On 03/16/2017 10:31 AM, Gordon Messmer wrote:
But really, this *should* be secure by default, and it isn't. I'd think this should be reported as a bug, and if that's rejected, then refiled as a request for enhancement. The default behavior is not good.
I've submitted a pull request: https://github.com/inverse-inc/sogo/pull/233 -- users@sogo.nu https://inverse.ca/sogo/lists