chibenwa opened a new pull request #589:
URL: https://github.com/apache/james-project/pull/589
All line based protocols are subject to command injections for "man in the
middle"
attacks. We hereby generalize the SMTP fix.
Note that we slightly modified the behaviour to bypass this sanitizing as
soon as the users
are authenticated: indeed authentication happens for sure after STARTTLS
upgrades.
TODO:
- [ ] Write a test suite for POP3
- [ ] Write a test suite for IMAP
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
