Doc: add a security section in the FAQ

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@922 3d1905a2-6b24-0410-a738-b14d5a86fcbd
2010-01-20 22:24:45 +00:00 · 2010-01-20 22:24:45 +00:00 · c6abdc8f23
parent e69df38b90
commit c6abdc8f23
1 changed files with 31 additions and 3 deletions
--- a/src/site/xdoc/faq.xml
+++ b/src/site/xdoc/faq.xml
@ -69,9 +69,37 @@
                <p>
                    <strong>Is Exchange 2010 supported ?</strong>
                </p>
-                <p>Currently, the answer is no. As Microsoft decided to drop WebDav support in Exchange 2010, DavMail will
-                not work with this new version. New Exchange Web Service support compatible with Exchange 2010 is in the
-                roadmap, but not yet available.</p>
+                <p>Currently, the answer is no. As Microsoft decided to drop WebDav support in Exchange 2010, DavMail
+                    will
+                    not work with this new version. New Exchange Web Service support compatible with Exchange 2010 is in
+                    the
+                    roadmap, but not yet available.
+                </p>
+            </subsection>
+
+            <subsection name="Security">
+                <p>
+                    <strong>How do I secure DavMail connections ?</strong>
+                </p>
+                <p>Communication between DavMail and you Exchange server is secured by default as long as you access
+                    OWA over HTTPS. Communication between the messaging client and DavMail is <em>not</em> secured by
+                    default. This is not an issue in standalone mode as all communication is local, but you may want
+                    to improve this in server (shared) mode. This is quite simple: you just need to get a server
+                    certificate in PKCS12 or JKS format and add it in the key store section in DavMail settings,
+                    see <a href="gettingstarted.html">Getting started</a>. You need to choose the key store type in
+                    davmail.ssl.keystoreType: PKCS12 for .p12 file and JKS for java generated key stores. Then set the full
+                    path to your certificate file in davmail.ssl.keystoreFile and the certificate file password in
+                    davmail.ssl.keystorePass. You may also have a key password in addition to the file password, specify it
+                    in davmail.ssl.keyPass.
+                    This will switch all DavMail services to SSL mode: POP3S/IMAPS/SMTPS/HTTPS/LDAPS.
+                </p>
+
+                <p>
+                    <strong>Are my credentials safe ?</strong>
+                </p>
+                <p>DavMail does not store Exchange username and password, they are provided by the messaging client over
+                    IMAP, HTTP, POP, SMTP or LDAP
+                </p>
            </subsection>

            <subsection name="Caldav (calendar)">