[TYPO3-core] RFC: Change default value of $TYPO3_CONF_VARS[FE][secureFormmail]

Franz Holzinger franz at fholzinger.com
Sat Aug 26 08:27:49 CEST 2006

Hello Michael,

>I am totally unsure about this, therefore I'm not really suggesting to change 
>it but more waiting for comments.
>To me it seems like $TYPO3_CONF_VARS[FE][secureFormmail] is too strict because 
>it breaks with reciepients specified in TypoScript for example.
>In my opinion, $TYPO3_CONF_VARS[FE][strictFormmail] (which is also turned on 
>by default) is safe enough as long as the encryptionKey has been set.
>The proposed patch would change this setting, however I'd like to hear some 
>opinions first...
I think the default settings should remain secure here to keep spammers 
away. Many TYPO3 sites might not use the encryptionKey.

- Franz

More information about the TYPO3-team-core mailing list