Re: [qmailadmin] QmailAdmin 1.2.14 released
Note: I cc'd Matt because of my intent to release a 1.3 branch for vpopmail 5.5. On 3/26/2010 12:20 AM, Tom Collins wrote: http://qmailadmin.sf.net/ 1.2.14 - released 25-Mar-10 Peter Pentchev - Update the Bulgarian translation Harm van Tilborg - Fix error in command.c preventing --enable-catchall from working. Have you updated SVN? I'm not seeing any mention of .14 yet. Am I missing developer access to svn somewhere? I am still having a hard time finding my way around the new SourceForge web site... I am planning on releasing a development branch of qmailadmin so there is a tarball available that works with vpopmail 5.5. Before I start I'll post my current idea of what to do and see if anyone has comments. Currently in CVS: o trunk which has up to 1.2.0 released 28-Jan-04 plus unreleased 1.2.1-pre1 and 1.3.0 which is the zh-cn translation. (Way behind the times!) o branches/stable-1_2 released 2-May-09, which contains up to the release of 1.2.13 o branches/v1_4_0 - unreleased, based on 1.2.13 with changes to work with vpopmail 5.5. What I think needs to be done: o 1.2.14 needs to be committed into stable-1_2 branch, and a tag created. o All references to qmailadmin 1.4 should be changed to 1.3, including the name of the branch. o stable-1_2 and v1_3_0 should be merged into trunk. Set the version to 1.3.0, create a tag and release as the latest development version. o Add a note on the download page of sourceforge that the big green download button is the stable release and works with vpopmail 5.4, for vpopmail 5.5 use version 1.3 from qmailadmin-devel. In the future we should: o New development in trunk. Vpopmail 5.5 is required. o Bug fixes only in stable-1_2 and merged into trunk. This version always works with vpopmail 5.4. o When vpopmail 1.5 becomes stable, move qmailadmin 1.3 to stable. o Abandon or remove v1_3_0 branch. Any comments before I start? Thanks, Rick !DSPAM:4bad529b32711523594743!
Re: [qmailadmin] crash with add forward
d...@stean.ch wrote: hello there, i recently updated to qmailadmin 1.2.12 because of a fix in it which is important for my environment. however i got a new problem and had to go back to vpopmail 5.4.17, meaning that vpopmail 5.4.17 does not work with qmailadmin on my system. add a new forward will give me some double free errors on allocated resources in my error.log of apache which are due to qmailadmin and vpopmail. is this problem known? do you need more input (error files, debug output?) Did you re-compile qmailadmin after changing vpopmail? If not, you must. Rick !DSPAM:49f5b4bf32682606013996!
Re: [qmailadmin] limit Postmaster account
Kis Peter wrote: Hi! Is there a way to limit Postmaster account in QmailAdmin to only being able to login from a specific IP address? http://httpd.apache.org/docs/1.3/mod/mod_access.html http://httpd.apache.org/docs/1.3/sections.html !DSPAM:49b9165932681573913680!
Re: [qmailadmin] Vpopmail QmailAdmin using vadddomain -u
# useradd test2 # vadddomain -u test2.com password Directory: /home/test2/domains /test2.com POP via mailer: OK SMTP via mailer: OK SqWebMail Login: OK QmailAdmin Login: Error ! I think it should be: useradd test2 vadddomain -u test2 test2.com password
Re: [qmailadmin] Beta patch
Matt Brookings wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi again. The patch I spoke of earlier is available to anyone who would like to try it out. Here are the changes I've made: Please upload this patch to the SourceForge tracker so it doesn't get lost. http://sourceforge.net/projects/qmailadmin/ Under tracker, add either a feature request or patch. Please include a copy of the email you sent with info on the patch. Thanks, Rick
Re: [qmailadmin] qmailadmin onchange patch
Tom: Do you still have a lock on qmailadmin development? If not I'll see about getting this added. Rick John Simpson wrote: snip
Re: [qmailadmin] Update of french translation
Stephane Bouvard (ML) wrote: Hi, I've fixed a few bugs in the french translation of qmailadmin (problems with catchall and vacation auto-response messages, wich does not correspond anymore with the current version and thus create confusion), where can i send the update to be included in the next release ? Also a small fix into show_users.html, line 25, colspan must be 7 and not 5 Here would work, but [EMAIL PROTECTED] would probably be better, so we don't bother everyone on this list. Either way I'll get it into the next release. Thanks, Rick
Re: [qmailadmin] rebuilding templates as XHTML
Quinn Comendant wrote: Hi Tom snip Beau will be emailing you off-list to show you what is done so far and to discuss going forward with the C source mods. (This will include rhetoric such as should we alienate users who have built custom templates for pre-1.2.11 releases.) May I suggest moving this discussion to the qmailadmin-devel list on SourceForge. There is at least one other qmail admin developer who is interested in this project... http://sourceforge.net/mailarchive/forum.php?forum_id=34241 Rick
Re: [qmailadmin] qmail install script 1.3.17
Franz Stancl wrote: Franck schrieb: Hi, i've released a new version of my qmail installation script 1.3.17 : I just tried out this script for the first time and I found a problem here. Using Debian Sarge it barks here: [...] chkuser.c:37:22: vpopmail.h: No such file or directory chkuser.c:38:19: vauth.h: No such file or directory chkuser.c:39:29: vpopmail_config.h: No such file or directory Obviously it expects that vpopmail is already installed, but that part comes only later in your script. Hence if you skip over the problematic part and try to install vpopmail first, it fails, too: [...] checking whether we can locate the qmail-newu program... no So it looks like a deadlock to me ;) For the records - my work around was: 1) Get rid of the chkuser patch 2) compile qmail /netqmail 3) compile vpopmail 4) re-run your script with the chkuser patch If there is a cleaner way to get around this, please let me know. It looks like you are on the right track... The recommended way is: Install qmail without the patch. Install vopopmail. Recompile and install qmail with the patch.
Re: [qmailadmin] qmailadmin 1.2.3 cannot read vpopmail.mysql
matt wrote: In the apache logs I see vmysql: can't read settings from /home/vpopmail/etc/vpopmail.mysql although I don't see a reason it wouldn't be able to read that when it executes setuid If it says that, it _is_ having a problem reading the file where it stores the settings needed to open the database. I also see vmysql: sql error[3]: MySQL server has gone away which is probably because it can't get the correct login details for mysql from vpopmail.mysql If there is one of these for each can't read message, it is certain. Mysql is fine - vqadmin and vpopmail are using it fine, I can connect to mysql and the vpopmail database using the vpopmail use from the command line, and I can select and update manually so there is %100 no problem there, which is backed up by vqadmin. So why can't qmailadmin read the configuration file with the database settings in it? Find that and you've probably got it. Rick
Re: [qmailadmin] Error 6 - cannot find an answer
Guy Merritt wrote: Tom, Thanks very much for the quick reply... I am going to try upgrading, I believe. The wife and I are pretty poor and I have a number of people willing to pay me to host their sites - every little bit helps. I'm going to try and upgrade the whole shebang Take a look at this: http://shupp.org/toaster/
Re: [qmailadmin] question about qmailadmin feature
Tom Collins wrote: On Feb 9, 2005, at 12:34 PM, TigerPaw wrote: I'm running a mail server setup similar to the one described at http://shupp.org/toaster/Vpopmail / qmailadmin / ezmlm / qmail /etc .. I been running some mailing lists on my server for sometime now and I haven't had anyone needing the Message Archive support via ezmlm-cgi until recently...I got ezmlm-cgi to work on my server and all but the archive retrieval is open to anyone., no matter if I change the setting under qmailadmin / mailing list settings for that list to 'limited to subcribers or limited to moderators.Anyone have any clues why this might be happening and a possible fix..as i would truelly like to get the Archive retrieval via web access to work properly.. The limits only apply to retrieving archived messages via email. I have not personally set up ezmlm-cgi, so I don't know if it includes any options for limiting access. Since it can't authenticate someone as a subscriber or moderator to the list, access limits are up to you. The easy way would be to setup basic authentication under Apache Location /cgi-bin/ezmlm-cgi AuthType Basic AuthName MailList AuthUserFile /web/hosts/www.somedomain.com/etc/users Require valid-user /Location The users file is created with htpasswd. I know this works in the web server configuration files, and may work in .htaccess files.
