Scroll to navigation



mhlogin - nmh login to external (OAuth) services


This implementation is no longer supported but is left here for information. That's because Google now only supports POP except with a private client ID. Also, it no longer supports OOB requests to Google's OAuth 2.0 authorization endpoint.

mhlogin [-help] [-version] [-user username] [-saslmech mechanism] [-authservice service] [-browser command] [-snoop]


mhlogin currently only supports OAuth for Gmail. Run mhlogin -user username -saslmech xoauth2 -authservice gmail and load the printed URL in your browser. Login to a Gmail account, grant authorization, and copy and paste the code into the mhlogin prompt. Be sure to use the same account with the -user switch to send. See the EXAMPLES section below for an example.

The -browser switch causes mhlogin to load the URL directly into a new browser session. The command argument must include the browser invocation name, and can include any browser arguments in the -browser argument string, e.g., 'google-chrome --new-window'.

The -snoop switch can be used to view the HTTP transaction.

All parameters configuring the service may be overridden by profile components, and even though only Gmail is supported out of the box, the user can define new services entirely in the profile. Profile components are prefixed by oauth-service-, for example, oauth-gmail-credential-file which specifies where mhlogin should write credentials and where send should read them.



First, login to the Gmail account that you want to use, e.g,, using a web browser. Then, enter a mhlogin command such as:

mhlogin -user -saslmech xoauth2 -authservice gmail -browser 'google-chrome --new-window'

The username should be a complete email address. Respond to the prompt in the browser window, then copy and paste the authorization code in response to the mhlogin prompt.


^oauth-gmail-client_id:~^nmh project client_id
^oauth-gmail-client_secret:~^nmh project client_secret




`-saslmech' xoauth2
2016-10-10 nmh-1.8-RC2