Problem: you don't really want to store your password in clear text any where, but you have programs that need it, like fetchmail.

The solution is to generate the config or .fetchmailrc file on the fly. A more complicated one might be done with perl/sed/gawk to insert/replace the password.
Another method would be to set up a fifo (mkfifo), send an email requesting the password be written to the fifo. Invoke a script to read the fifo and stuff the rc file into it.

So try the following bash script:

read -s -p "pw:" pw ; echo "poll POPSERVER proto pop3 user USER pass $pw ssl" | fetchmail -f -

The read -s turnes on noecho, the prompt is set to pw:, and the password is stored in pw.
the echo generates the config file on the fly into a pipe, fetchmail pulls it from the pipe.
WARNING: if you do this on the command line, instead of a script, you will need to clear pw (pw='')
Also root can see pw in /proc/{pid}/environ

Comments: host id allen