I have two options regarding x_frame_options.
1. In which file do I set $rcmail_config['x_frame_options']?
2. What are the valid values for that option? I'd like to only allow a specific domain to iframe load (sphere.mydomain.com), which differs from my roundcube domain (cube.mydomain.com)