Stefan Hornburg a écrit :
A better solution is to either use https:// or restrict access to the
webadmin
through your webserver.
Yes, but it would be better to specify a list of adddresses than to open
webadmin
to the whole local network, as it is suggested by the HowTo:
If you are not using SSL on your Apache server, you will need to add
/etc/courier/webadmin/unsecureok, so you will be able to use your web
based administration tool.
*touch /etc/courier/webadmin/unsecureok*
And the proposed patch is not very expansive !
--
--
Christian Gennerat
