Vulnerability in EPiServer.Forms
I'm looking into the webmail module in 3.1, and it struck me that you need an smtp server for this to work (or imap) - but does the users need real email adresses or is the username enough for an internal community mail system?
And can the webserver itself host as an smtp server, and be it's own domain?
Thanks for any help,
There are two ways you can use the WebModule:
1. Use external accounts. In this case the user has a mail account elsewhere and just input the credentials into the community. On the community you then build a "mail client" that user can utilize.
2. Use internal accounts. In this case you as a developer are responsible of setting up a mail server that implements certain Web Services for account handling. You actually take a mail server and add custom Web Services on top of it. In the examples I've seen Cyrus has been used.
In both cases you are forced to use IMAP.
Ok, thanks for that info.
But can the DirectMessaging module do the same, since I only need to send internal messages to users, and from users to system. Which seems to be what is implemented in the new templates? The absence of a "real" email adress is just fine, since we arent using any email adresses in the solution.
Absolutely! In the case you're describing above the DirectMessage system would be preferable to use.