You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The default setting for ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS is True. This means the default configuration of allauth is effectively happy to send spam reset emails to arbitrary email addresses.
I suggest this default is changed to False.
The text was updated successfully, but these errors were encountered:
But, if I signup using your email address, the system will happily spam you as well. So, changing the default does not prevent spamming yet does break backwards compatibility.
The default setting for
ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS
isTrue
. This means the default configuration of allauth is effectively happy to send spam reset emails to arbitrary email addresses.I suggest this default is changed to
False
.The text was updated successfully, but these errors were encountered: