Re: [qmailadmin] /open/ in qmailadmin's url
On Jan 3, 2004, at 11:02 PM, Rick Widmer wrote: Ask me about PHP, or maybe Turbo Pascal/Delphi and I've got quite a bit of practice... this is my first big c project, so please be gentle... I have modified QmailAdmin so that almost all the HTML code is in the templates. Outside of mailinglist.c there are only 8 lines [1] with any HTML in them. I can read and display everything, and it still looks the same on the browser. Wow, that's a great improvement! mailinglist.c is tricky, and I think a certain amount of HTML formatting will need to remain in the code for the time being. With CSS, it would be possible to control the look without having to change the C code. I am having trouble figuring out what is happening in qmailadmin.c about line 190. Much of the code in this file is a big three state if. The first, 'if( strcmp(pi, /com/, 5)==0)' looks for the string /com/ in the right place of the url which indicates that some command has been requested. It does some setup then calls process_commands() to do whatever. The final else case checks the users' access rights then choses one of two menus. This leaves the middle 'else if( strncmp(pi, /open/, 6)==0)'. I don't see where it does anything but try to setuid() and setgid(), then it calls vclose() and exit(0). Also, I don't see anywhere in the code that would compose a URL with /open/ in it. I think this might be obsoloete code that should be removed, but I would like a second opinion. I agree that the /open/ case can be removed. I've wanted to clean this section up anyway, and change the URLs to not have /com/ in them at all. I was hoping to be able to change my directory structure for qmailadmin like this: www.hostname.com/qmailadmin/index.cgi (the qmailadmin cgi script) www.hostname.com/qmailadmin/images/(images directory) www.hostname.com/qmailadmin/help/ (the help files) Then, it would be possible to just go to http://www.hostname.com/qmailadmin/ and log in. For this to work though, the URLs need to be built slightly differently. Instead of appending /com/showmenu?user=##U..., it should append ?com=showmenuuser=##U Feel free to strip the /open/ case, and if you're adventurous, start working on converting the URL strings and query parsing code to the new format. It should be possible to support both formats simultaneously. Also note that the two cases of that huge if/then/else have a lot of common code. I've wanted to pull that out so it's only called once. Again, it should be possible to collapse the first and last cases (after removing the second) into a single bit of code. You just go through the last code case if the com parameter isn't set. With a rewrite, that code should be shorter and easier to follow. There are still some bugs, and I need to add several more options to ##t?. My worst problem is I have broken the login/session logic. It would be great if someone could give me a high level description of how security is supposed to work. Specificly how and what session data is stored, and how is the .qw file used. I see the IP address in there, but what else, and why? The filename is built from the 'time' parameter in the URL. If it doesn't exist, then you aren't authenticated and you go back to the login screen. So, if you're losing the time parameter in a URL somewhere, then you'll lose your session. Moving user, dom and time parameters out of the URLs and into a session cookie (as a compile-time option, falling back on the URL method if cookies aren't available) would be a great improvement (and I have some ideas on implementation if someone wants to explore them). If compiled with the IPAUTH option, qmailadmin will make sure you're coming from the same IP as a security check. In addition to the IP address, we're storing text in there for a return link for people who use qmailadmin as a set of subpages. You can pass two values to qmailadmin at login for it to create a link that takes you back to the main page. What is the difference in abilities between DOMAIN_ADMIN and USER_ADMIN? I know where they come from, but how are they supposed to affect what the user can do? It isn't clear, but DOMAIN_ADMIN can do anything that the postmaster can do -- they have complete control over the domain. USER_ADMIN can modify their own account, but nothing else. NO_ADMIN means that they haven't authenticated. Is the color table something that is being added, or ignored? Some existing code uses it, but not much. Should I expand its use or remove it? It should probably be removed and the HTML should be updated extensively to use CSS. Then, it would be possible to change colors of certain items by editing their entries in the stylesheet. For example, we've got messy code to make the main menu links black and not underlined. This should be in a stylesheet. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail:
Re: [qmailadmin] QmailAdmin 1.2.0-rc2 released
On Jan 4, 2004, at 1:21 PM, Philipp Wagner wrote: But I found something else, I don't know if that is going to be a bug or only a display-error: I ran configure with --enable-htmldir=/customer/, and the image dir seems to be set wrong. I didn't install it yet, I only ran configure and make. Probably it'd a good idea to remove all ending slashes from the paths in configure. html dir = /customer/ image dir = /customer//images/qmailadmin I don't think doubled slashes are a problem. I don't know enough shell scripting to strip a trailing / off of html dir. If anyone has a simple method (sed? awk?) we can throw it in. We could also use a check for someone starting a path with ~ instead of /. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [qmailadmin] QmailAdmin 1.2.0-rc2 released