Re: [qmailadmin] Export mailing list to a text file
Naveen wrote: HI ALL, Can anybody tell me how to export a list to a text file? man ezmlm-list should get you started.
Re: [qmailadmin] Blocking internal users
Dave Johnson wrote: Hi all Need some help on an installation. I need to set up a qmail server with the following configuration It is a two tier server with 20 users. Five users have full email access ie. external and internal and the balance only have internal access. Will vmoduser -r [EMAIL PROTECTED] stop that user from emailing externally. I don't think so. All it does is set a flag. You will have to find / make a patch to qmail-smtp to actually do the restriction. I don't know where to look for such a thing. If I was in your situation I would probably setup two qmail servers. One inside the firewall with all the mailboxes and with qmail-smtp setup on port 24 and 25. This machine handles internal mail, and all pop/imap accounts. The firewall must not pass port 25 traffic in either direction. The other machine is on the outside of the firewall with port 25 setup so it only accepts incoming mail. Setup port 24 with qmail-smtp setup using smtp-auth requiring encrypted passwords to send mail. All mail to your domain(s) is forwarded with smtproutes to port 24 of the inside machine. Unprivileged users use port 25 to the inside mail server, which cannot access any other mail servers on the Internet because of the firewall. Privileged users send all mail to port 24 of the outside server, using authenticated logins. Now how do you stop them from using webmail accounts on port 80 to bypass this setup and send email anyway? At least it won't be on the company domain name...
Re: [qmailadmin] Password encryption
[EMAIL PROTECTED] wrote: I am still unable to determine how my mail server is encrypting passwords. An example encrypted password is: $1$AaAkCUIr$tq.YJ2hHJDQ56Zbgg83eh1 I need to be able to query the mysql db to authenticate the user via the encrypted password above. Please help crypt() with md5
Re: [qmailadmin] Forward option in qmailadmin
Dave Lowe wrote: When using the vacation setting (autorespond) in qmail it builds a .qmail file in each user. My question is where does this X number of messages in Y amount of time live, our default is 3 messages per day and the system stops sending responses, I would like to tweak this default and let my users set their own vacation times rather than having to edit the .qmail file manually for each user on vacation at any time. The settings are hard coded in the qmailadmin source. Look in the file autorespond.c. Users will not be able to manage their own values. Rick
Re: [qmailadmin] max forwards
Ken Jones wrote: IMHO this should make that constant easier for do-it-yourselfers to find and modify. I agree. What about using the .qmailadmin-limits values for max forwards? +1 Rick
Re: [qmailadmin] QmailAdmin RH9 Problem
Adam Carnine wrote: Here is my configuration output, in case I've done something here and just don't realize it. - qmailadmin 1.2.0 Current settings --- cgi-bin dir = /www/qmailadmin html dir = /www/qmailadmin image dir = /www/qmailadmin/images image URL = ../images template dir = /usr/local/share/qmailadmin I can't make any promises if this will fix your problem or not, but this does not look right... Assuming Apache --prefix=/www, which makes your default DocumentRoot /www/htdocs and cgibin directory /www/cgi-bin, it should look like this: --enable-cgibindir=/www/cgi-bin This should be a directory outside of DocumentRoot with a ScriptAlias that allows it to run programs. --enable-thmldir=/www/htdocs This should be your DocumentRoot directory. --enable-imagedir=/www/htdocs/images/qmailadmin This should be a directory below your DocumentRoot directory, where you place the qmailadmin images. --enable-imageurl=/images/qmailadmin This should be the url of the images directory. I don't believe a relative path is appropriate here. If your /www directory is really DocumentRoot, the qmailadmin should not be inside it. You should find another directory for it, outside of DocumentRoot and create a ScriptAlias that points at it. Rick
Re: [qmailadmin] To shorten user id on vpopmail
Truong Tan Son wrote: Dear Sir, On vpopmail, User ID and Email Address is same: Domain mydomain.com POP3 Server: POP3.mydomain.com User ID: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Email Address: [EMAIL PROTECTED] Can I shorten User ID: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] become only myname ( no need @mydomain.com ) ? For one domain only you can nominate a default domain. The method depends on your version of vpopmail. Search for 'default domain' in the vpopmail README and INSTALL files. For more than one domain you can use ip alias domains, which requires a separate IP address for each domain. Remember when you recompile vpopmail you have to recompile all programs that use the vpopmail library before they will use the updated code. Either way you should be looking at vpopmail for the solution.
Re: [qmailadmin] QmailAdmin compiling on x86-64
blist wrote: I am trying to configure QmailAdmin for my system to work with my xf86-64 system and not having luck.. Here is the output: ps2:/usr/src/qmail/qmailadmin-1.2.0 # ./configure --enable-htmldir=/home/prostream/prostream.net --enable-cgibindir=/home/prostream/cgi-bin/ --enable-autoresponder-bin=/usr/local/bin --enable-ezmlmdir=/usr/local/bin/ezmlm --enable-ezmlmidx=y --enable-vpopuser=vpopmail --includedir=/usr/local/vpopmail/include checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for gawk... gawk checking whether make sets ${MAKE}... yes checking build system type... Invalid configuration `x86_64-unknown-linuxoldld': machine `x86_64-unknown' not recognized configure: error: /bin/sh ./config.sub x86_64-unknown-linuxoldld failed how can I get it to build for x86-64 target? What kind of machine, and operating system are you using?
Re: [qmailadmin] x86-64 Config error
Catherine Mekondo wrote: Does anyone know if there are any plans to add a x86-64 target or what I'd need to do to configure to add my own target. I'm running it on SUSE 8.2 (x86_64). Thanks. Interesting. I use SuSE 8.2 also. What processor are you running on? Mine is either a 266MHz Pentium, or somewhere around a 400MHz Pentium II. No problems with either one. Configure chooses i686-pc-linux-gnu build system and host type. I would guess that the gnu build system would be the area to research in trying to find/get a build system for x86_64. That and making sure it is not a matter of the wrong thing being chosen. http://www.gnu.org/software/autoconf/manual/autoconf-2.57/html_chapter/autoconf.html#SEC_Top Wish I knew more... Rick
Re: [qmailadmin] How can I define returnhttp session value?
Tom Collins wrote: On Apr 30, 2004, at 3:50 AM, Ben wrote: I'm going to bet this is something really simple that I just can't think of, but I can't figure out how/where to set the returnhttp session value so that when you click the logout link, it returns to a different web page. If I recall correctly, you pass it in the initial call to qmailadmin. For example, if you have a link from SquirrelMail to QmailAdmin, you'd use this: HREF=/cgi-bin/qmailadmin? returnhttp=yoururlherereturntext=Back+to+SquirrelMail ^ Space not allowed here! Remember to escape out any special characters (space, +, ampersand and others I'm forgetting) in the URL.
