lyrathorpe/legacy-email-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Document unauthenticated listener exposure #13

Merged
lyrathorpe merged 1 commits from docs/security-note into main 2026-06-17 17:33:52 +01:00
Conversation 0 Commits 1 Files Changed 1
+8
lyrathorpe commented 2026-06-17 17:23:07 +01:00
Owner
Copy Link
Copy Source

Adds a Security section: the front-end POP3/SMTP listeners are unauthenticated and must be bound to a trusted internal network only. Closes #9

Adds a Security section: the front-end POP3/SMTP listeners are unauthenticated and must be bound to a trusted internal network only. Closes #9
lyrathorpe added 1 commit 2026-06-17 17:23:07 +01:00
docs: add Security section documenting unauthenticated listeners
Build and publish container / build (pull_request) Successful in 8m58s
Details
c580f494ea 
Document that the front-end POP3/SMTP listeners are unencrypted and
unauthenticated, warn that they must be bound to a trusted internal
network only, and note POP3_BIND_ADDR / SMTP_BIND_ADDR for restricting
the bind address.

Fixes #9

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
lyrathorpe merged commit e51740b8db into main 2026-06-17 17:33:52 +01:00
lyrathorpe deleted branch docs/security-note 2026-06-17 17:33:54 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
Defect / incorrect behaviour
 ci
CI / build pipeline
 docs
Documentation
 enhancement
Improvement to existing behaviour
 security
Security hardening
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
lyrathorpe
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lyrathorpe/legacy-email-proxy#13
Delete Branch "docs/security-note"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?