Am 28.07.2014 22:40, schrieb Peter Chiochetti: > Am 2014-07-28 um 21:15 schrieb Reindl Harald: >> Am 28.07.2014 20:57, schrieb Rick Romero: >>>> Am 28.07.2014 19:58, schrieb Juan Pablo: >>>>> The reason I am wanting to do this is I would like to know if people >>>>> are getting their email on personal devices >>>>> instead of work secured / standardized phones >>> >>> IMHO, client certificates would work work well here. I think Dovecot >>> supports it >> >> yes, but you accept them or not >> that's a different story than "log the MUA information" > > Yes, it is a means to stop people from using insecure devices.
a client certificate hadrly makes a device secure if the device is compromised your cert is gone > So possibly a useful hint the OP may be interested in! Might well be that > its the reason for learning which MUA was used? well, "what client is used" is impossible there is no user-agent like HTTP and even for HTTP the header is not mandatory and rqeuire it will break your web-app for anybody who cares for privacy while gain nothing
signature.asc
Description: OpenPGP digital signature