Tom Collins wrote (at Mon, Jan 05, 2004 at 06:30:28PM -0700): On Jan 4, 2004, at 1:21 PM, Philipp Wagner wrote: But I found something else, I don't know if that is going to be a bug or only a display-error: I ran configure with --enable-htmldir=/customer/, and the image dir seems to be set wrong. I didn't install it yet, I only ran configure and make. Probably it'd a good idea to remove all ending slashes from the paths in configure. html dir = /customer/ image dir = /customer//images/qmailadmin I don't think doubled slashes are a problem. I don't know enough shell scripting to strip a trailing / off of html dir. If anyone has a simple method (sed? awk?) we can throw it in. We could also use a check for someone starting a path with ~ instead of /. path=`echo $path | sed -e 's#//#/#g'` will at least remove double-slashes, but I also don't see it as a problem. If you see that happen, reconfigure it without the trailing slash. -- Casey Zacek Senior Engineer NeoSpire, Inc.
Re: [qmailadmin] Template problem?
On Jan 6, 2004, at 6:42 AM, Brandon Weisz wrote: http://download.thecrucible.ca/misc/qmailadmin.GIF Is anyone else seeing this? if you say you haven't modified anything.. .where's that yellow coming from? :) Good question ? It renders yellow in IE and its white in other browsers (Mozilla and friends.) I assure you the templates, or anything for that matter in regards to qmailadmin havn't been changed. Can you View Source in IE, save it to a file, and then send it to us as an attachment? Then we could make sure that the formatting is correct. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
[qmailadmin] spam assassin support
Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones
Re: [qmailadmin] spam assassin support
Kind of. --enable-modify-spam adds a Spam detection? checkbox at the bottom of the modify users page. If checked this changes the Standard delivery option from no .qmail file to one that contains the spam command. It changes the delivery line in Vacation delivery, and the Save a copy option of Forward to deliveries from a direct maildir delivery to the spam command. The default spam command is: |preline /usr/local/bin/maildrop /etc/mailfilter It can be set with --enable-spam-command Rick Ken Jones wrote: Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones
Re: [qmailadmin] /open/ in qmailadmin's url
Tom Collins wrote: I was hoping to be able to change my directory structure for qmailadmin like this: www.hostname.com/qmailadmin/index.cgi (the qmailadmin cgi script) www.hostname.com/qmailadmin/images/(images directory) www.hostname.com/qmailadmin/help/ (the help files) How are you planning on getting rid of /cgi-bin/? Can we make it so both of the following end up in the login page? www.hostname.com/qmailadmin/index.cgi www.hostname.com/qmailadmin/ WITHOUT changes to the default httpd.conf? I've had resistance to PHP code that required special settings in the apache configuration. I don't have a problem with it, but one client can't do it, so I had to do many things a lot differently for him. You may have more choices on a dedicated mail server, but who knows. Personally I'd never give mere mortals shell/ftp access to _anything_ on my mail server, and certainly not host non email web pages on it, it seems others aren't so picky, or are unable to have separate boxes for web and mail. Then, it would be possible to just go to http://www.hostname.com/qmailadmin/ and log in. For this to work though, the URLs need to be built slightly differently. Instead of appending /com/showmenu?user=##U..., it should append ?com=showmenuuser=##U That's pretty easy now. One of my changes in the templates replaces the common user=##Udom=##Dmodu=##Atime=##T with ##W. We can do this in just ##W now. Moving that info to the session file would be even better. I have a pretty good handle on PHP session handling, and what you described sounds very similar. One thing, they assure me time is not a good choice, and prefer a MD-5 hash of several items to make the session keys harder to guess. I agree. Also note that the two cases of that huge if/then/else have a lot of common code. I have! That _is_ on my list. I already have too many changes at one time, and want to get what I've done recorded in CVS before I do too much more. I've wanted to pull that out so it's only called once. Again, it should be possible to collapse the first and last cases after(removing the second) into a single bit of code. You just go through the last code case if the com parameter isn't set. One thing that is very important to me is making sure header.html and footer.html are ALWAYS sent. This probably involves breaking up send_template(), and using send_template_now() instead. (Then rename send_template_now() to send_template().) Overall, I think we have similar ideas. How about branching CVS and giving me write access to the development branch. 1.2.0 should be a branch, and development should be HEAD. I think that's how they do it in the PHP project, and it seems to work well. (I hope you know how to do it, I'm pretty new to CVS too. The filename is built from the 'time' parameter in the URL. Login time or last access time? Is this what is used to limit the duration of unused session? Is the color table something that is being added, or ignored? Some existing code uses it, but not much. Should I expand its use or remove it? It should probably be removed and the HTML should be updated extensively to use CSS. YES!! Philipp Wagner posted some comments on this thread. I am thinking that once the new templates are stable we should ask him to modify the templates and build a plain jane .css file for QmailAdmin that would become the official distribution template. I am not up to doing the .css stuff, but I don't object to having it, as long as it doesn't require Javascript to render the page properly.
