[TYPO3-core] RFC: Change default value of $TYPO3_CONF_VARS[FE][secureFormmail]
Franz Holzinger
franz at fholzinger.com
Sat Aug 26 08:27:49 CEST 2006
Hello Michael,
>Problem:
>I am totally unsure about this, therefore I'm not really suggesting to change
>it but more waiting for comments.
>
>To me it seems like $TYPO3_CONF_VARS[FE][secureFormmail] is too strict because
>it breaks with reciepients specified in TypoScript for example.
>
>In my opinion, $TYPO3_CONF_VARS[FE][strictFormmail] (which is also turned on
>by default) is safe enough as long as the encryptionKey has been set.
>
>Solution:
>The proposed patch would change this setting, however I'd like to hear some
>opinions first...
>
>
>
I think the default settings should remain secure here to keep spammers
away. Many TYPO3 sites might not use the encryptionKey.
- Franz
More information about the TYPO3-team-core
mailing list