On Tue, 21 Nov 2006 08:41:47 +0100, you wrote: >What about user role? Is it possible to configure special actions, e.g. >learn antispam ham/spam, set spam score, and similar?
No, QUICA just supports managing Users. There is one [EMAIL PROTECTED] account which can do everything - users might login to their accounts only to change the password. No handling of spam or sophisticated stuff about your mailroutings, no role-based security. It is a plain, easy interface and helps you to get rid of that "could you please make some new email-addresses for my little sister and her girlfriend" tasks - of course you might NOT want to get rid of exactly THAT kind of approaches, well, just kidding... But to not "talk bad" about quica - I think the backend is quite ok, so if you want to make something similar, take a look at the code! The courier-commands are all executed via sudo, so it is not SUCH a security nightmare like many, many "webbased admin panels" out there usually are. Also Quica provides a nice commandline interface for tasks like "adddomain" and "deletedomain" that helps you get up new accounts very fast - clean python code. Also there is a nice mass export / import script. Beware that Quica is not very "new" - the php web frontend was made long before these evil XSS-attacks got attention of web-programmers, so I am sure that there might be one or the other problem with things like this or SQL-Injections... but I never had the time to check the code myself - but if you want to put it on the web, you may feel better with some extra auth before the quica login... not comfortable for your users, but I bet, if you analyse the code, some evil trap will be found... it just happens that nobody seems to have searched for errors before, because it does not seem to be widely in use.... I wanted to make my own frontend and keep the quica python backend... but, well, somehow this project has "fallen of the stack"... never accomplished, what exactly I want to "manage" - and with all the settings that would be possible, PLUS unbelievable multiplicity of antispam-options to implement, PLUS antivirus-settings, Blacklists, whitelists, DNSBL... and do not forget role-based security for all domains... you get it, it can easily grow to a project that is much too big... it would be wise to determine exactly, what featureset one wants to support. Anyway - I always kept watching things in that area, especially as most "webpanels" are poor in quality and - most annoying - are not supporting the brilliant courier-mta (there are many very evil hardcoded antipatterns to be found in these area of web-programming bound to one mta only - no choice given!) - but in fact there still is a lack of a GOOD tool that could help to delegate courier user managment. It would be very important to have the frontend separated from the backend, again, look at the quica implementation! When it comes to Userbased-Antivir/Spam-Settings I think Maia mailguard http://www.maiamailguard.com/ does something quite interesting here, but of course this is not a courier-specific tool, it operates on amavisd-new. Squirrelmail also has some plugins for spamstuff, but there is no "domain admin" or something that could help with courier... there are some olugins, however, that helop with other servers, maybe a starting point... Also there are some open source panels out there here are just a few: http://www.vhffs.org/new/doku.php http://syscp.org/ http://vhcs.net/new/ http://www.web-cp.net/ http://chaogic.com/vhost/ find more here: http://www.gplhost.com/software-dtc_9competitors.html Maybe it would be the best approach to add some courier functionality to one of these... I looked into some of them and got disappointed more than once - none is perfect, some are totally screwed, overcomplicated or have major conceptual security problems or you have to change your style of doing things massively - all of them have problems if you still want to make fast administrative changes to the system editing plain old config textfiles, as manual changes are not mirrored back into the databases automagically, leaving you with an inconsistent system - so you end up tied to a web-frontend sacrificing flexibility to alleged user comfort... anyway, some of them have implemented some ideas of how to abstract settings and how to make modules that translate these into configfiles. I forgot to mention webmin / usermin... vhcs has nice configfile templates for this approach, but there are some very strange security-related discussions in their forum, that disappointed me... syscp seems to be made by people that know what they are doing, but has lots of hardcoded stuff, no abstraction and therefor no easy switching to other mta... but author is working on new version... in most of these tools you will find one or the other dead end that keeps you away from using them... they all make the mistake to start coding from scratch, so often features are missing that you really want to have. E.G. not one of the mentioned tools support keeping your configfiles in a subversion repository, what is IMHO a quite common and also very useful thing... I think it would be good to focus on a small feature set - in your case mail user administration - and use something to implement it, that is easily extendable and brings most basic functionality already... one of the rails-like web-frameworks could be a good start - they bring all the nifty frontend stuff automagically and will help to concentrate on a good backend, that detects manual changes (FAM) and help admins to make things more easy, not more complicated. At the moment I would favor django http://www.djangoproject.com/ for such a thing, but, of course, the stack for nice projects I would like to do is still much too big... give us some feedback about your ideas! wow, too much text, sorry... ;) Synopsis: fast and dirty: use quica backend and make new frontend with extended functionality. do it real good: use django and think about a modular design and manual-changes-aware backend that would suffice also other admin tasks... Tommy ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
