X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/803f254122dc757db104a4c36cf98b726be004be..9f8418e870a70c264eda1598f2d470e5428c216d:/man/inc.man

diff --git a/man/inc.man b/man/inc.man
index f72b1f21..0d680ea8 100644
--- a/man/inc.man
+++ b/man/inc.man
@@ -1,4 +1,4 @@
-.TH INC %manext1% "November 25, 2014" "%nmhversion%"
+.TH INC %manext1% "October 9, 2016" "%nmhversion%"
 .\"
 .\" %nmhwarning%
 .\"
@@ -8,6 +8,8 @@ inc \- incorporate new mail
 .HP 5
 .na
 .B inc
+.RB [ \-help ]
+.RB [ \-version ]
 .RI [ +folder ]
 .RB [ \-audit
 .IR audit\-file ]
@@ -37,11 +39,11 @@ inc \- incorporate new mail
 .RB [ \-sasl " | " \-nosasl ]
 .RB [ \-saslmech
 .IR mechanism ]
-.RB [ \-oauth
+.RB [ \-authservice
 .IR service ]
+.RB [ \-initialtls ]
+.RB [ \-notls ]
 .RB [ \-snoop ]
-.RB [ \-version ]
-.RB [ \-help ]
 .ad
 .SH DESCRIPTION
 .B Inc
@@ -226,7 +228,7 @@ If passed the
 switch,
 .B inc
 will use the specified command to establish the connection to the POP
-server. The string
+server.  The string
 .IR %h
 in the command will be substituted by the hostname to connect to.
 .PP
@@ -235,7 +237,7 @@ If
 uses POP, then the
 .B \-pack
 .I file
-switch is considered. If given, then
+switch is considered.  If given, then
 .B inc
 simply uses the POP to
 .B packf
@@ -245,7 +247,7 @@ For debugging purposes, you may give the switch
 .BR \-snoop ,
 which will allow you to watch the POP transaction take place
 between you and the POP server.  If
-.B \-oauth
+.B \-sasl \-saslmech xoauth2
 is used, the HTTP transaction is also shown.
 .PP
 If
@@ -267,30 +269,47 @@ will attempt to negotiate a security layer for session encryption.
 Encrypted traffic is labelled with `(encrypted)' and `(decrypted)'
 when viewing the POP transaction with the
 .B \-snoop
-switch.
+switch; see the
+.B post
+man page description of
+.B \-snoop
+for its other features.
 .PP
 If
 .B nmh
 has been compiled with OAuth support, the
-.B \-oauth
-switch will enable OAuth authentication.  The
+.B \-sasl
+and
+.B \-saslmech xoauth2
+switches will enable OAuth authentication.  The
 .B \-user
 switch must be used, and the
 .I user-name
-must be an email address the user has for that service.  Before using this,
-the user must authorize nmh by running
+must be an email address the user has for the service, which must
+be specified with the
+.B \-authservice
+.I service
+switch.  Before using this, the user must authorize nmh by running
 .B mhlogin
-and grant authorization to that account.  Only
-.B -oauth
-.I gmail
-is supported.  See the
+and grant authorization to that account.  See the
 .B mhlogin
 man page for more details.
 .PP
-Gmail only supports POP3 over TLS, but
-.B inc
-has no TLS support.  To work around this, use something like
-.B -proxy 'openssl s_client -connect %h:995 -CAfile /etc/ssl/certs/ca-certificates.crt -quiet'
+If
+.B nmh
+has been compiled with TLS support, the
+.B \-initialtls
+switch will require the negotiation of TLS when connecting
+to the remote POP server.  The
+.B \-initialtls
+switch will negotiate TLS immediately after the connection has taken place,
+before any POP commands are sent or received.  Data encrypted by TLS is
+labeled `(tls-encrypted)' and `(tls-decrypted)` with viewing the POP
+transaction with the
+.B \-snoop
+switch.  The
+.B \-notls
+switch will disable all attempts to negotiate TLS.
 .SH FILES
 .PD 0
 .TP 20