[TYPO3-core] RFC: Change default value of $TYPO3_CONF_VARS[FE][secureFormmail]
franz at fholzinger.com
Sat Aug 26 08:27:49 CEST 2006
>I am totally unsure about this, therefore I'm not really suggesting to change
>it but more waiting for comments.
>To me it seems like $TYPO3_CONF_VARS[FE][secureFormmail] is too strict because
>it breaks with reciepients specified in TypoScript for example.
>In my opinion, $TYPO3_CONF_VARS[FE][strictFormmail] (which is also turned on
>by default) is safe enough as long as the encryptionKey has been set.
>The proposed patch would change this setting, however I'd like to hear some
I think the default settings should remain secure here to keep spammers
away. Many TYPO3 sites might not use the encryptionKey.
More information about the TYPO3-team-core