Re: [qmailadmin] Apache Config/Install Errors
A text file of binary garbage, I hope. If it is legible text, you need to find out where make install put the real QmailAdmin binary. If it is sending the program file as text data, check to make sure you have something like: ServerAlias /cgi-bin/ /path/to/cgi-bin in your Apache configuration? I may have the parm order backwards... Rick Adam Ossenford wrote: Hello, This is my first post and at the cost of getting some nasty replies I have a question about the installation. I have been following the install guide from www.qmailrocks.org and have ran into a problem. qmail admin compiles and installs just fine. I have already installed and tested vqadmin but everytime I access http://myserver.com/cgi-bin/qmailadmin is just sends me a text file. the server was accessed 1 time before a domain and domain user was created but I cannot find the answer to my question anywhere. I am thinking apache is not rendering this file as a cgi program because it lacks an extension. I have googled for hours and tried about 50 different configs for apache and nothing seems to work. qmailadmin will only serve me a text file that looks like binary or machine language. I am very confused at this point. Please refrain from telling me how dumb this question is :), I know it's dumb but I had to ask. thank you for your help sincerely, Adam Ossenford
Re: [qmailadmin] Possible additions
Justin Hopper wrote: Hello, We are finally getting around to rolling out the new QmailAdmin/Vpopmail to all of our clients and we have received some suggestions on the QmailAdmin interface. I wanted to run them by the people on the list to see if these are features that others would like to see or not. If they are, I will release a patch. They all sound like good ideas. Please post your patch to the SourceForge tracker: http://sourceforge.net/tracker/?group_id=6691atid=306691 I am in the process of releasing a program right now, so it may be a week or two before I have time to merge it with 1.3.0. Rick
Re: [qmailadmin] Re: Apache Config/Install Errors
Adam Ossenford wrote: First of all, Thank you for the quick response. I have tried many combinations of configurations. I set up mime.types with a blank extension for application/x-httpd-cgi, I have changed the servers DefaultType to be application/x-httpd-cgi instead of text. Added +ExecCGI to the directory, installed to other directories and configured correctly. but to no avail, I still only receive a binary text file of the qmailadmin cgi script. I think it has to be an apache problem. I have tried script alias, setting it's own Directory container. Using the current cgi-bin directory and still the same thing happens. for some reason apache will not serve it as a cgi script. I will keep trying but no luck yet, /cgi-bin/ .cgi files work because I have tested them. for some reason it just doesn't like me. Mine works with ScriptAlias (Yes you were right Jeremy.) With that you can expect every program in the directory to be executed rather than sent. Several of your other choices should too. I suggest you use one of them and put another executable program in cgi-bin and see if it gets executed. That will confirm if it is an Apache problem. You do have exec permission allowed for the web user, and reload or restart Apache after all config file changes, right? Rick
Re: [qmailadmin] spamassassin support quick question
Jeremy Kitchen wrote: I see that it is in the plans for vpopmail to merge in the new spamassassin features that Ken has written support for, which is great! My question is: qmailadmin already has some spamassassin support, and I'm trying to modify qmailadmin to support the new spamassassin stuff, so is it ok to remove the old stuff and put the new stuff in? Or should I try to have support for both? I suggest the goal should be to let vpopmail do the work and make qmailadmin as much as possible just a web interface to the vpopmail library. Rick p.s. I am still around, I just blew the engine in my truck and right now getting it rebuilt is my top priority.
Re: [qmailadmin] I can´t login to Qmailadmin
[EMAIL PROTECTED] wrote: Hello everybody, i have to login to an existing Qmailadmin interface but i don´t have the postmaster password. I got root Access to on the Server where qmailadmin has been installed, how can i login? Run vpasswd to change the postmaster password. It should be in ~vpasswd/bin. Rick
Re: [qmailadmin] modifying qmailadmin source to update FileMaker on password changes
grep for vpasswd [EMAIL PROTECTED] wrote: Hi, I think the best way would be to modify the qmailadmin source and execute the relevant C API to FileMaker (if it exists), or I can use an existing PHP API to FileMaker to update password changes. This would mean an execl(php /www/data/update.php) command. Is it possible for somebody to point me in the right direction to the source where password changes are performed so I can add the (unfinished!) logic: grep for vpasswd Rick
Re: AW: [qmailadmin] cgibin text output
My fix would be: cd to the document-root directory of your web server. cd .. mkdir cgi-bin mv qmailadmin /to/the/directory/you/just/created vi httpd.conf and add the following line: ScriptAlias /cgi-bin/ /the/directory/you/just/added then try hitting: http://www.yourdomain.com/cgi-bin/qmailadmin Rick SEFEROVIC Edvin wrote: Hi.. Its me and my RTFM question... in my httpd.conf I have following... AddHandler cgi-script .cgi .pl It means only .cgi and .pl files will be threated as CGI scripts.. but qmailadmin has no extension... -rwsr-sr-x1 vpopmail vchkpw 127260 Feb 19 20:21 qmailadmin* This is my output of ls command... it may be a rtfm mistake, but I really dont have a clue where my mistake lies... TIA Edvin Seferovic -Ursprüngliche Nachricht- Von: Ken Jones [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 20. Februar 2004 16:13 An: [EMAIL PROTECTED]; SEFEROVIC Edvin Betreff: Re: [qmailadmin] cgibin text output On Thursday 19 February 2004 2:57 pm, SEFEROVIC Edvin wrote: Hi... After I installed qmailadmin, I cannot call the cgi script. My browser always starts a text file download. Can anyone tell me what am I doing wrong? And yes - I googled, I read the manual of apache webserver, and I still dont know that am I doing wrong... TIA Edvin Seferovic Probably because your web server doesn't know that qmailadmin is a cgi program. Some web servers are configured to only think programs that end with .cgi are to be run as cgi programs. What usually happens is the web server sends the qmailadmin binary as a text file that looks like garbage characters. The solution is to re-configure your web server to run it as a cgi. Ken Jones
Re: [qmailadmin] Re: PHP vpopmail extension
qmadmin wrote: I'm interested in the PHP extensions you have for the current versions of vpopmail. Since I got more than one response, I'll answer on the list... I have changed vpopmail_auth_user (which calls vauth_user) so it returns false if the username/password/domain is invalid, or for a good login an array containing the password file information for the current user. The existing function only returns true/false. I am adding support for the following vpopmail functions: vset_limits, vdel_limits, (vget_limits is already there) vset_lastauth, vget_lastauth, vget_lastauthip, vget_ip_map, vadd_ip_map, vdel_ip_map, vshow_ip_map, vauth_getpw, vauth_getall, valias_remove valias_select_names I am adding the following functions to vpopmail (If Tom allows them...) and adding support for them in the extension: valias_select_names, valias_select_names_next, valias_select_names_end These functions retrieve just the sorted names of aliases for a domain. I just got it to compile with no errors for the first time. There are probably a couple of days of testing before I publish the code. I think there is a conflict in the version checking code in config.m4 and the latest version of vpopmail. I just added some #define's and #undefs in the code to bypass it. I believe something better must be done before it is submitted to PECL, but that is not very high on my prioroty list. I am testing the extension running PHP as an Apache module, with Apache running as vpopmail:vchkpw. I think it should also run from CGI as long as it is run as the vpopmail user. I don't see any way to get around running as the mail system user, and considering how easy it is to setup a separate instance of Apache I don't see any reason to worry about anything else. If you don't agree, now is the time to show me a better way. Have you also done any work on extensions for ezmlm-idx? No, and I don't think there is anything that deserves to be in an extension. The vpopmail extension is an adapter to the libvpopmail library. Ezmlm is a program, all you do is select the parameters and exec() the program. That is easier to do in PHP, I can't see any advantage to doing it in a c extension.
