On 2018-07-06 15:45:08 -0500, Derek Martin wrote:
> On Thu, Jul 05, 2018 at 09:47:51AM +0200, Wiktor Kwapisiewicz wrote:
> > > Does this mean that WKD would always be enabled?
> > > If so, this potentially leaks from whom email is being received to third
> > > parties, and I will patch my copy of m
Hi Vincent,
So... This isn't really too different. If the config option somehow
got set unintentionally, it still potentially leaks information, even
if it is on send rather than on receipt. It's actually worse, because
it leaks whom you are actually sending messages to, rather than from
whom
On 2018-07-06 17:50:59 -0500, Derek Martin wrote:
> On Fri, Jul 06, 2018 at 10:54:20PM +0200, Wiktor Kwapisiewicz wrote:
> > If you're sending e-mail to u...@example.com and do a WKD query it
> > would reveal that only to example.com. But you're sending the e-mail
> > there so that user (or their s
On Mon, Jul 09, 2018 at 05:05:58PM +0200, Vincent Lefevre wrote:
> On 2018-07-06 17:50:59 -0500, Derek Martin wrote:
> > On Fri, Jul 06, 2018 at 10:54:20PM +0200, Wiktor Kwapisiewicz wrote:
> > > If you're sending e-mail to u...@example.com and do a WKD query it
> > > would reveal that only to exam
On Thu, Jun 28, 2018 at 9:15 PM Kevin J. McCarthy wrote:
> On Tue, Jun 26, 2018 at 05:02:11PM -0700, Brandon Long wrote:
> > Ok, this patch updates the current head to have
> > (imap|pop|smtp)_oauth_refresh_command, consolidates the code for
> executing
> > the commands and generating the oauthbe
