Hi,
We have roundcube installed on our apache server and i noticed that log file imap in roundcube folder contains user name and its password.
example:
[08-Jun-2011 12:03:43 +0200]: C: a001 LOGIN "user" "pass"
Somehow i want to disable this. Any ideas ?
Milos
Change $rcmail_config['imap_auth_type'] in /config/mian.inc.php to a method that your server supports and doesn't send the password in plain text.
I could do that but that is really not the solution, because I also found out that in logs folder in ldap file roundcube also logs a ldap bind password.
These are debug information, just disable *_debug options.