Mutt uses local config files and external helpers; secure local environment and transport settings are essential.
¶ Config and Credential Protection
- Keep
.muttrc and mail account files with strict permissions.
- Prefer external credential stores over plaintext passwords.
- Separate high-privilege accounts from daily accounts.
¶ Protocol and Crypto Settings
- Enforce TLS with strict certificate checks.
- Configure OpenPGP/SMIME for sensitive workflows.
- Disable insecure legacy protocol options.
- Review external editors, viewers, and hooks invoked by Mutt.
- Avoid unsafe macros or shell escapes from untrusted sources.
- Keep dependencies patched.