X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/6fc2909634fb431c65ecfa8b6db4f6519f99b389..9291a5f82480f2458e04cb9ea7e6749bc952b308:/man/msgchk.man

diff --git a/man/msgchk.man b/man/msgchk.man
index fa502330..84a40ca9 100644
--- a/man/msgchk.man
+++ b/man/msgchk.man
@@ -1,13 +1,15 @@
-.TH MSGCHK %manext1% "August 14, 2016" "%nmhversion%"
-.\"
+.TH MSGCHK %manext1% 2016-11-02 "%nmhversion%"
+.
 .\" %nmhwarning%
-.\"
+.
 .SH NAME
-msgchk \- check for messages
+msgchk \- nmh's check for incoming email
 .SH SYNOPSIS
 .HP 5
 .na
 .B msgchk
+.RB [ \-help ]
+.RB [ \-version ]
 .RB [ \-date " | " \-nodate ]
 .RB [ \-notify
 all/mail/nomail ]
@@ -17,18 +19,17 @@ all/mail/nomail ]
 .IR hostname ]
 .RB [ \-user
 .IR username ]
-.RB [ \-sasl ]
+.RB [ \-sasl " | " \-nosasl ]
 .RB [ \-saslmech
 .IR mechanism ]
 .RB [ \-initialtls ]
 .RB [ \-notls ]
+.RB [ \-certverify " | " \-nocertverify ]
 .RB [ \-authservice
 .IR service ]
 .RB [ \-snoop ]
 .RI [ users
 \&... ]
-.RB [ \-version ]
-.RB [ \-help ]
 .ad
 .SH DESCRIPTION
 The
@@ -50,12 +51,12 @@ should produce a message.  The default is
 which says that
 .B msgchk
 should always report the status of the
-users maildrop.  Other values for `type' include `mail' which says that
+users mail drop.  Other values for `type' include `mail' which says that
 .B msgchk
 should report the status of waiting mail; and, `nomail'
 which says that
 .B msgchk
-should report the status of empty maildrops.
+should report the status of empty mail drops.
 The
 .B \-nonotify
 .I type
@@ -65,10 +66,10 @@ switch has the inverted sense, so
 directs
 .B msgchk
 to never report the status of
-maildrops.  This is useful if the user wishes to check
+mail drops.  This is useful if the user wishes to check
 .BR msgchk 's
-exit status.  A non\-zero exit status indicates that mail was
-.B not
+exit status.  A non-zero exit status indicates that mail was
+.I not
 waiting for at least one of the indicated users.
 .PP
 If
@@ -94,7 +95,8 @@ mail waiting.
 To specify a username for authentication with the POP server, use the
 .B \-user
 .I username
-switch.  The credentials profile entry in the mh\-profile(5) man page
+switch.  The credentials profile entry in
+.IR mh\-profile (5)
 describes the ways to supply a username and password.
 .PP
 For debugging purposes, there is also a switch
@@ -102,7 +104,7 @@ For debugging purposes, there is also a switch
 which will
 allow you to watch the POP transaction take place between you and the
 POP server.  If
-.B \-saslmech xoauth2
+.B \-sasl \-saslmech xoauth2
 is used, the HTTP transaction is also shown.
 .PP
 If
@@ -113,8 +115,9 @@ switch will enable
 the use of SASL authentication.  Depending on the SASL mechanism used, this
 may require an additional password prompt from the user (but the
 .I netrc
-file can be used to store this password, as described in the
-mh-profile(5) man page).  The
+file can be used to store this password, as described in
+.IR mh-profile (5).
+The
 .B \-saslmech
 switch can be used to select a particular SASL mechanism.
 .PP
@@ -125,16 +128,16 @@ a security layer for session encryption.  Encrypted traffic is labelled
 with `(encrypted)' and `(decrypted)' when viewing the POP transaction
 with the
 .B \-snoop
-switch; see the
-.B post
-man page description of
+switch; see
+.IR post (8)'s
+description of
 .B \-snoop
 for its other features.
 .PP
 If
 .B nmh
 has been compiled with OAuth support, the
-.B \-saslmech xoauth2
+.B \-sasl \-saslmech xoauth2
 switch will enable OAuth authentication.  The
 .B \-user
 switch must be used, and the
@@ -145,9 +148,9 @@ be specified with the
 .I service
 switch.  Before using this, the user must authorize nmh by running
 .B mhlogin
-and grant authorization to that account.  See the
-.B mhlogin
-man page for more details.
+and grant authorization to that account.  See
+.IR mhlogin (1)
+for more details.
 .PP
 If
 .B nmh
@@ -158,17 +161,26 @@ to the remote POP server.  The
 .B \-initialtls
 switch will negotiate TLS immediately after the connection has taken place,
 before any POP commands are sent or received.  Data encrypted by TLS is
-labeled `(tls-encrypted)' and `(tls-decrypted)` with viewing the POP
+labeled `(tls-encrypted)' and `(tls-decrypted)' with viewing the POP
 transaction with the
 .B \-snoop
 switch.  The
 .B \-notls
 switch will disable all attempts to negotiate TLS.
+.PP
+When using TLS the default is to verify the remote certificate and SubjectName
+against the local trusted certificate store.  This can be controlled by
+the
+.B \-certverify
+and
+.B \-nocertverify
+switches.  See your OpenSSL documentation for more information on certificate
+verification.
 .SH FILES
 .fc ^ ~
 .nf
 .ta \w'%nmhetcdir%/ExtraBigFileName  'u
-^$HOME/\&.mh\(ruprofile~^The user profile
+^$HOME/.mh_profile~^The user profile
 ^%nmhetcdir%/mts.conf~^nmh mts configuration file
 ^%mailspool%/$USER~^Location of mail drop
 .fi
@@ -181,7 +193,7 @@ None
 .fi
 .SH "SEE ALSO"
 .IR inc (1),
-.IR mh\-mail (5)
+.IR mh\-mail (5),
 .IR post (8)
 .SH DEFAULTS
 .nf