Re: [qmailadmin] spam assassin support
Not quite what I was looking for. I'm probably going to start working on some changes to add support for spam assassin, with a --enable-spamassassin option. Basicly to allow a user to change their user_prefs file so they can manage whitelisting and change their hit count. Probably it would be best to add it to a new devel version after 1.2 is released as stable. Does anyone have any suggestions? Ken Jones On Tuesday 06 January 2004 12:43 pm, Rick Widmer wrote: Kind of. --enable-modify-spam adds a Spam detection? checkbox at the bottom of the modify users page. If checked this changes the Standard delivery option from no .qmail file to one that contains the spam command. It changes the delivery line in Vacation delivery, and the Save a copy option of Forward to deliveries from a direct maildir delivery to the spam command. The default spam command is: |preline /usr/local/bin/maildrop /etc/mailfilter It can be set with --enable-spam-command Rick Ken Jones wrote: Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones
Re: [qmailadmin] Template problem?
Tom Collins wrote: Good question ? It renders yellow in IE and its white in other browsers (Mozilla and friends.) I assure you the templates, or anything for that matter in regards to qmailadmin havn't been changed. Can you View Source in IE, save it to a file, and then send it to us as an attachment? Then we could make sure that the formatting is correct. Sure, here it is. This really has me confused. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 TRansitional//EN http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd; html head titleQmailAdmin thecrucible.ca/title meta http-equiv=content-type content=text/html; charset=iso-8859-1 meta name=robots content=noindex,follow /head body bgcolor=#ff center h2/h2 !-- Black frame 2 pixels wide -- table cellpadding=2 cellspacing=0 border=0 align=center valign=top width=600 bgcolor=#00trtd !-- Frame content -- table cellpadding=3 cellspacing=0 border=0 align=center valign=top width=100% bgcolor=#ff !-- Form title -- tr bgcolor=#00 valign=center td align=leftfont color=#ff size=3Bthecrucible.ca/B/FONT/td td align=centerfont color=#ff size=3BEmail Accounts/B/FONT/td td align=rightfont color=#ff size=3b[Used: 6/unlimited]/b/FONT/td /tr !-- End of form title -- !-- Form content -- tr td colspan=3 table cellpadding=5 cellspacing=1 border=0 width=100% !-- Form fields -- tr td table cellpadding=0 cellspacing=0 border=0 width=100% tr bgcolor=#ff td colspan=5bCatchAll: rob.parks/b/td /tr tr bgcolor=#cc th align=leftfont size=2Email Account/font/th th align=leftfont size=2Comment/font/th th align=rightfont size=2Usednbsp;/nbsp;/font/th th align=leftfont size=2Quota (MB)/fontnbsp;nbsp;/th thfont size=2ModifybrUser/font/th thfont size=2DeletebrAccount/font/th thfont size=2CatchAllbrAccount/font/th /tr !-- inserts a five columns row -- tr bgcolor=#fftd align=leftbrandon/tdtd align=leftBrandon Weisz/tdtd align=right0.00nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=brandonimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=center/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=brandonpage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr tr bgcolor=#fftd align=leftchris/tdtd align=leftChris Suttles/tdtd align=right0.02nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=chrisimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/deluser?user=brandondom=thecrucible.catime=1073429454deluser=chrisimg src=/images/qmailadmin/trash.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=chrispage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr tr bgcolor=#fftd align=leftnasrott/tdtd align=leftNeil Sowers/tdtd align=right0.00nbsp;/nbsp;/tdtd align=left10.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=nasrottimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/deluser?user=brandondom=thecrucible.catime=1073429454deluser=nasrottimg src=/images/qmailadmin/trash.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=nasrottpage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr tr bgcolor=#fftd align=leftpostmaster/tdtd align=leftPostmaster/tdtd align=right0.00nbsp;/nbsp;/tdtd align=left64.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=postmasterimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=center/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=postmasterpage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr tr bgcolor=#fftd align=leftrob.parks/tdtd align=leftRob Parks/tdtd align=right0.07nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=rob.parksimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/deluser?user=brandondom=thecrucible.catime=1073429454deluser=rob.parksimg
Re: [qmailadmin] Template problem?
