Hi, Maciej Drobniuch (Friday, 2008-05-02): > If you are using RCWM and MTA on the same machine then postfix(for > example) isn't asking the saslauth daemon > that the user is authenticated(because the process is running on the > localhost) - it depends on the client restrictions. > If the user changes the identity to another account located on the > server then he can easily send messages using unauthorized e-mail > address. For example [EMAIL PROTECTED] is able to send e-mails via the > [EMAIL PROTECTED] acoount without authentication > To avoid the users to change the identity you could use my suggested > patch.
So you want to remove wanted/needed functionality because your MTA is misconfigured? Imo this is the wrong way to go. Patrick. -- Key ID: 0x86E346D4 http://patrick-nagel.net/key.asc Fingerprint: 7745 E1BE FA8B FBAD 76AB 2BFC C981 E686 86E3 46D4 --- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/Fc/7Z7SWqxZ/signature.asc Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< ---
_______________________________________________ List info: http://lists.roundcube.net/dev/