Re: [qmailadmin] Mass import of ezmlm subscribers via qmailadmin?
qmadmin wrote: I was taking a look at qmailadmin 1.2.0, hoping it would have a mass subscriber import feature like that found in ezmlm-web. Are there any plans in the near future for adding that into the qmailadmin ezmlm interface or am I just overlooking it somehow? I'd love to get away from using ezmlm-web and stick with qmailadmin for everything. I can't force the cmd-line on my users...everyone want's GUI's ;) Define near future. :) 1.3.0 will probably have that feature. When it will become stable is unknown, but probably measured in weeks, or months. I just submitted a patch for vpopmail's cdb handling, that needs to be completed for all the databases, and there may be more. A patch against 1.2.1 would certainly find its way into 1.3.0 if someone wants it bad enough. Rick
[qmailadmin] vAlas questions for Tom
I think I've got a plan for adding valias support. It looks easier than writing the files directly. The PHP prototype is already using only vpopmail calls for data retrieval and I've got all the lookup function working. http://kimberly.developersdesk.com/then select pMailAdmin There are a few questions and things I would like to understand better... Does your valias mod for QmailAdmin check if enable-valias is set anywhere? I don't see it... you just ALWAYS go through the vpopmail calls instead of direct file access. Right? Is there any way of getting just the alias names, without the actual forwarding information? Does vpopmail maintain the order of alies lines? I think I read somewhere that if you are using database storage it does not. I think that may be a serious problem. Am I correct... With enable-valias forwards and robots are handled by vdelivermail instead of having a .qmail- file in the domain directory and if a database is not used, then .qmail files _are_ used. Mailing lists are not handled by valias. I can do anything in a database alias that I can do from a .qmail file alias. Thanks, Rick
Re: [qmailadmin] qmailAdmin quota
First, please try ~vpopmail/bin/vmoddomainlimits -v | less to see what appears to be supported within vpopmail already. There are quite a few things that appear to be stored in the domain limits file that QmailAdmin does not use. (yet) I don't have them all figured out yet, but I do know I can set them with vmoddomailnimits and view them from vget_limits() in QmailAdmin. It would be good to use them as they are. Charles Sprickman wrote: On Tue, 3 Feb 2004, Tom Collins wrote: .snip. Just as a discussion point, does anyone else see that as a tech-support/customer-service nightmare? I can see that... on the other hand I can also see giving user quotas that total largest than the domain limit so they can occasionally receive a large message. That may be because I am a POP user that always deletes mail from the server. An IMAP user base keeping everything on the server would be a different story. One possibility might be to warn everyone in the entire domain when it hits 90% full. Maybe send the postmaster a message showing the usage of all users when it hits 80%, so everyone doesn't have to be bothered. There also needs to be a place to check usage within QmailAdmin so the postmaster and admins can watch usage. It's a good idea in that an ISP can limit a domain to a certain amount of usage, and leave it up to the customer to use it as they see fit. Personally most of my domains would have a domain limit with all the users unlimited. I get all the mail at three of my domains, and don't share them with anyone else. I tend go use different addresses for different people, so I know who is giving out my address. There are quite a few incoming addresses that get sent to /dev/null so I don't have to see the spam. But then I know I am unusual... That's why I was thinking it would be good to have a domain quota-like setting that qmailadmin understands, but that does not apply to the delivery agent. Keeping my above explanation in mind, assume that it worked as follows: -user signs up for a domain account that includes 20 accounts and a total quota of 200MB. -user logs into qmailadmin to setup the accounts. A total is shown at the top of the user-creation page that shows how much of that 200MB is left to be given to each user. -user sets up [EMAIL PROTECTED] with 10MB quota -user goes to user-creation page and the total shown at the top says 190MB left -user creates [EMAIL PROTECTED], and since she handles sales and customer inquiries, he gives jane a 50MB quota -rinse and repeat until all users are created. If there's quota left over, user can assign the extra space to any existing users or keep it around for future use Does that sound like a good idea? It sounds like a lot of work... and you are making a human have to do it. How about making Default User Quota = Domain Quota / Max Pop Accounts Your idea of a quota for the domain that the sum of all user quotas can't exceed is another workable solution. I'm not sure which makes more sense, and if we decide to support both then there will need to be a clear way to choose between the two (and understand what will happen). I would say that Domain Quota MUST BE a maximum for the entire domain, that can not be exceeded. The only question is what do we do about individual users. I don't want to be limited to having the sum of all user quotas == the domain quota, but I guess some postmasters might. I'd love it if we could open a discussion on this either here or on the devel list. It has already started here... I haven't heard anything from current domain quota users. I'm also a bit curious about the system quota option (unix user per domain model), but I'm not really sure if the entire vpopmail suite understands system quotas, or if it really would solve any of the above problems. Personally I think we should promote the entire mail system works under the vpopmail user model as the best way to setup a server. I'd rather not have to have SUID root programs in my mail system. The entire quota system should be done from within vpopmail/qmailadmin. Rick p.s. I should have a PHP mockup of QmailAdmin 1.3.0 up within a couple of days, along with an updated vpopmail extension for PHP that includes all the features in the latest vpopmail.
Re: [qmailadmin] qmailadmin 1.2.0 and mysql problem
Jeff Koch wrote: Are these versions of vpopmail and qmailadmin supposed to have compatible Mysql support ? or could we have done something wrong in the install/compile/configuration? Look for valias support in QmailAdmin 1.2.1, which Tom is hard at work on. It is NOT supported in 1.2.0, which came out before vpopmail 5.4.0. Rick
[qmailadmin] pesky CVS directories
Tom: I don't know how you are handling the release process, but if you start by doing a 'cvs co qmailadmin' change to 'cvs export qmailadmin' and you won't have the CVS directories. You can't commit from this fileset, but you don't have to worry about getting rid of the CVS stuff. Rick p.s. I am close to uploading the last of my big batch. It should happen before I go to bed.
[qmailadmin] Sourceforge CVS not usable
With the release of QmailAdmin-1.2.0 we have branched the CVS. There is a branch for 1.2.0 which will get Tom's valias code and bug fixes. The default (HEAD) branch is will become 1.3.0 which is where new features will go. I expect it will be a month or two before anyone would consider running this branch. I am in the process of uploading the cleanup work I've done over the last month. I am about half way through the process, so if you use the current CVS right now it will probably compile, but I make no promises on if it will work. I don't expect to have it stable before Monday. NEWS contains a list of changes I have made. If you want to use QmailAdmin grab the stable tarball from SourceForge. Don't forget to touch Makefile.in before you ./configure.
