imapsync handles mailbox credentials and large volumes of sensitive email data.
- Avoid passing passwords on command line where shell history is retained.
- Use secured files/environment variables for credentials.
- Use dedicated migration accounts with temporary access.
- Require TLS for both source and destination IMAP connections.
- Validate server certificates strictly.
- Restrict migration host outbound access to mail servers only.
¶ Data Handling and Cleanup
- Store migration logs securely; redact sensitive fields.
- Remove temporary files and credential artifacts after completion.
- Audit migrated mailbox permissions post-cutover.