[Dovecot] Detail improvement: %c variable
Reindl Harald
h.reindl at thelounge.net
Sun Feb 23 22:37:55 UTC 2014
Am 23.02.2014 23:27, schrieb Hadmut Danisch:
> But if the web gateway and dovecot are no the /same/ machine, this does
> not work anymore, since %c becomes "secured" on localhost, even if
> unencrypted. It causes a lot of trouble and headache
what headache?
how do you imagine a man-in-the-middle-attack on 127.0.0.1
> Please add a configuration variable to configure, whether %c
> should become "secured" for unencrypted traffic on the loopback
> device (localhost)
to gain exactly what?
frankly for practical usage epect debugging even a fallback to
no encryption at all on loopback would be sane and for the
sake of reduce useless overhead fine
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140223/8cf67e37/attachment.sig>
More information about the dovecot
mailing list