Security suggestion/question #57
Description
I have been looking at ThePhish for some working hours and setting everything up, in the Process I have found a security issue/concern if I'm not completely wrong.
When setting up imap you need to fill out the thephish_conf_files/configuration.json, the issue with that is, that you would store a password via plain text, which is not good, the alternative would be to use a template, so rename the configuration.json to configuration.template.json and work with a script to wirte the password to the file on start and store it somewhere secure. There would be a better way by integrating acceptance for environment variables into the list_emails.py so you can use a environment variable and use docker secrets with it, so it is never openly stored on run. I'm not 100% sure about that, thats why i ask about it, if that`s true I would gladly contribute this to the project, if needed.
hope i didǹt waist anyone's time if that is a stupid question/request that`s my first ever interaction on a project like this and I hope I contribute at least something
And thanks for the nice project, its very interesting and useful when deployed!