Comments (3)
sj26
commented on May 4, 2024
Mailcatcher binds to the local interface because the default use case is a developer running it on their local machine to test against and they only need local access. Binding to all interfaces could be a security issue for the default use case. Anybody with HTTP access to mailcatcher can clear all mail or quit. Mailcatcher also isn't hardened so running a public service by default could also expose potential attack vectors.
There is, however, an option to change the bind IP for just such cases as running a staging box:
mailcatcher --http-ip=0.0.0.0
Thanks. :-)
from mailcatcher.
davekerber
commented on May 4, 2024
I really view mailcatcher as a development time only thing so security seems like a lower concern to me, but I understand. The command line option works great so thanks.
from mailcatcher.
jarofgreen
commented on May 4, 2024
For anyone finding this later, this didn't work for me - I had to put the actual IP of the machine. Then it was fine. (Mailcatcher was running on Mac OX 10.10 and I was trying to reach it from a VM in Virtualbox)
Given the rise of Virtual Machine environments for dev work, these options should maybe be mentioned on http://mailcatcher.me/ ? I do agree these are the best defaults for security reasons tho.
Thanks for the software - it's great!
from mailcatcher.
Related Issues (20)
- Doesn't work on rhel8-like distr in docker with arm arch HOT 4
- Display name to/from not showing on web/api
- ruby-3.0.0/gems/eventmachine-1.2.7/lib/eventmachine.rb:1490:in `event_callback': undefined method `close' for 9:Integer (NoMethodError) HOT 2
- Not compatible with newest version of Rails 7.0.4.3 HOT 4
- Add clarity about message delivery in the readme HOT 1
- can not start mailcatcher HOT 3
- Thin::Server::Fixnum HOT 1
- Send email to stdout HOT 1
- Eventmachine fails to compile on Windows HOT 15
- Exception: undefined method `length' for nil:NilClass HOT 1
- Fixnum is uninitialized HOT 2
- Installation fails
- Liveness and Readiness probles HOT 1
- No longer updates just-sent emails HOT 5
- Update gem spec minimum versions HOT 3
- 0.9.1.beta2 does not work with Ruby 3.3 HOT 5
- Issue with Displaying Logs in MailCatcher HOT 1
- docker image not working HOT 2
- Website broken Icon
- Internal Server Error HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mailcatcher.