Backing up e-mail with OfflineIMAP
Last week, Gandi lost quite some customer data and urged users use their own backup. Thinking about this, I realised I don’t backup my (Gandi) e-mail (except for program cache), so I decided to fix using OfflineIMAP.
An alternative could be Mailstore (guide). A similar guide for Protonmail was written by peterrus.
Do you backup your e-mail? How?
I use the following config file which is a bit better than the minimal config as it will never delete, and forces TLS 1.2.
To ensure SSL works, get some CA certificate, for example from curl-ca-bundle on Mac.
# Based on https://github.com/OfflineIMAP/offlineimap/blob/master/offlineimap.conf [general] # List of accounts to be synced, separated by a comma. accounts = gandi [Account gandi] # Identifier for the local repository; e.g. the maildir to be synced via IMAP. localrepository = gandi-local # Identifier for the remote repository; i.e. the actual IMAP, usually non-local. remoterepository = gandi-remote [Repository gandi-local] # OfflineIMAP supports Maildir, GmailMaildir, and IMAP for local repositories. type = Maildir # Where should the mail be placed? localfolders = ~/mail # Do not propagate delete from local to remote (only add new ones) sync_deletes = no # Set filetime from e-mail header utime_from_header = yes [Repository gandi-remote] # Remote repos can be IMAP or Gmail, the latter being a preconfigured IMAP. type = IMAP remotehost = mail.gandi.net remoteuser = <username> # Do not propagate delete from remote to local (only add new ones) sync_deletes = no # Force TLS/SSL starttls = yes ssl = yes # Force TLS to use either tls1.2 or tls1.1 tls_level = tls_secure # Further force client to only use tls1.2 ssl_version = tls1_2 # Use CA file to validate host. Get from port curl-ca-bundle sslcacertfile = /opt/local/share/curl/curl-ca-bundle.crt