into the configuration file. However, GSSAPI (Generic Security Services Application Program Interface) seems to be not supported by the Gmail SMTP server. As swaks output revealed, in Neomutt's case, "login" and "plain" could be used as others are passwordless authentication mechanisms.
set smtp_authenticators = "plain"
Plain SASL sends passwords in unencrypted form. Since the connection uses TLS, this should be reasonably safe. To make sure, we can force using TLS by setting:
set ssl_force_tls = yes
The final configuration file
The final and working (disclaimer: It works on my machine.) .muttrc configuration file now looks something like in this Gist.
You can find more configuration options in Neomutt documentation.
I try to find an efficient and minimalistic email setup. One option is to use command-line email clients like Mutt or Neomutt. I installed Neomutt on my macOS and used it for my Gmail account. There were some minor problems and security issues. Finally, I got it to work.