27 Feb
2018
27 Feb
'18
6:47 p.m.
On 02/27/2018 12:23 PM, Mario Jorge Lima wrote:
If someone who accesses my Roundcube, fill the Server field with any other POP Server name elsewhere, he will read those emails. How to avoid it, so that only mailboxes in one of my two Mailboxes mentioned above can be accessed?
I think I responded to similar question recently with:
You have a few options to deal with this
default_host username_domain username_domain_forced login_username_filter trusted_host_patterns (git-master only)
How to use them will depend on what you want to achieve and your environment. You can always create a plugin that checks the host before connecting to it.
--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer [http://kolab.org]
Roundcube Webmail Developer [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com