On Tue, 2004-01-06 at 16:53, Brandon Weisz wrote: Can you View Source in IE, save it to a file, and then send it to us as an attachment? Then we could make sure that the formatting is correct. Sure, here it is. This really has me confused. renders ok in evolution here. -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE -- Jeremy Kitchen Systems Administrator [EMAIL PROTECTED] Kitchen @ #qmail on EFNet - Join the party! . Inter7 Internet Technologies, Inc. www.inter7.com 866.528.3530 toll free 847.492.0470 int'l 847.492.0632 fax GNUPG key ID: 93BDD6CE
Re: [qmailadmin] Template problem?
Brandon Weisz wrote: Sure, here it is. This really has me confused. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 TRansitional//EN http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd; html head titleQmailAdmin thecrucible.ca/title meta http-equiv=content-type content=text/html; charset=iso-8859-1 meta name=robots content=noindex,follow /head body bgcolor=#ff center h2/h2 !-- Black frame 2 pixels wide -- table cellpadding=2 cellspacing=0 border=0 align=center valign=top width=600 bgcolor=#00trtd !-- Frame content -- table cellpadding=3 cellspacing=0 border=0 align=center valign=top width=100% bgcolor=#ff !-- Form title -- tr bgcolor=#00 valign=center td align=leftfont color=#ff size=3Bthecrucible.ca/B/FONT/td td align=centerfont color=#ff size=3BEmail Accounts/B/FONT/td td align=rightfont color=#ff size=3b[Used: 6/unlimited]/b/FONT/td /tr !-- End of form title -- !-- Form content -- tr td colspan=3 table cellpadding=5 cellspacing=1 border=0 width=100% !-- Form fields -- tr td table cellpadding=0 cellspacing=0 border=0 width=100% tr bgcolor=#ff td colspan=5bCatchAll: rob.parks/b/td /tr tr bgcolor=#cc th align=leftfont size=2Email Account/font/th th align=leftfont size=2Comment/font/th th align=rightfont size=2Usednbsp;/nbsp;/font/th th align=leftfont size=2Quota (MB)/fontnbsp;nbsp;/th thfont size=2ModifybrUser/font/th thfont size=2DeletebrAccount/font/th thfont size=2CatchAllbrAccount/font/th /tr !-- inserts a five columns row -- tr bgcolor=#fftd align=leftbrandon/tdtd align=leftBrandon Weisz/tdtd align=right0.00nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=brandonimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=center/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=brandonpage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr tr bgcolor=#fftd align=leftchris/tdtd align=leftChris Suttles/tdtd align=right0.02nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=chrisimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/deluser?user=brandondom=thecrucible.catime=1073429454deluser=chrisimg src=/images/qmailadmin/trash.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=chrispage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr First, I suggest you try something like adding H1HERE I AM!/H1 in the footer.html file just above the /body tag, then load a QmailAdmin page. This will let you make sure you are really using the template files you think you are. Once you are sure which template files are being used, look in the file colortable. This view source output tells me the first line is: 000 #FF It should be: 000 #FF Once we know what _is_ there, we have a better idea where to look. Rick
Re: [qmailadmin] spam assassin support
Hey Ken, I posted a patch on sourceforge awhile back regarding spam assassin preferences. It's pretty hack-ish (not so good with C), but it might give you a few ideas. I made changes to mod_user to allow for different spam actions and hit count. I stopped working on this awhile ago when I got distracted with other projects ... Patch request ID: 09 cheers, Rob At 04:39 PM 1/6/2004 -0600, you wrote: Not quite what I was looking for. I'm probably going to start working on some changes to add support for spam assassin, with a --enable-spamassassin option. Basicly to allow a user to change their user_prefs file so they can manage whitelisting and change their hit count. Probably it would be best to add it to a new devel version after 1.2 is released as stable. Does anyone have any suggestions? Ken Jones On Tuesday 06 January 2004 12:43 pm, Rick Widmer wrote: Kind of. --enable-modify-spam adds a Spam detection? checkbox at the bottom of the modify users page. If checked this changes the Standard delivery option from no .qmail file to one that contains the spam command. It changes the delivery line in Vacation delivery, and the Save a copy option of Forward to deliveries from a direct maildir delivery to the spam command. The default spam command is: |preline /usr/local/bin/maildrop /etc/mailfilter It can be set with --enable-spam-command Rick Ken Jones wrote: Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones
