Am 23.02.2014 23:27, schrieb Hadmut Danisch: > But if the web gateway and dovecot are no the /same/ machine, this does > not work anymore, since %c becomes "secured" on localhost, even if > unencrypted. It causes a lot of trouble and headache
what headache? how do you imagine a man-in-the-middle-attack on 127.0.0.1 > Please add a configuration variable to configure, whether %c > should become "secured" for unencrypted traffic on the loopback > device (localhost) to gain exactly what? frankly for practical usage epect debugging even a fallback to no encryption at all on loopback would be sane and for the sake of reduce useless overhead fine
signature.asc
Description: OpenPGP digital signature
