piler/SECURITY.md

Disclosure policy

If you find a security issue, please contact the project owner at sj@acts.hu
with the details (ie. piler version, details of the setup, how to exploit the
vulnerability, etc).

Please provide 30 days for verifying the vulnerability, fixing the issue, and
notifying the piler users.

Security update policy

If a security vulnerability has found, the details, possible mitigations,
workarounds, etc. will be shared on the piler mailing list (piler-user@list.acts.hu)
and on the wiki: https://www.mailpiler.org/

Security configurations

 - Use https for the GUI
 - Reset the default passwords for admin and auditor
 - Use the smtp acl feature to restrict SMTP access to the archive, see https://mailpiler.com/smtp-acl-list/
Added SECURITY.md Signed-off-by: Janos SUTO <sj@acts.hu> 2020-04-21 20:34:29 +02:00			`Disclosure policy`

			`If you find a security issue, please contact the project owner at sj@acts.hu`
			`with the details (ie. piler version, details of the setup, how to exploit the`
			`vulnerability, etc).`

			`Please provide 30 days for verifying the vulnerability, fixing the issue, and`
			`notifying the piler users.`

			`Security update policy`

			`If a security vulnerability has found, the details, possible mitigations,`
			`workarounds, etc. will be shared on the piler mailing list (piler-user@list.acts.hu)`
Updated link in SECURITY.md Signed-off-by: Janos SUTO <sj@acts.hu> 2021-02-23 11:51:38 +01:00			`and on the wiki: https://www.mailpiler.org/`
Added SECURITY.md Signed-off-by: Janos SUTO <sj@acts.hu> 2020-04-21 20:34:29 +02:00
			`Security configurations`

			`- Use https for the GUI`
			`- Reset the default passwords for admin and auditor`
Updated security.md file Signed-off-by: Janos SUTO <sj@acts.hu> 2021-05-02 21:11:36 +02:00			`- Use the smtp acl feature to restrict SMTP access to the archive, see https://mailpiler.com/smtp-acl-list/`