Re: [qmailadmin] qmailadmin-rww -- md5 session ID
You might be able to piggy-back off the md5 code in vpopmail... Yes, it looks very close to a drop-in replacement to the one I found. I don't even have to change the build process again. The file names match. Wish I would have seen that sooner! I have added three defines in qmailadmin.h, that should actually be set by ./configure options: I think we should also add a probability how often the garbage collector is executed and deletes the expired session files. Executing it every time QmailAdmin is executed is IMO to much and slows it only down. I already garbage collect only after a successful login, so it doesn't run with every hit, but probability testing won't be hard to add. I should also make it so the page paints before the garbage collection starts so it doesn't slow the user. You could read from /dev/random or /dev/urandom, if present. There's a patch pending for vpopmail that uses that device for random data. I guess if vpopmail uses it it should be safe for QmailAdmin. I know that should work on my Linux boxes... How do you tell if it is present? ./configure? What happens if it is not there? I suspect the whole block of code and configure.in(?) can be stolen from vpopmail. Random numbers are more or less always generated out of the current time, but I think we perhaps could generate the SESSION_SECRET string randomly, too. Or repeat the hashing a random time (1-10 for example). If you always have a good random generator avialble that is much better than a preset secret. I don't know enough about c portability to decide. One thing I've heard is that /dev/?random can sometimes block if there isn't enough enthropy available. That could be bad on a lightly loaded machine. I don't need to retain the random input values for anything, I am just trying to make it very hard to predict SessionID values. Why get the things messed up? I would do a logout like 1) Delete the cookie/no more sids in the urls 2) Delete the session file on the server On a relogin you create everything new as it would be the first login. What it does now... in get_session_id() The first time you hit QmailAdmin the program checks for a cookie. There is none, so it sets SessionFromCookie = 0. Then it checks for SessionID in Request.(Get/Put) Again there is none so it generates a new SessionID. in paint_headers() Since SessionFromCookie is 0 (false) and SessionID is set a Set-cookie header for SessionID will be sent. Since there is no session file associated with the new SessionID and the [Login] button was not clicked, you are only allowed to login. show_login() calls send_template() and paints the login page, then the progran is done. Since SessionFromCookie is 0 a hidden field is included in the page containing SessionID. -- the user enters user/domain/password then clicks [login] -- This time through... in get_session_id() SessionID is found in Cookie, so SessionFromCookie = 1, and SessionID is set. in paint_headers SessionFromCookie is 1, so do not send a SetCookie header. Still no session file matching your SessionID, but this time [Login] was clicked so verify the login. If the login is good create the session file then call show_menu -- else call show_login, with the fields still filled in the way the user left them. (I hate having to re-enter everything even more than I hate being dropped into an error page that tells me to hit [Back] and try again.) As long as a cookie is found, the SessionID will not be appended to link URLS, and the hidden field may not be added to forms. Right now it is always added, and that does not hurt anything. Mere mortals will never see it. A ##t? could be used to hide the hidden SessionID field. On the other hand it might be nice to be able to view the SessionID with View Source if you have a problem. I don't have to decide yet... -- the user does whatever, then clicks the exit link -- in get_session_id() SessionID is found in Cookie, so SessionFromCookie = 1, and SessionID is set. in main() Since exit was selected, delete the session file, set SessionFromCookie to 0, and set SessionID = . in paint_headers() Since SessionFromCookie is 0 and SessionID is blank, send a Set-cookie header with an old Expires value. The browser will delete the cookie. Then we need to paint something to the browser... But what? Things I have considered... o Delay setting the cookie until there is a valid login. I very much like setting the SessionID cookie the first time I paint the show_login.html template. This way I know that the next operation will be a form entry. If I wait until I have a valid login the next operation will be a menu, and every link will have to have the SessionID appended in case cookies are off. That looks uggly... o Don't worry about leaving the cookie in the browser. Things worked well right up to the time I decided it wasn't cool to do a logout without cleaning up the cookie. That is tacky... o Have an exit page that tells you that
[qmailadmin] Re: [qmailadmin-devel] Re: [qmailadmin] Qmailadmin 1.2.0 Release Candidate 3 released
John Johnson wrote: Still no Fix so this will not remove my tmda settings from the .qmail files? No. Sorry, QmailAdmin is in a feature freeze until 1.2.0 goes out the door. Your request is high on the list for things to add to the next version. It will requite major changes that would push the release of the current version out WAY too far. (IMHO it has been way too long since the last stable release!) I assure you the next stable release will be faster. I know, I'm already working on it... Rick
Re: [qmailadmin] Qmailadmin 1.2.0 Release Candidate 3 released
Tom Collins wrote: We are getting closer to a stable release, and we need everyone's help in testing this release. More WARNINGS! After compiling the RC2 vpopmail and the RC3 QmailAdmin I get the following block of errors: In file included from qmailadmin.c:31: /mail/include/vpopmail_config.h:221:1: warning: PACKAGE_NAME redefined In file included from qmailadmin.c:28: config.h:131:1: warning: this is the location of the previous definition In file included from qmailadmin.c:31: /mail/include/vpopmail_config.h:224:1: warning: PACKAGE_STRING redefined In file included from qmailadmin.c:28: config.h:134:1: warning: this is the location of the previous definition In file included from qmailadmin.c:31: /mail/include/vpopmail_config.h:227:1: warning: PACKAGE_TARNAME redefined In file included from qmailadmin.c:28: config.h:137:1: warning: this is the location of the previous definition In file included from qmailadmin.c:31: /mail/include/vpopmail_config.h:230:1: warning: PACKAGE_VERSION redefined In file included from qmailadmin.c:28: config.h:140:1: warning: this is the location of the previous definition source='alias.c' object='alias.o' libtool=no \ for each of the following files: qmailadmin.c, user.c, template.c qmailadmin.c doesn't actually use anything from vpopmail_config.h, so the #include can just be removed. user.c uses VPOPMAILDIR template.c uses the following values: PACKAGE and VERSION. It also uses QA_PACKAGE and QA_VERSION which look like they might be standard autoconf variables that have been alterd to make them unique so both can be displayed from the ##V tag. The actual duplicated variables are not used anywhere in QmailAdmin. Rick
Re: [qmailadmin] Qmailadmin 1.2.0 Release Candidate 3 released
Despite the warnings vpopmail rc2 and QmailAdmin RC3 appear to be working on my test server. I can add/remove/edit accounts, but can not test mail delivery. Rick
[qmailadmin] qmailadmin-rww -- md5 session ID
QUESTION: Is there a better way to 'touch' the session file to extend the session than opening it for append, then closing it? The goal is to update the mtime without altering the file contents. Anyway, I have been working on session handling. I found this MD5 library on SourceForge, and it appears to me that we can add the md5.c and md5.h files to our distribution (unchanged) and add a note where they came from, and how to get the entire package in our docs. http://sourceforge.net/projects/libmd5-rfc/ I have added three defines in qmailadmin.h, that should actually be set by ./configure options: SESSION_PATH - Where to store the session files. SESSION_LIFETIME - How long (in seconds) until a session expires. SESSION_SECRET- A string that should be different at each site that is mixed into the MD5 hash. This should make it harder for an outsider to guess session ID values. The session ID is currently the MD5 hash of the SESSION_SECRET and the current time. If anyone has a portable suggestion on increasing the randomness, please let me know. If cookies are available I store the MD5 hash there, if not I pass it either in the URL of a link, or in a hidden field for forms. I no longer pass user, dom and time in any URLs. (But you can still set the fields on the login page by passing them.) I am currently storing the IP address of the client, returntext, returnhttp, AdminType, LoginUserName, and LoginDomainName in the session. It is very easy to add additional items, but I want to restrict session use to things that identify the current user, leaving info on what they are doing to the URL. That will allow you to have more than one QmailAdmin window open into different parts of your mail system. All your windows will have the same access rights. Are returntext and returnhttp documented anywhere? If not I'll write something... Logging in and logging out are working, but I have a problem if you logout and want to log back in. I want to delete the cookie from your browser when you logout, but if I do that then drop you into the login page things get confused and the login does not work. Right now I am working around it by dropping you into a page that tells you that you are logged out, and providing a link back to login - but that does not currently maintain any user= and dom= passed when QmailAdmin was first run. I guess I can store them in the session file when you first login. Anyone have a better idea? I am also continuing my attack on global variables, and increasing the use of function parms. Currently everything but the login/logout functions are very broken. When I am done the following global variables will be gone: Password, Gecos, Quota, Time, Action, Newu, Password1, Password2, Crypted, Alias, AliasType, LineData, Message, SearchUser, Mytime and possibly others. TmpCGI has been renamed to Request, and I have added Cookie and PathInfo. All are dynamic strings allocated after I know their actual lengths, and will be kept around for the entire run so you can call GetValue() on them to retrieve data. I will be moving the GetValue calls closer to where they are used, and store the result in function locals. It will be a few days before I post updated code... Rick
[qmailadmin] htmllibdir permissions
Tom, I _think_ I am now using your latest build code. All the HTML template files are being installed with permissions of 755. I don't believe they need execute, so 644 would probably be better. I can use 600 here, if I chown them to vpopmail:vchkpw, but all my domains are owned by vpopmail:vchkpw and I run Apache as vpopmail. I think having different user IDs for different domains will force you to use 644. Rick
[qmailadmin] QmailAdmin-1.3.0-rww is available for review
I think I've done all the damange I can do without changing how QmailAdmin works or looks. If anyone cares to look, I have a tarball with all my chages available at http://kimberly.developersdesk.com/ Look for the link at the bottom of the page. This is based on RC2 code. Rick
Re: [qmailadmin] atime and md5
Sorry about that, I hit the send button by accident... If I remember right, atime (last accessed time) for files should be available on Linux, BSD and most (all) UNIXes, but not on Windows so it should be safe for QmailAdmin to use when cleaning up session files, or limiting the length of a login session. Right? Second, can someone recommend a library that provides MD5? I would like to use the result of a MD5 hash as the session ID rather than the login time. Finally, can someone tell me how to retrieve the value of a cookie with C. PHP hides all the gory details from me... Thanks, Rick
Re: [qmailadmin] Re: 1.2.0rc2: bugs + enhancements
David Rodgers wrote: Will these templates be external to the program code so say a regular joe could edit them after the installation? The whole idea is to get as much of the HTML out of the program and into the template files as possible. Much of the HTML is already in templates. A default installation will put them into /usr/local/share/qmailadmin/html/. You are welcome to edit them any way you wish. My new templates expose even more HTML to user editing, and we have a volunteer who will update them to XHTML and a separate .css file once we get past the 1.2.0 milestone and start on 1.3.x.
