[dovecot-cvs] dovecot dovecot-example.conf,1.194.2.12,1.194.2.13

cras at dovecot.org cras at dovecot.org
Sat Jul 1 23:09:09 EEST 2006


Update of /var/lib/cvs/dovecot
In directory talvi:/tmp/cvs-serv1415

Modified Files:
      Tag: branch_1_0
	dovecot-example.conf 
Log Message:
Removed hardcoded 127.* and ::1 IP checks. Instead just check that local IP
matches remote IP to assume the connection is secure.



Index: dovecot-example.conf
===================================================================
RCS file: /var/lib/cvs/dovecot/dovecot-example.conf,v
retrieving revision 1.194.2.12
retrieving revision 1.194.2.13
diff -u -d -r1.194.2.12 -r1.194.2.13
--- dovecot-example.conf	29 Jun 2006 12:49:48 -0000	1.194.2.12
+++ dovecot-example.conf	1 Jul 2006 20:09:05 -0000	1.194.2.13
@@ -38,9 +38,9 @@
 #listen = *
 
 # Disable LOGIN command and all other plaintext authentications unless
-# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
-# IPv6 ::1 addresses are considered secure, this setting has no effect if
-# you connect from those addresses.
+# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
+# matches the local IP (ie. you're connecting from the same computer), the
+# connection is considered secure and plaintext authentication is allowed.
 #disable_plaintext_auth = yes
 
 # Should all IMAP and POP3 processes be killed when Dovecot master process



More information about the dovecot-cvs mailing list