v2.2.20 release candidate released

Timo Sirainen tss at iki.fi
Sun Dec 6 12:10:11 UTC 2015


On 05 Dec 2015, at 11:32, Gerhard Wiesinger <lists at wiesinger.com> wrote:
> 
> Is it possible to configure the secure session caching mechanism?
> e.g. like in nginx: https://bjornjohansen.no/optimizing-https-nginx

I remember hearing about various security vulnerabilities in that earlier.. I guess they're fixed now then, unless people find more ways to exploit it. Anyway I'm not sure how useful it would actually even be for most IMAP/POP3 servers, because most clients don't connect all that often. Or I guess it might help some clients that create multiple connections immediately.

Then again, we are planning on adding some HTTP(S)-based services to Dovecot and there it would likely be more useful. So I guess it gets implemented at some point.



More information about the dovecot mailing list