On 01/-10/-28163 08:59 PM, [email protected] wrote: > Zitat von Martijn Brinkers <[email protected]>: > >> On 01/-10/-28163 08:59 PM, [email protected] wrote: >>> Zitat von Martijn Brinkers <[email protected]>: >>> >>>> Hi, >>>> >>>> A new Djigzo Gateway release candidate (2.1.1) is available. >>>> >>>> http://www.djigzo.com/beta.html >>>> >>>> Release notes: >>>> >>>> Improvements >>>> >>>> * If a certificate was available for a recipient, a user object was >>>> always created for that recipient. The user is no longer added by >>>> default. >>> >>> What is the reasoning behind this one? I found it handsome to which >>> addresses where handled by S/MIME and which not by consulting the user >>> list. >> >> My thinking was that you only need to add a user when you need to >> override an inherited setting. Adding an external user when a >> certificate is available for the user resulted in a lot of pointless >> users when using domain to domain encryption since a certificate is >> available for every sender. >> >> I can however see your point in that it helps you to see for which >> external users a certificate is available. The old behavior can be >> reenabled by replacing >> >> RecipientHasCertificates=matchOnError=false,false >> >> with >> >> RecipientHasCertificates=matchOnError=false,true >> >> but this requires you to change the config.xml file. I guess you want it >> to be configurable from the GUI? ;) > > It isn't that important to clutter the GUI with just another setting i > guess, it just was "handsome" to quickly alter problematic receivers > because the user already exists. Would it be possible to not auto create > users for domains the domain-to-domain encryption is configured or > something like "auto-create-user-strict-mode" so only users are auto > created when exactly matching certificates are involved?
Detecting whether the recipient is using domain to domain encryption is possible but a lot more work than using a setting and slower since instead of just retrieving the list of all certs, a check should be done to see whether the cert was a domain cert or not. It's doable but if I have to choose between an extra advanced setting or checking for domain certs etc. I prefer the extra setting. Yesterday there was a question about syncing with LDAP and getting a list of users that are using S/MIME encryption so I guess you are not the only one that likes that feature so I guess it's better to allow the admin to decide whether to automatically add a user or not. > It isn't that important to clutter the GUI with just another setting.. I moved some settings (the mobile settings) to a specialized page. This Perhaps I can move certain properties to a specialized page? Kind regards, Martijn -- Djigzo open source email encryption _______________________________________________ Users mailing list [email protected] http://lists.djigzo.com/lists/listinfo/users
