Security

Connections are secured with Transport Layer Security by default. Insecure configuration settings and password-handling practices are advised against in the documentation.

Caveats

Credentials are stored in memory so that they need not be entered again in case of a referral. However, because page-locking is unfeasible in Python, they may be swapped out to the disk.

SieveManager can query password managers to automate logins. However, any command that can be run by sievemgr can, at the very least, also be run by any application that can run python.

Versions

Only the most recent version of SieveManager receives security updates.

Tip

Subscribe to https://codeberg.org/odkr/sievemgr/releases.rss to be notified about new releases.

Reporting

If you have discovered a security issue, please write an encrypted email to the @zoho.com address listed in my PGP key.