You could use a .htpasswd file (and .htaccess) to password protect this particular file. Or simply rename it to something unique.

Okay, then let me back up one step... One of the things that bothers me about using getmail.php to post by email in the first place is that the user/pass is sent in the clear. Can this be protected via gpg or openpgp encryption? It would be nice to be able to send posts via openpgp so the credentials arent open.

I know the design side very well, but I'm new to the application side of the process. I'm using this project of getting b2evo running to learn databases and php scripting and I'm starting to get the hang of certain things but in general the whole process is new to me.

I guess it just wouldn't seem logical to do the whole .htaccess/.htpass thing if the creds are still just going to be sent in the clear... It's bad enough that the email account creds are being sent in the clear to send the email itself. Can you point me to some relevant docs or tutorials out there or, if it's not too involved, outline them here?

jj.