Hi John, At fist, thanks a lot for your suggestions.
I am aware of your "onchange" script, but our topic is security. I think that we cannot give remote client IP as parameter in your onchange script. We took note of our customers' complaints. They claim that somebody always logging in system via qmailadmin. Then he/she alters the users' properties (such as passwords, quotas), adds new users to system and also removes some users from system. In this position, we want to know who (which IP?) did these things. Moreover, qmailadmin-logger.patch is a C code, and do not have performance problems. However, onchange is a basic script. Does your onchange script give remote IP? I think onchange cannot give it. Best regards... > On 2007-08-20, at 0427, Metin KAYA wrote: >> >> I have written a patch that create log file for qmailadmin-1.2.9. >> When a >> user's password or quota changed, a user deleted from the system or >> a user created this patch logs the events. > better suggestion for you. i've written a patch to qmailadmin which > makes it trigger the "onchange" functionality which is part of the > later versions of vpopmail. instead of explicitly creating your log > entries within qmailadmin (and hard-coding a filename into the > binaries, ugh) why not use the "onchange" code, send the data which > needs to be logged as "onchange" events? > this way, the "onchange" script can easily be written or changed to > send the log entries wherever the system admin wants them (instead of > hard-coding "/var/log/qmailadmin.log" into the binaries). > you also gain the benefit that any external scripts which may need to > be called (i.e. building new auth.cdb or validrcptto.cdb files for > qmail-smtpd, making final backups of mailboxes before they are > deleted, etc.) are called at the appropriate times, no matter whether > the event originated in qmailadmin, vpopmaild, the command line > programs, or any other program which uses the vpopmail API. > this web page has information on the original "onchange" patch, as > well as the "onchange" patch for qmailadmin (which hasn't been added > to a release version of qmailadmin yet, but is working just fine on > my own server, my clients' servers, and several friends' servers.) > http://qmail.jms1.net/vpopmail/ > ---------------------------------------------------------------- > | John M. Simpson --- KG4ZOW --- Programmer At Large | > | http://www.jms1.net/ <[EMAIL PROTECTED]> | > ---------------------------------------------------------------- > | http://video.google.com/videoplay?docid=-1656880303867390173 | > ---------------------------------------------------------------- -- Metin KAYA EnderUNIX Software Developer Endersys Software Engineer http://www.EnderUNIX.org/ http://www.Endersys.com.tr/