Re: [qmailadmin] spam assassin support
Ken Jones wrote: Not quite what I was looking for. I'm probably going to start working on some changes to add support for spam assassin, with a --enable-spamassassin option. I run the spamd spamassassin daemon and have the .qmail file invoke the spamc client. Here's what I provide to the ./configure --enable-spam-command option: |preline -d -f /usr/bin/spamc -d 127.0.0.1 -p 783 -u [EMAIL PROTECTED] -f |/usr/local/bin/tomaildir $HOME/`echo $EXT | /usr/bin/tr [A-Z] [a-z]`/Maildir/ I used bin/tr to make sure the account name was in lower case. I'm sure there's a cleaner way to do this ;) Basicly to allow a user to change their user_prefs file so they can manage whitelisting and change their hit count. There is a php script called WebUserPrefs which does exactly that and more. It is available at http://www.pipegrep.net/webuserprefs. I add a button to qmailadmin/html/mod_user.html to call it. Hope that's helpful, Mike Wright
Re: [qmailadmin] spam assassin support
On Jan 6, 2004, at 6:03 PM, [EMAIL PROTECTED] wrote: I run the spamd spamassassin daemon and have the .qmail file invoke the spamc client. Here's what I provide to the ./configure --enable-spam-command option: |preline -d -f /usr/bin/spamc -d 127.0.0.1 -p 783 -u [EMAIL PROTECTED] -f |/usr/local/bin/tomaildir $HOME/`echo $EXT | /usr/bin/tr [A-Z] [a-z]`/Maildir/ There is a patch to add SpamAssassin support vdelivermail on SourceForge that will probably go into the next development cycle. It calls spamc with the correct email address for the -u parameter. If Ken adds a page to QmailAdmin for users to manage their SA prefs, we can end up with strong SA support in vpopmail/qmailadmin. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [qmailadmin] /open/ in qmailadmin's url
On Jan 6, 2004, at 2:02 PM, Rick Widmer wrote: How are you planning on getting rid of /cgi-bin/? Can we make it so both of the following end up in the login page? www.hostname.com/qmailadmin/index.cgi www.hostname.com/qmailadmin/ WITHOUT changes to the default httpd.conf? Well, perhaps we should stick to a default that will work for everyone, with a single configure option for my (personal) preferred method. Putting everything in a single directory would make it easy to add to multiple virtual domains, and ease management. Then, it would be possible to just go to http://www.hostname.com/qmailadmin/ and log in. For this to work though, the URLs need to be built slightly differently. Instead of appending /com/showmenu?user=##U..., it should append ?com=showmenuuser=##U That's pretty easy now. One of my changes in the templates replaces the common user=##Udom=##Dmodu=##Atime=##T with ##W. We can do this in just ##W now. Moving that info to the session file would be even better. I have a pretty good handle on PHP session handling, and what you described sounds very similar. One thing, they assure me time is not a good choice, and prefer a MD-5 hash of several items to make the session keys harder to guess. I agree. I'm more than happy to replace time with a random session token and agree that it's more secure. Do we need to support session timeouts (require re-authentication after a certain amount of time)? Perhaps the .qw file would be named with the random key, and the code could touch it on each access. If the file is older than x minutes, then it's deleted and the user is asked to log in again. Also note that the two cases of that huge if/then/else have a lot of common code. I have! That _is_ on my list. I already have too many changes at one time, and want to get what I've done recorded in CVS before I do too much more. I'm undecided on whether to branch the code, or to add a separate project called qmailadmin-stable. I'll have to take a look at the pros and cons, and perhaps compare how other projects do it before committing to one over the other. I've wanted to pull that out so it's only called once. Again, it should be possible to collapse the first and last cases after(removing the second) into a single bit of code. You just go through the last code case if the com parameter isn't set. One thing that is very important to me is making sure header.html and footer.html are ALWAYS sent. This probably involves breaking up send_template(), and using send_template_now() instead. (Then rename send_template_now() to send_template().) Agreed. Overall, I think we have similar ideas. How about branching CVS and giving me write access to the development branch. 