I don't see how a master password is significantly easier than having
the admin change/set the user's password, do the testing, then letting
the user change their password when the admin's done.
That being said, if someone writes the code for this in such a way that
it can be made an option, I'd gladly include it. I don't see any reason
not to. At this point though, vpopmail's authentication doesn't provide
such a mechanism that I'm aware of.
--
-Eric 'shubes'
On 09/13/2013 01:05 PM, Peter Peltonen wrote:
Hi,
On Fri, Sep 13, 2013 at 10:18 PM, Eric Shubert <[email protected]
<mailto:[email protected]>> wrote:
What would be the purpose of allowing the postmaster to read/delete
people's emails?
Sometiems one needs to login to user's account and verify some config
settings from webmail, for example. Easiest way to debug if an account
is working, is to sent a user a msg, login to webmail and check if it is
there. Or to send a msg from the webmail after a complaint "I cannot
login to webmail" or "My account is not working" etc.
The QMT administrator can of course grep through emails and look at
them with "less" or whatever tools are available there. I would like
to see an option where even this would not be possible. I'm not in
favor of using the mbox format though (in case someone's wondering).
As root can access the emails anyway, I do not see why postmaster
couldn't login to user's account with a master password -- It's the same
kind of situation as that root can access users homedirs and use sudo to
login with user's account if needed to test something?
I understand your concern for privacy. My view is is that sysadmins are
not that different from medical doctors: the customers/patients trust
you with their private and sensitive affairs, and it is your
responsibility to keep the information only to yourself.
Best,
Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
