identify MUA connecting?

[Reindl Harald]

Am 28.07.2014 22:40, schrieb Peter Chiochetti:
> Am 2014-07-28 um 21:15 schrieb Reindl Harald:
>> Am 28.07.2014 20:57, schrieb Rick Romero:
>>>> Am 28.07.2014 19:58, schrieb Juan Pablo:
>>>>> The reason I am wanting to do this is I would like to know if people
>>>>> are getting their email on personal devices
>>>>> instead of work secured / standardized phones
>>>
>>> IMHO, client certificates would work work well here.  I think Dovecot
>>> supports it
>>
>> yes, but you accept them or not
>> that's a different story than "log the MUA information"
> 
> Yes, it is a means to stop people from using insecure devices.

a client certificate hadrly makes a device secure
if the device is compromised your cert is gone

> So possibly a useful hint the OP may be interested in! Might well be that 
> its the reason for learning which MUA was used?

well, "what client is used" is impossible

there is no user-agent like HTTP and even for HTTP the header is not
mandatory and rqeuire it will break your web-app for anybody who cares
for privacy while gain nothing



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140729/c7ca1aff/attachment.sig>