[Dovecot] Detail improvement: %c variable

Giles Coochey giles at coochey.net
Mon Feb 24 15:41:47 UTC 2014


On 24/02/2014 15:19, Hadmut Danisch wrote:
> As far as I can see dovecot does not consider 127.0.0.1 as "secured" 
> for any good reason, just to make debugging in plaintext easier. This 
> is a severe security gap. Hadmut 
You could choose not to use localhost IP, but bind to the actual local 
IP of the host, even though it is on the local machine?

Is it only attaching to the 127.0.0.1 because you're binding to it by 
hostname as opposed to IP?

Just a thought...

-- 
Regards,

Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles at coochey.net


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6454 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140224/f9e8c93f/attachment.p7s>


More information about the dovecot mailing list