Re: [qmailadmin] spamassassin settings from qmailadmin
[EMAIL PROTECTED] wrote: Florian Munz wrote: Hi Mike, How do you do the authentification? Is there Re-Authentifaction necessary or can the user directly edit the webuserprefs from qmailadmin without new user/passwd input? Qmailadmin uses dom and moduser to determine which account to modify. Webuserprefs assumes, if you provide it with those variables, that this is a trusted connection. My solution is to present a login box if webuserprefs/index.php is called with a GET method and to trust/use the provided data if a POST method is used. Here is the modified part of webuserprefs/config.php: Just checking for data in $_POST is still pretty easy to spoof. To insure there really is a QmailAdmin login that matches the credentials you have been presented with you should look for QmailAdmin's session file. $path = /absolute/path/to/~vpopmail; $user = $_POST[ 'user' ]; $dom = $_POST[ 'dom' ]; $time = $_POST[ 'time' ]; $SessionFileName = $path/domains/$dom/$user/Maildir/$time.qw; if( !file_exists( $SessionFileName )) { die( Session has been spoofed! ); } If you want to go further, and you believe in IP address checking, you can open the file and verify the IP address contained in it matches the IP address making the request. This can be a problem unless you have control of the entire network. It is a ./configure option in QmailAdmin which I for one leave off. Rick
Re: [qmailadmin] Stupid C questions
Yesterday I worked on template.c removing unused tags and moving large blocks of code to separate functions, some to different files. There are now 26 options with the form: case '?' : single line of code; break; 4 like this, which I don't see any reason to mess with: case '?' : if(MaxSomething -1) { printf( number / number ); } else { printf( number / unlimited ); } break; and 9 others that are still farily long chunks of code that are very likely to become functions today. I really like the way it looks with all the single line actions in the switch. I ran into some TmpBuf* variables which were declared in qmailadmin.c and qmailadminx.h then used locally all over the program. I was worried about interaction, so I went through each function in which they appeared, and if they were initialized within the function I renamed them from TmpBuf* to Buffer*, and declared them locally. It turns out there were no interactions, now there is no question - they aren't shared globals any more. Tom Collins wrote: On Jan 8, 2004, at 6:56 PM, Rick Widmer wrote: 1. Does switch/case work with strings? No. Only with byte/int/long/word datatypes. If we want to move from /cgi-bin/qmailadmin/com/commandname?... to /qmailadmin/program.cgi?command=commandname why not just go with single character commands that we can switch() on? /qmailadmin/program.cgi?command=c However, if I was doing this with PHP, a URL might look like: http://server.x.com/qmailadmin/maildomain.com/name/edit.php qmailadmin is a PHP program without the .php extension. I use the following settings in httpd.com to make it execute: Location /qmailadmin ForceType applocation/x-httpd-php /Location /maildomain.com/username/edit.php would be available in PATH_INFO and used to control operation of the program. This example would be editing [EMAIL PROTECTED] The .php at the end is just there for show, I never actually check the 'file extension'. That works for PHP. It looks like ScriptAlias will allow something similar for a c program. Are there any objections doing something like this? Is there anyone who would have a hard time controlling the Apache configuration on the mail server? Some web sites can not use the ForceType trick because they can't change their Apache configuration, but I'd be suprised if that was a problem on mail servers. Now is the time to find out if this will be a big problem for someone... Rick
Re: [qmailadmin] spam assassin support
the only thing on my wish list is what I mentioned here already ... I would like to be able to specify 2 spam commands in qmailadmin 2 checkboxes one that could be labeled filter and one that could be labeled identify. this is so that my users could have the option of having their mail sent to a quarantine box and never recieving it in their inbox and one for people that just want the spam to be tagged and delivered so that they can split it out in mailfolders for themselves with es rules on their mail client. What does this do? Change the contents of the .qmail file? Does it have to be customized for each user? Can you send examples of the desired output in each state? Are you SURE no one will ever need more than two choices? Rick
[qmailadmin] Stupid C questions
I know these are very basic language questions, but since I am working on QmailAdmin, please humor me... 1. Does switch/case work with strings? switch( command ) { case showusers : show_users(); break; case showaliases : show_aliases(); break; } 2. How much trouble is it to add or remove .c source files? Say all the code in alias.c is obsolete except for a function or two and I want to move those functions to a different file and remove it. Right now I am searching for code that is never called and removing it. Rick
Re: [qmailadmin] spam assassin support
Kind of. --enable-modify-spam adds a Spam detection? checkbox at the bottom of the modify users page. If checked this changes the Standard delivery option from no .qmail file to one that contains the spam command. It changes the delivery line in Vacation delivery, and the Save a copy option of Forward to deliveries from a direct maildir delivery to the spam command. The default spam command is: |preline /usr/local/bin/maildrop /etc/mailfilter It can be set with --enable-spam-command Rick Ken Jones wrote: Is there currently any support for spam assassin in the latest qmailadmin releases? Ken Jones
Re: [qmailadmin] /open/ in qmailadmin's url
Tom Collins wrote: I was hoping to be able to change my directory structure for qmailadmin like this: www.hostname.com/qmailadmin/index.cgi (the qmailadmin cgi script) www.hostname.com/qmailadmin/images/(images directory) www.hostname.com/qmailadmin/help/ (the help files) How are you planning on getting rid of /cgi-bin/? Can we make it so both of the following end up in the login page? www.hostname.com/qmailadmin/index.cgi www.hostname.com/qmailadmin/ WITHOUT changes to the default httpd.conf? I've had resistance to PHP code that required special settings in the apache configuration. I don't have a problem with it, but one client can't do it, so I had to do many things a lot differently for him. You may have more choices on a dedicated mail server, but who knows. Personally I'd never give mere mortals shell/ftp access to _anything_ on my mail server, and certainly not host non email web pages on it, it seems others aren't so picky, or are unable to have separate boxes for web and mail. Then, it would be possible to just go to http://www.hostname.com/qmailadmin/ and log in. For this to work though, the URLs need to be built slightly differently. Instead of appending /com/showmenu?user=##U..., it should append ?com=showmenuuser=##U That's pretty easy now. One of my changes in the templates replaces the common user=##Udom=##Dmodu=##Atime=##T with ##W. We can do this in just ##W now. Moving that info to the session file would be even better. I have a pretty good handle on PHP session handling, and what you described sounds very similar. One thing, they assure me time is not a good choice, and prefer a MD-5 hash of several items to make the session keys harder to guess. I agree. Also note that the two cases of that huge if/then/else have a lot of common code. I have! That _is_ on my list. I already have too many changes at one time, and want to get what I've done recorded in CVS before I do too much more. I've wanted to pull that out so it's only called once. Again, it should be possible to collapse the first and last cases after(removing the second) into a single bit of code. You just go through the last code case if the com parameter isn't set. One thing that is very important to me is making sure header.html and footer.html are ALWAYS sent. This probably involves breaking up send_template(), and using send_template_now() instead. (Then rename send_template_now() to send_template().) Overall, I think we have similar ideas. How about branching CVS and giving me write access to the development branch. 1.2.0 should be a branch, and development should be HEAD. I think that's how they do it in the PHP project, and it seems to work well. (I hope you know how to do it, I'm pretty new to CVS too. The filename is built from the 'time' parameter in the URL. Login time or last access time? Is this what is used to limit the duration of unused session? Is the color table something that is being added, or ignored? Some existing code uses it, but not much. Should I expand its use or remove it? It should probably be removed and the HTML should be updated extensively to use CSS. YES!! Philipp Wagner posted some comments on this thread. I am thinking that once the new templates are stable we should ask him to modify the templates and build a plain jane .css file for QmailAdmin that would become the official distribution template. I am not up to doing the .css stuff, but I don't object to having it, as long as it doesn't require Javascript to render the page properly.
