"Thunderbird, PINE, Evolution, KMail, etc. even IM clients all send
the account password to the server when left running
unattended. Consequently, they must either store the password in plain
text, ask for it on every connection attempt, or encrypt it and require
the user to enter a different passphrase to unlock the storage
There is an easy solution: read the password from the filesystem, from a
configurable location. That way the encryption can be done by the
filesystem ONCE rather than having a separate encryption algo and
passphrase for every app under the sun.
Sadly, as far as I know among MUAs only Gnus, and maybe other Emacs based
clients, does this.