[RCU] How to avoid accessing mailboxes elsewhere

Jorge Bastos mysql.jorge at decimal.pt
Tue Feb 27 18:50:21 CET 2018


Hi Alec,

For:

trusted_host_patterns

does it work for host and Ip's right?

-----Original Message-----
From: users-bounces at lists.roundcube.net
[mailto:users-bounces at lists.roundcube.net] On Behalf Of A.L.E.C
Sent: 27 de fevereiro de 2018 17:48
To: users at lists.roundcube.net
Subject: Re: [RCU] How to avoid accessing mailboxes elsewhere

On 02/27/2018 12:23 PM, Mario Jorge Lima wrote:
> If someone who accesses my Roundcube, fill the Server field with any 
> other POP Server name elsewhere, he will read those emails. How to 
> avoid it, so that only mailboxes in one of my two Mailboxes mentioned
above can be accessed?
I think I responded to similar question recently with:

You have a few options to deal with this

default_host
username_domain
username_domain_forced
login_username_filter
trusted_host_patterns (git-master only)

How to use them will depend on what you want to achieve and your
environment. You can always create a plugin that checks the host before
connecting to it.

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer         [http://kolab.org]
Roundcube Webmail Developer   [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
_______________________________________________
Roundcube Users mailing list
users at lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users


More information about the users mailing list