tmail and account verification
Hello, I'd like tmail to check if a account is expired before attempting to deliver mail to it. It's a shame that there has not been developed a standard way to check this on Unix. But since the world is as it is, how about adding a checkacct() function to the osdep ckp_*.c files, which could do pam_acct_mgmt on PAM systems, check pw-pw_expire on systems with that, sp-sp_expire on systems with that etc. I'm in no possition to make this work on all platforms supported by uw-imap, but I could contribute to a few. Is this the way to go, or should this be solved a different way? PS: Is it really necessary for tmail to make such verbose logs under normal operation? :-) Mvh, Frode Nordahl -- -- For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html --
Re: tmail and account verification
On Fri, 24 Sep 2004, Frode Nordahl wrote: I'd like tmail to check if a account is expired before attempting to deliver mail to it. tmail does not currently do this. I feel that the harm to a site which does not want it done is too great, so I don't think that I will make this change. Account expiration is generally a point at which user access to an account is shut off, and is not necessary the same as account termination. Since you have tmail sources, you are welcome to make the change in your own copy of tmail. Is it really necessary for tmail to make such verbose logs under normal operation? :-) The level of tmail logging is controlled by the syslog configuration file for the LOG_MAIL facility. Most of the tmail babble type messages are at LOG_INFO level (which is also the level at which sendmail babbles), with warnings and errors at LOG_WARNING or LOG_ERR. -- Mark -- http://staff.washington.edu/mrc Science does not emerge from voting, party politics, or public debate. Si vis pacem, para bellum.
Re: tmail and account verification
On Fri, 24 Sep 2004, Mark Crispin wrote: On Fri, 24 Sep 2004, Frode Nordahl wrote: I'd like tmail to check if a account is expired before attempting to deliver mail to it. tmail does not currently do this. I feel that the harm to a site which does not want it done is too great, so I don't think that I will make this change. Account expiration is generally a point at which user access to an account is shut off, and is not necessary the same as account termination. Yes, that is exactly the point. If the user no longer has login rights no sense in storing mail they cannot read but you want to keep the account entry so any '.forward' file they may have will work. We have a rather migratory user base and so have a two phase removal policy (deactivate and then later delete). I agree that you would not want to make this behaivor the default but why not make it an additional command line option? Since you have tmail sources, you are welcome to make the change in your own copy of tmail. At our site we've already done this. ;) Is it really necessary for tmail to make such verbose logs under normal operation? :-) The level of tmail logging is controlled by the syslog configuration file for the LOG_MAIL facility. Most of the tmail babble type messages are at LOG_INFO level (which is also the level at which sendmail babbles), with warnings and errors at LOG_WARNING or LOG_ERR. -- Mark -- If it's just babble why not make it LOG_DEBUG? We keep LOG_INFO mail entries for transaction records, use LOG_DEBUG for debugging/monitoring. I have two sets of syslog entries, '*.info' for transaction logging, '*.debug' for debugging/monitoring and have a cron job that trims the 'debug' logs. -- Dave Funk University of Iowa dbfunk (at) engineering.uiowa.eduCollege of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527 #include std_disclaimer.h Better is not better, 'standard' is better. B{
Re: tmail and account verification
On Sep 24, 2004, at 21:14, David B Funk wrote: I agree that you would not want to make this behaivor the default but why not make it an additional command line option? Or even a compile time option, since this will most likelly not be supported on all platforms. (I don't know which, but I'm sure there are platforms that does not have PAM nor concepts of account expiration) I'll have a go on this and provide some patches. For PAM users it will also have the nice effect of being able to put in added functionality through PAM (pam_mkhomedir springs to mind). I'm sure others might find some use for this, but it should of course be a optional feature. If it's just babble why not make it LOG_DEBUG? We keep LOG_INFO mail entries for transaction records, use LOG_DEBUG for debugging/monitoring. I'll second that. Most daemons on my system send such info to LOG_DEBUG. A single line to LOG_INFO stating that the mail was delivered, or a single line to LOG_WARNING / LOG_ERR, stating that it wasn't would suffice. Mvh, Frode Nordahl -- Dave Funk University of Iowa dbfunk (at) engineering.uiowa.eduCollege of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527 #include std_disclaimer.h Better is not better, 'standard' is better. B{