> Brian Kolaci wrote: > > > Yes, however when that was done, there was never a > > concept of enforcing limits back then. Justin just submitted > > Again, I think you're wrong. As early as 4.1 there was quotas of some sort. > I believe the limits you're refering to those that are specified in the > .qmailadmin-limits file, which are a function of qmailadmin to limit how > many accounts, etc, a postmaster can create.
Not anymore. This has changed with 5.3. The .qmailadmin-limits is now extended into vpopmail and is now enforced at the domain level as well as setting default quotas for users. The old method allowed you to set a single site-wide HARD_QUOTA. > > > a patch to actually enforce these limits at, yes, the API level > > where it belongs. This *will* break if you insert into a backing > > store directly. > > Exactly what limits are you refering to? quotas, permissions (limiting what a user can do), etc. > > I still believe: Bypassing the supplied API is a kludge. > > > > (A raw datastore is *not* an API, you lose control over > > validation and many other features if you don't have a > > single thread of control over these. I don't believe the > > original author understood the implications of that statement > > and probably didn't do a request for comments on the list > > prior to that). > > > > Ken, as the original author, could you please enlighten us with your though > process instead of us guessing? > > > I'll agree that qmailadmin should also have some recovery > > code built into it, however I still disagree that anyone should > > ever insert directly into a datastore. > > I strongly disagree, and I'm doing it for a email service I run for a > non-profit. The potential user enters the username they want, I check to > make sure there is no other user or alias with that name, I "reserve" that > username for 30 min, get the credit card number from them, processes it, and > if the charge goes through, I insert a record with the username, domain, > crypted and clear text password and quota. The account is now available for > immediate use. So explain to me exactly what validation and other features > I've lost control over? > > > Brian > > Dave > >
