Replace many add(s, NULL) with mh_xstrdup(s).

[nmh] / man / msgchk.man

diff --git a/man/msgchk.man b/man/msgchk.man
index 5b02c52ce1e510172429913cf670265c41c1323a..eb356c227d36a65528d7c84efafda8fc892bedbe 100644 (file)
--- a/man/msgchk.man
+++ b/man/msgchk.man
@@ -1,4 +1,4 @@
-.TH MSGCHK %manext1% "November 25, 2014" "%nmhversion%"
+.TH MSGCHK %manext1% "October 9, 2016" "%nmhversion%"
 .\"
 .\" %nmhwarning%
 .\"
@@ -8,6 +8,8 @@ msgchk \- check for messages
 .HP 5
 .na
 .B msgchk
+.RB [ \-help ]
+.RB [ \-version ]
 .RB [ \-date " | " \-nodate ]
 .RB [ \-notify
 all/mail/nomail ]
@@ -17,16 +19,17 @@ all/mail/nomail ]
 .IR hostname ]
 .RB [ \-user
 .IR username ]
-.RB [ \-sasl ]
+.RB [ \-sasl " | " \-nosasl ]
 .RB [ \-saslmech
 .IR mechanism ]
-.RB [ \-oauth
+.RB [ \-initialtls ]
+.RB [ \-notls ]
+.RB [ \-certverify " | " \-nocertverify ]
+.RB [ \-authservice
 .IR service ]
 .RB [ \-snoop ]
 .RI [ users
 \&... ]
-.RB [ \-version ]
-.RB [ \-help ]
 .ad
 .SH DESCRIPTION
 The
@@ -100,7 +103,7 @@ For debugging purposes, there is also a switch
 which will
 allow you to watch the POP transaction take place between you and the
 POP server.  If
-.B \-oauth
+.B \-sasl \-saslmech xoauth2
 is used, the HTTP transaction is also shown.
 .PP
 If
@@ -123,30 +126,54 @@ a security layer for session encryption.  Encrypted traffic is labelled
 with `(encrypted)' and `(decrypted)' when viewing the POP transaction
 with the
 .B \-snoop
-switch.
+switch; see the
+.B post
+man page description of
+.B \-snoop
+for its other features.
 .PP
 If
 .B nmh
 has been compiled with OAuth support, the
-.B \-oauth
+.B \-sasl \-saslmech xoauth2
 switch will enable OAuth authentication.  The
 .B \-user
 switch must be used, and the
 .I user-name
-must be an email address the user has for that service.  Before using this,
-the user must authorize nmh by running
+must be an email address the user has for the service, which must
+be specified with the
+.B \-authservice
+.I service
+switch.  Before using this, the user must authorize nmh by running
 .B mhlogin
-and grant authorization to that account.  Only
-.B -oauth
-.I gmail
-is supported.  See the
+and grant authorization to that account.  See the
 .B mhlogin
 man page for more details.
 .PP
-Gmail only supports POP3 over TLS, but
-.B msgchk
-has no TLS support.  To work around this, use something like
-.B -proxy 'openssl s_client -connect %h:995 -CAfile /etc/ssl/certs/ca-certificates.crt -quiet'
+If
+.B nmh
+has been compiled with TLS support, the
+.B \-initialtls
+switch will require the negotiation of TLS when connecting
+to the remote POP server.  The
+.B \-initialtls
+switch will negotiate TLS immediately after the connection has taken place,
+before any POP commands are sent or received.  Data encrypted by TLS is
+labeled `(tls-encrypted)' and `(tls-decrypted)` with viewing the POP
+transaction with the
+.B \-snoop
+switch.  The
+.B \-notls
+switch will disable all attempts to negotiate TLS.
+.PP
+When using TLS the default is to verify the remote certificate and SubjectName
+against the local trusted certificate store.  This can be controlled by
+the
+.B \-certverify
+and
+.B \-nocertverify
+switches.  See your OpenSSL documentation for more information on certificate
+verification.
 .SH FILES
 .fc ^ ~
 .nf
@@ -165,6 +192,7 @@ None
 .SH "SEE ALSO"
 .IR inc (1),
 .IR mh\-mail (5)
+.IR post (8)
 .SH DEFAULTS
 .nf
 .RB ` user "' defaults to the current user"