For security reasons would be great to add possibility limit OC_User_IMAP (or other methods as well) for specified domain(s) to avoid trying login with not-alowed email domains.
And add control function to check if login email domain belongs under alowed domains list. If not, do not try to ask IMAP for login.
yes this would makes sense!
an additional parameter could store a boolean value whether to stripe the domain or not (where the default would be to stripe it; as it is now)...
For security reasons would be great to add possibility limit OC_User_IMAP (or other methods as well) for specified domain(s) to avoid trying login with not-alowed email domains.
And add control function to check if login email domain belongs under alowed domains list. If not, do not try to ask IMAP for login.