-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 24 Feb 2014, Andreas Schulze wrote:
Hadmut Danisch:
I did not say that I did not trust 127.0.0.1. I said that I do not
trust the Web-IMAP-Gateway (such as squirrelmail) if the client uses
an untrusted computer.
the question to me is: why could Hadmut Danisch not configure
dovecot use an non default trust state for localhost for whatever reasons?
because this setting is hardcoded but should be configurable for him.
Probably if one goes to implement such option, it would be also a good
thing to let this be configurable using "local" blocks. I mean, in order
to enable/disable the implicit trust per IP address. That way one could
point one service, such as the web frontend, on an IP adsress, that
defaults to "not secured", but have others that default to "secured".
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUwxN+XD1/YhP6VMHAQL7XQgA0mEj0UShy+yUdlLVXNCeH/fD9Qy8ZPAB
bkyIsUeWc5lDGwrj5Dgz6c06cLo5YHh67hNzmINiYoY5FwAu2iDuwC7ASq1U2n+3
ZPy/eo4+p3SA9vRVIWOv4PK9Sy7zpm0kypkmCzzrUKXt7WdE275P+dGyF5dvwKjS
dGJGhcfWG920YJ4/BbnjyonE3SbduCSylvmu/3e4B6KNkRHAsOLClcVI+Xrcb3CU
Q5pdnjZWJ0FIKPIu2D4GvbD0Bsyml/JnYEeZfHdZ88rItNWOCpDuO3KmkjBvaCMx
MdXLRjxP/EnhkzRikHUC9uHUlhjsk9mLQLJm8/a+PFprFZ4cIv3e6Q==
=c9Qh
-----END PGP SIGNATURE-----
