[offlineimap] offlineimap.conf.minimal should have some hints about configuring TLS. (#263)
notifications at github.com
Wed Oct 28 13:33:20 GMT 2015
The point is that the minimal config makes no mention that it is
insecure by default, and that by simply replacing the values in the
Remote configuration block, anyone using it will be transferring all of
their emails in the clear.
At the very least, I would expect comments to this effect. And I would
expect the necessary parameters, commented out if necessary, to be
present in the file to be easily activated. tl;dr, the three directives
that I put in the minimal config would suffice.
What I don't expect is to copy the minimal config to .offlineimaprc,
modify it for my server, and get no warning as OfflineIMAP connects
unencrypted to 143 and starts dumping my email.
On 2015-10-28 05:26, Nicolas Sebrecht wrote:
> I don't get the point. Minimal stands for what it is: a _minimal_
> configuration file. This helps to figure out what's mandatory to get
> started but won't help much at setting things plain right.
> I guess that in the next two weeks, someone else will complain that
> he's got bitten by the default ssl protocols (or whatever) not
> matching its use case. And in the next month, someone else will
> complain about yet another expectation he had as a default value and
> missing from the minimal conf. In the end we would have the full
> documentation in the minimal configuration file.
> I'm not pretending that the default ssl value can't be change. I'm
> pointing out that the minimal config should stay minimal, IMHO.
> This might worth encouraging the user to make some checks about
> security options, though. But this would be a very small comment. No
> Also, you should read http://offlineimap.org/doc/dco.html . ,-)
> Reply to this email directly or view it on GitHub .
>  http://offlineimap.org/doc/dco.html
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OfflineIMAP-project