Document that the front-end POP3/SMTP is unauthenticated and must be network-restricted #9

New Issue

2026-06-17T17:12:40+01:00

lyrathorpe commented

2026-06-17 17:12:40 +01:00

By design (per REQUIREMENTS.MD) the front-end POP3/SMTP is unencrypted and unauthenticated: anyone able to reach port 110 obtains mailbox access, and anyone reaching port 25 can relay through the backend credentials.

Fix:

Add a Security section to README.md stating clearly that the listener MUST be bound to a trusted internal network only (e.g. internal bridge / VPN / localhost), never exposed to untrusted networks.
Note the SMTP open-relay implication of the configured backend credentials.

Acceptance:

README documents the exposure and the required network restriction.

By design (per REQUIREMENTS.MD) the front-end POP3/SMTP is unencrypted and unauthenticated: anyone able to reach port 110 obtains mailbox access, and anyone reaching port 25 can relay through the backend credentials. Fix: - Add a Security section to README.md stating clearly that the listener MUST be bound to a trusted internal network only (e.g. internal bridge / VPN / localhost), never exposed to untrusted networks. - Note the SMTP open-relay implication of the configured backend credentials. Acceptance: - README documents the exposure and the required network restriction.

lyrathorpe added the docs label 2026-06-17 17:12:40 +01:00

lyrathorpe referenced this issue from a commit

2026-06-17 17:22:33 +01:00

docs: add Security section documenting unauthenticated listeners

lyrathorpe referenced a pull request that will close this issue

2026-06-17 17:23:07 +01:00

Document unauthenticated listener exposure #13

lyrathorpe referenced this issue from a commit

2026-06-17 17:33:52 +01:00

Document unauthenticated listener exposure (#13)

lyrathorpe closed this issue

2026-06-17 17:33:53 +01:00