Re: [qmailadmin] Template problem?
Brandon Weisz wrote: Sure, here it is. This really has me confused. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 TRansitional//EN http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd; html head titleQmailAdmin thecrucible.ca/title meta http-equiv=content-type content=text/html; charset=iso-8859-1 meta name=robots content=noindex,follow /head body bgcolor=#ff center h2/h2 !-- Black frame 2 pixels wide -- table cellpadding=2 cellspacing=0 border=0 align=center valign=top width=600 bgcolor=#00trtd !-- Frame content -- table cellpadding=3 cellspacing=0 border=0 align=center valign=top width=100% bgcolor=#ff !-- Form title -- tr bgcolor=#00 valign=center td align=leftfont color=#ff size=3Bthecrucible.ca/B/FONT/td td align=centerfont color=#ff size=3BEmail Accounts/B/FONT/td td align=rightfont color=#ff size=3b[Used: 6/unlimited]/b/FONT/td /tr !-- End of form title -- !-- Form content -- tr td colspan=3 table cellpadding=5 cellspacing=1 border=0 width=100% !-- Form fields -- tr td table cellpadding=0 cellspacing=0 border=0 width=100% tr bgcolor=#ff td colspan=5bCatchAll: rob.parks/b/td /tr tr bgcolor=#cc th align=leftfont size=2Email Account/font/th th align=leftfont size=2Comment/font/th th align=rightfont size=2Usednbsp;/nbsp;/font/th th align=leftfont size=2Quota (MB)/fontnbsp;nbsp;/th thfont size=2ModifybrUser/font/th thfont size=2DeletebrAccount/font/th thfont size=2CatchAllbrAccount/font/th /tr !-- inserts a five columns row -- tr bgcolor=#fftd align=leftbrandon/tdtd align=leftBrandon Weisz/tdtd align=right0.00nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=brandonimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=center/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=brandonpage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr tr bgcolor=#fftd align=leftchris/tdtd align=leftChris Suttles/tdtd align=right0.02nbsp;/nbsp;/tdtd align=left128.00/tdtd align=centera href=/cgi-bin/qmailadmin/com/moduser?user=brandondom=thecrucible.catime=1073429454moduser=chrisimg src=/images/qmailadmin/modify.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/deluser?user=brandondom=thecrucible.catime=1073429454deluser=chrisimg src=/images/qmailadmin/trash.png border=0/a/tdtd align=centera href=/cgi-bin/qmailadmin/com/setdefault?user=brandondom=thecrucible.catime=1073429454deluser=chrispage=1img src=/images/qmailadmin/radio-off.png border=0/a/td/tr First, I suggest you try something like adding H1HERE I AM!/H1 in the footer.html file just above the /body tag, then load a QmailAdmin page. This will let you make sure you are really using the template files you think you are. Once you are sure which template files are being used, look in the file colortable. This view source output tells me the first line is: 000 #FF It should be: 000 #FF Once we know what _is_ there, we have a better idea where to look. Rick
[qmailadmin] /open/ in qmailadmin's url
Ask me about PHP, or maybe Turbo Pascal/Delphi and I've got quite a bit of practice... this is my first big c project, so please be gentle... I have modified QmailAdmin so that almost all the HTML code is in the templates. Outside of mailinglist.c there are only 8 lines [1] with any HTML in them. I can read and display everything, and it still looks the same on the browser. I have updated show_mailinglist.html and the associated code in mailinglist.c, but [add|mod]_mailinglist* gave me a headache, so I decided to save then for last. No promises on me moving the maling list entry fields to the templates. In searching QmailAdmin for dead code, I've found a few unused template tags and functions that never get called. I'll submit patches once the next stable release is out, I am having trouble figuring out what is happening in qmailadmin.c about line 190. Much of the code in this file is a big three state if. The first, 'if( strcmp(pi, /com/, 5)==0)' looks for the string /com/ in the right place of the url which indicates that some command has been requested. It does some setup then calls process_commands() to do whatever. The final else case checks the users' access rights then choses one of two menus. This leaves the middle 'else if( strncmp(pi, /open/, 6)==0)'. I don't see where it does anything but try to setuid() and setgid(), then it calls vclose() and exit(0). Also, I don't see anywhere in the code that would compose a URL with /open/ in it. I think this might be obsoloete code that should be removed, but I would like a second opinion. There are still some bugs, and I need to add several more options to ##t?. My worst problem is I have broken the login/session logic. It would be great if someone could give me a high level description of how security is supposed to work. Specificly how and what session data is stored, and how is the .qw file used. I see the IP address in there, but what else, and why? What is the difference in abilities between DOMAIN_ADMIN and USER_ADMIN? I know where they come from, but how are they supposed to affect what the user can do? Is the color table something that is being added, or ignored? Some existing code uses it, but not much. Should I expand its use or remove it? Rick [1] HTML Tags that are left in the source code: font color=red 3 BR 1 i 2 img 1 a 1 img and a are in functions that return an image tag and a link that displays an image. (qmail_button, qmail_icon and maybe qmail_link)
[qmailadmin] Please take a look...
