[horde] Security related.

[Chuck Hagenbuch]

Quoting Anant Athavale <asa at isac.gov.in>:

>> Nope. He's just using VB like a browser. He can't do anything you
>> can't do from a browser.
>
> but, how does the session is maintained?

Either by passing the cookie or by putting the session id in the URL.  
You can disable URL-based sessions if it's the latter and you don't  
mind requiring your users to enable cookies.

> It was in my sent mail.  I do not know, how it missed in the list.   
> Attaching again.

The list allows a very limited set of attachment types to prevent spam.

-chuck