X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/23e9ccce9de7e5190c2ea7dda03e54ece5b5a3da..d9c88cd101a63778a85dfd55a01a3af0db2465c9:/man/msgchk.man?ds=sidebyside

diff --git a/man/msgchk.man b/man/msgchk.man
index b0c7bd48..84a40ca9 100644
--- a/man/msgchk.man
+++ b/man/msgchk.man
@@ -1,13 +1,15 @@
-.TH MSGCHK %manext1% "August 14, 2016" "%nmhversion%"
-.\"
+.TH MSGCHK %manext1% 2016-11-02 "%nmhversion%"
+.
 .\" %nmhwarning%
-.\"
+.
 .SH NAME
-msgchk \- check for messages
+msgchk \- nmh's check for incoming email
 .SH SYNOPSIS
 .HP 5
 .na
 .B msgchk
+.RB [ \-help ]
+.RB [ \-version ]
 .RB [ \-date " | " \-nodate ]
 .RB [ \-notify
 all/mail/nomail ]
@@ -17,14 +19,17 @@ all/mail/nomail ]
 .IR hostname ]
 .RB [ \-user
 .IR username ]
-.RB [ \-sasl ]
+.RB [ \-sasl " | " \-nosasl ]
 .RB [ \-saslmech
 .IR mechanism ]
+.RB [ \-initialtls ]
+.RB [ \-notls ]
+.RB [ \-certverify " | " \-nocertverify ]
+.RB [ \-authservice
+.IR service ]
 .RB [ \-snoop ]
 .RI [ users
 \&... ]
-.RB [ \-version ]
-.RB [ \-help ]
 .ad
 .SH DESCRIPTION
 The
@@ -46,12 +51,12 @@ should produce a message.  The default is
 which says that
 .B msgchk
 should always report the status of the
-users maildrop.  Other values for `type' include `mail' which says that
+users mail drop.  Other values for `type' include `mail' which says that
 .B msgchk
 should report the status of waiting mail; and, `nomail'
 which says that
 .B msgchk
-should report the status of empty maildrops.
+should report the status of empty mail drops.
 The
 .B \-nonotify
 .I type
@@ -61,10 +66,10 @@ switch has the inverted sense, so
 directs
 .B msgchk
 to never report the status of
-maildrops.  This is useful if the user wishes to check
+mail drops.  This is useful if the user wishes to check
 .BR msgchk 's
-exit status.  A non\-zero exit status indicates that mail was
-.B not
+exit status.  A non-zero exit status indicates that mail was
+.I not
 waiting for at least one of the indicated users.
 .PP
 If
@@ -90,14 +95,17 @@ mail waiting.
 To specify a username for authentication with the POP server, use the
 .B \-user
 .I username
-switch.  The credentials profile entry in the mh\-profile(5) man page
+switch.  The credentials profile entry in
+.IR mh\-profile (5)
 describes the ways to supply a username and password.
 .PP
 For debugging purposes, there is also a switch
 .BR \-snoop ,
 which will
 allow you to watch the POP transaction take place between you and the
-POP server.
+POP server.  If
+.B \-sasl \-saslmech xoauth2
+is used, the HTTP transaction is also shown.
 .PP
 If
 .B nmh
@@ -107,28 +115,72 @@ switch will enable
 the use of SASL authentication.  Depending on the SASL mechanism used, this
 may require an additional password prompt from the user (but the
 .I netrc
-file can be used to store this password, as described in the
-mh-profile(5) man page).  The
+file can be used to store this password, as described in
+.IR mh-profile (5).
+The
 .B \-saslmech
 switch can be used to select a particular SASL mechanism.
 .PP
 If SASL authentication is successful,
-.B inc
+.B msgchk
 will attempt to negotiate
 a security layer for session encryption.  Encrypted traffic is labelled
 with `(encrypted)' and `(decrypted)' when viewing the POP transaction
 with the
 .B \-snoop
-switch; see the
-.B post
-man page description of
+switch; see
+.IR post (8)'s
+description of
 .B \-snoop
 for its other features.
+.PP
+If
+.B nmh
+has been compiled with OAuth support, the
+.B \-sasl \-saslmech xoauth2
+switch will enable OAuth authentication.  The
+.B \-user
+switch must be used, and the
+.I user-name
+must be an email address the user has for the service, which must
+be specified with the
+.B \-authservice
+.I service
+switch.  Before using this, the user must authorize nmh by running
+.B mhlogin
+and grant authorization to that account.  See
+.IR mhlogin (1)
+for more details.
+.PP
+If
+.B nmh
+has been compiled with TLS support, the
+.B \-initialtls
+switch will require the negotiation of TLS when connecting
+to the remote POP server.  The
+.B \-initialtls
+switch will negotiate TLS immediately after the connection has taken place,
+before any POP commands are sent or received.  Data encrypted by TLS is
+labeled `(tls-encrypted)' and `(tls-decrypted)' with viewing the POP
+transaction with the
+.B \-snoop
+switch.  The
+.B \-notls
+switch will disable all attempts to negotiate TLS.
+.PP
+When using TLS the default is to verify the remote certificate and SubjectName
+against the local trusted certificate store.  This can be controlled by
+the
+.B \-certverify
+and
+.B \-nocertverify
+switches.  See your OpenSSL documentation for more information on certificate
+verification.
 .SH FILES
 .fc ^ ~
 .nf
 .ta \w'%nmhetcdir%/ExtraBigFileName  'u
-^$HOME/\&.mh\(ruprofile~^The user profile
+^$HOME/.mh_profile~^The user profile
 ^%nmhetcdir%/mts.conf~^nmh mts configuration file
 ^%mailspool%/$USER~^Location of mail drop
 .fi
@@ -141,7 +193,7 @@ None
 .fi
 .SH "SEE ALSO"
 .IR inc (1),
-.IR mh\-mail (5)
+.IR mh\-mail (5),
 .IR post (8)
 .SH DEFAULTS
 .nf