Changeset View
Changeset View
Standalone View
Standalone View
src/docs/user/configuration/configuring_inbound_email.diviner
Show First 20 Lines • Show All 73 Lines • ▼ Show 20 Lines | |||||
revisions) are not permitted over email. | revisions) are not permitted over email. | ||||
This implementation is an attempt to balance utility and security, but makes | This implementation is an attempt to balance utility and security, but makes | ||||
some sacrifices on both sides to achieve it because of the difficulty of | some sacrifices on both sides to achieve it because of the difficulty of | ||||
authenticating senders in the general case (e.g., where you are an open source | authenticating senders in the general case (e.g., where you are an open source | ||||
project and need to interact with users whose email accounts you have no control | project and need to interact with users whose email accounts you have no control | ||||
over). | over). | ||||
If you leak a bunch of reply-to addresses by accident, you can change | |||||
`phabricator.mail-key` in your configuration to invalidate all the old hashes. | |||||
You can also set `metamta.public-replies`, which will change how Phabricator | You can also set `metamta.public-replies`, which will change how Phabricator | ||||
delivers email. Instead of sending each recipient a unique mail with a personal | delivers email. Instead of sending each recipient a unique mail with a personal | ||||
reply-to address, it will send a single email to everyone with a public reply-to | reply-to address, it will send a single email to everyone with a public reply-to | ||||
address. This decreases security because anyone who can spoof a "From" address | address. This decreases security because anyone who can spoof a "From" address | ||||
can act as another user, but increases convenience if you use mailing lists and, | can act as another user, but increases convenience if you use mailing lists and, | ||||
practically, is a reasonable setting for many installs. The reply-to address | practically, is a reasonable setting for many installs. The reply-to address | ||||
will still contain a hash unique to the object it represents, so users who have | will still contain a hash unique to the object it represents, so users who have | ||||
not received an email about an object can not blindly interact with it. | not received an email about an object can not blindly interact with it. | ||||
▲ Show 20 Lines • Show All 142 Lines • Show Last 20 Lines |