Custom Query (523 matches)
Results (16 - 18 of 523)
|#564||fixed||Save configuration without passwords||tboeckel||tboeckel|
Often users are asked to provide their YAM configuration to be able to directly inspect that file for possible issues. This requires the users to strip their passwords from that file to avoid any misuse due to unintentionally revealed passwords. This additional manual stripping always includes the danger that some passwords might be forgotten to be removed.
Add a new menu item (i.e. "Save without passwords") to the config window's menu to save the current configuration to a selectable file, but without any passwords or with a short "XXX" sequence instead of the password. This would make it lots easier for the users to upload their configuration to the bugtracker without having to touch the the file after having saved to it a separate file.
|#563||fixed||Use a mail's receive date instead of the compose date when deleting old mails||tboeckel||tboeckel|
Currently too old mails in a folder are deleted on basis of their Date: header line, which usually is the date when they were originally written. If one does not receive mails for a longer period (due to vacation, illness, etc) it might happen that YAM will delete freshly downloaded mails immediately again if the folder's maximum age is quite narrow and the new mails' compose date exceeds this age.
A better approach would be to use the mails' receive date instead of the compose date. This way received mails would really spend exactly the amount of "max. age" days on the user's system before they finally get deleted automatically. This also ensures that possibly important mails don't get deleted immediately if their Date: header line could not be parsed correctly and their compose date will be pushed back to January 1st 1978. The receive date will always be "today" and as such should never exceed a folder's maximum mail age immediately.
|#562||fixed||Please no Passwords in Logfiles||tboeckel||opiopi|
I just send a mail with the debug version of YAM an saw my password into the logfile. IMHO it's not really required and a big security hole to include the password in plain or base64 encoded form and should be replaced with someting like xxx. The lines are: smtp.c:1006:prepared AUTH LOGIN challenge: 'MyOffCurseNotWorkingPasswort' smtp.c:1018:encoded AUTH LOGIN challenge: 'TXlPZmZDdXJzZU5vdFdvcmtpbmdQYXNzd29ydA==' don't try the password it's really not working because it's changed. A user who want to debug has the debug argument YAM which show the password in base64 encoded form.
used version: YAM 2.10-dev (09.05.2014) Copyright (C) 2000-2014 YAM Open Source Team [OS3/m68k, r7846]