1.2.0 should be a branch, and development should be HEAD. I think that's how they do it in the PHP project, and it seems to work well. (I hope you know how to do it, I'm pretty new to CVS too. A branch is probably a better way to go. I'll see what I can do. The filename is built from the 'time' parameter in the URL. Login time or last access time? Is this what is used to limit the duration of unused session? Login time. Is the color table something that is being added, or ignored? Some existing code uses it, but not much. Should I expand its use or remove it? It should probably be removed and the HTML should be updated extensively to use CSS. YES!! Philipp Wagner posted some comments on this thread. I am thinking that once the new templates are stable we should ask him to modify the templates and build a plain jane .css file for QmailAdmin that would become the official distribution template. I am not up to doing the .css stuff, but I don't object to having it, as long as it doesn't require Javascript to render the page properly. I'll release 1.2.0 as stable (pending any new bug reports) at the end of the week, and we can get started on 1.3.0. I think that the only thing that needs to go into the final release is a note to use 'gmake' instead of 'make' on certain platforms. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [qmailadmin] Template problem?
On Jan 6, 2004, at 4:33 PM, Rick Widmer wrote: Once you are sure which template files are being used, look in the file colortable. This view source output tells me the first line is: 000 #FF It should be: 000 #FF Once we know what _is_ there, we have a better idea where to look. Good catch. Take a look at the file 'colortable' in your html templates directory. It should look like this: 000 #ff 001 #00 002 #cc 003 #cfcfcf 004 #e6e6e6 If it doesn't, we need to find out why. If it is, we need to find out why qmailadmin isn't reading it correctly. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [qmailadmin] spam assassin support
how hard would it be to add a seconf spam command check box for instance one checkbox that made it use one filter and a different check box to use another? Rick Widmer wrote: Kind of. --enable-modify-spam adds a Spam detection? checkbox at the bottom of the modify users page. If checked this changes the Standard delivery option from no .qmail file to one that contains the spam command. It changes the delivery line in Vacation delivery, and the Save a copy option of Forward to deliveries from a direct maildir delivery to the spam command. The default spam command is: |preline /usr/local/bin/maildrop /etc/mailfilter It can be set with --enable-spam-command Rick Ken Jones wrote: Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones
Re: [qmailadmin] spam assassin support
there is already an amazing tool for this it's called webuserprefs http://www.pipegrep.net/webuserprefs/ it can use flat local.cf files or a db for spamassassin prefs and manages its own auth via imap/pop3/squirrelmail if you use the mysql option you get the added benefit of not having to save the individual files for every user just one dump and you're all backed up. also of interest is that you can extend it's functionality pretty easily by adding panels to it. David Rodgers Ken Jones wrote: Not quite what I was looking for. I'm probably going to start working on some changes to add support for spam assassin, with a --enable-spamassassin option. Basicly to allow a user to change their user_prefs file so they can manage whitelisting and change their hit count. Probably it would be best to add it to a new devel version after 1.2 is released as stable. Does anyone have any suggestions? Ken Jones On Tuesday 06 January 2004 12:43 pm, Rick Widmer wrote: Kind of. --enable-modify-spam adds a Spam detection? checkbox at the bottom of the modify users page. If checked this changes the Standard delivery option from no .qmail file to one that contains the spam command. It changes the delivery line in Vacation delivery, and the Save a copy option of Forward to deliveries from a direct maildir delivery to the spam command. The default spam command is: |preline /usr/local/bin/maildrop /etc/mailfilter It can be set with --enable-spam-command Rick Ken Jones wrote: Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones