Mercurial > dovecot > original-hg > dovecot-1.2
diff dovecot-example.conf @ 4467:eaab43f6f65f HEAD
Removed hardcoded 127.* and ::1 IP checks. Instead just check that local IP
matches remote IP to assume the connection is secure.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 01 Jul 2006 23:09:36 +0300 |
parents | 9577a99b7fef |
children | e2521ee11147 |
line wrap: on
line diff
--- a/dovecot-example.conf Sat Jul 01 22:42:27 2006 +0300 +++ b/dovecot-example.conf Sat Jul 01 23:09:36 2006 +0300 @@ -38,9 +38,9 @@ #listen = * # Disable LOGIN command and all other plaintext authentications unless -# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and -# IPv6 ::1 addresses are considered secure, this setting has no effect if -# you connect from those addresses. +# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP +# matches the local IP (ie. you're connecting from the same computer), the +# connection is considered secure and plaintext authentication is allowed. #disable_plaintext_auth = yes # Should all IMAP and POP3 processes be killed when Dovecot master process