I would apreciate if anyone interested in QmailAdmin would take a look at the following URL, and tell me how you would feel if that was the administrator's main menu in a future version of QmailAdmin. http://www.developersdesk.com/qmailadmin/ QmailAdmin would only generate the table of email account information. The heading, left side menu and copyright notice are in my header and footer files. I like the idea of seeing all types of accounts in one place rather than having to know what [EMAIL PROTECTED] is before you can edit/view its properties. This is currently just a static page. I realize it will need page breaks, first letter links and a search function, but my domain is pretty small. Anyway... is it worth more work? Rick
Re: [qmailadmin] nit picking qmailadmin (CVS from last night)
Rick Widmer wrote: It might be a good idea to report the error to stderr. (Which I belive will show up in the Apache error_log.) I can confirm stderr goes to the Apache error log. The following changes makes stderr available in acterr. I am finding it quite handy for debugging. It seems some things that are sent to actout never appear on the browser. No promises finding the show_forwards crash though, I don't do much c. I can tell you that if you comment out the call to show_dotqmail_lines in the ##d case of template.c the program does not crash. Of course it does not attempt to print the list of forwards, but it does paint the rest of the page properly. Rick === RCS file: /cvsroot/qmailadmin/qmailadmin/qmailadmin.c,v retrieving revision 1.5 diff -u -r1.5 qmailadmin.c --- qmailadmin.c8 Dec 2003 18:55:09 - 1.5 +++ qmailadmin.c26 Dec 2003 09:47:41 - @@ -62,6 +62,7 @@ char TempBuf[MAX_BUFF]; int Compressed; FILE *actout; +FILE *acterr; FILE *lang_fs; FILE *color_table; @@ -300,6 +301,7 @@ CGIValues['f'] = 15; actout = stdout; + acterr = stderr; memset(Username, 0, sizeof(Username)); memset(Domain, 0, sizeof(Domain)); memset(Password, 0, sizeof(Password)); === RCS file: /cvsroot/qmailadmin/qmailadmin/qmailadminx.h,v retrieving revision 1.2 diff -u -r1.2 qmailadminx.h --- qmailadminx.h 10 Dec 2003 06:00:48 - 1.2 +++ qmailadminx.h 26 Dec 2003 09:51:55 - @@ -47,6 +47,7 @@ extern char TempBuf[MAX_BUFF]; extern int Compressed; extern FILE *actout; +extern FILE *acterr; extern struct vlimits Limits; extern int num_of_mailinglist; ===
Re: [qmailadmin] nit picking qmailadmin (CVS from last night)
Got it! This fclose is inside an if that checks for a faulure opening fs. The file is not open so fclose() is a fatal error. Remove it. Patch follows... === RCS file: /cvsroot/qmailadmin/qmailadmin/alias.c,v retrieving revision 1.2 diff -u -r1.2 alias.c --- alias.c 10 Oct 2003 16:36:24 - 1.2 +++ alias.c 26 Dec 2003 11:12:25 - @@ -115,7 +115,6 @@ fprintf(actout,trtd colspan=4); fprintf(actout,%s %s, get_html_text(144), mydirent-d_name); fprintf(actout,/td/tr\n); -fclose(fs); continue; } for(i=7,j=0;jMAX_FILE_NAME-1mydirent-d_name[i]!=0;++i,++j) {
[qmailadmin] nit picking qmailadmin (CVS from last night)
Now that I've taken a good look at the latest QmailAdmin - I love it!! I gave it a pretty good workout and everything seems to work well under normal operation. It is looking very good! I did find a way to mess things up though. I logged in as root, cd'd into one of my domain directories and opened one of the .qmail files with vim. That created a file .qmail-robbie.sql owned by root with 0600 permissions - not readable by vpopmail. Then I pointed QmailAdmin into that domain and tried a few things... With that file present the ShowMailinglists page has file permission error at the top, and file permission error .qmail-robbie.swp in the table of mailing lists. Other than the error messages, the page paints properly. That's not unreasonable... ShowForwards prints file permission error .qmail-robbie.swp at the top of the page, the header file, then dies. No list of valid entries, no footer and no message in the error log. Not so good... I know this is a rather unusual situation, but I think that ShowForwards should continue painting the page when it encounters the file error. It would be even better if both functions silently ignored files they can't open. There is no use bothering most of my QmailAdmin users with error messages like that. It might be a good idea to report the error to stderr. (Which I belive will show up in the Apache error_log.) By the way, qmailadmin does not have a problem editing a user while I have that users' .qmail file 'open' in vim. (I did check. :) Tom: I will get that patch to you in a day or two. I wanted to get a good look at QmailAdmin before I commit to something. I was a bit worried that --enable-no-cache might present a problem with moving the body tag in to header.html. It appears that only affects header generation, my modified template files do work with it enabled. In the mean time, please take a look at this: http://www.rickwidmer.com/qmailadmin.txt It is a list of all the ##tags that QmailAdmin handles. I think it might be good to name it README and put it in the directory with the template files. I was suprised to find that there are 11 tags that are never used in any of the templates. Rick
[qmailadmin] Passing user and domain
I had a problem sending the domain name in the initial url to QmailAdmin 1.2.0-rc1. Using this URL: http://piemur.developersdesk.com/cgi-bin/qmailadmin/?user=rwidmerdom=nowhere.net I did not get the Domain name filled in. User name worked. It did not matter what order I sent the user and dom. To fix it I changed line 611 of template.c: from } else if(TmpCGI GetValue(TmpCGI, value, dom=, sizeof(value))==0){ to } else if(TmpCGI GetValue(TmpCGI, value, dom=, sizeof(value))==0){ ^ Space removed Thank you VERY MUCH for including this feature! DOMAIN_AUTOFILL is a great idea too. I'm still having a problem with adding mail robots to a domain that was created a long time ago. I'll start looking into that soon. Everything else I've tried is working great. Rick
[qmailadmin] Differences in html templates
Looking through the template files in RC1 I see 26 files that start with: /head body... Only main_menu.html starts with a style: style type=text/css !-- a {color: black;} -- /style /head body... Then we have just mod_mailinglist-idx.html which starts with: META HTTP-EQUIV=Pragma CONTENT=no-cache META HTTP-EQUIV=Expires CONTENT=Thu, 1 Jan 1970 00:00:00 GMT /head body... It seems to me that if you are going to use a style sheet, or no-cache meta tags in one page, you should use them in all. So... I suggest they be moved into header.html. The real reason I want to move those items is so I can also move all the /head and body... tags into the header. Once you do that you can place content above and/or around the qmailadmin content from header.html. Want your logo at the top of every qmailadmin page? No problem... just put it in the header and it appears above them all. Want links on the left like the rest of the site - start a table in header with the links in the leftmost column, then start a column for qmailadmin. Finally in the footer, close the cell, row and table. I've done it here, and it seems to be working just fine. If you are interested I can send a patch. a l s o . . . In header.html we have titleQmailAdmin ##H/title but when I look in template.c I don't find a case for 'H'. I haven't ever seen anything but 'QmailAdmin' in the title. Am I missing something? Should the ##H be removed from header.html? Finally, in template.c the case 'z' doesn't have a comment above it. (about line 608). It appears this is a special case domain name for the login page that fills in the domain name from dom=, or possibly DOMAIN_AUTOFILL. I can try to supply a comment, but someone else probably has a better idea what to put there than I do. Rick
Re: [qmailadmin] QmailAdmin Solaris.
Some thoughts for the Solaris/AIX/HPUX crowd: Bitching and moaning _might_ get something done, or it might just piss the authors off. Explicit lists of functions that are not available and other problems is a step in the right direction. At least if gives them something to work on. The best thing to do is send patches. After all you have access to the machine, the operating system and the documentation for your favorite flavor of UNIX. If you can't do that, how about making access to a suitable machine available for Bill and Ken. It is hard to write to a platform you don't have access to. I don't know for sure, but I'd bet the reason _you_ found the problem is that you are the first people to try it on Solaris. I certainly can't afford it... Rick Who is VERY happy to see my pet change show up in qmailadmin. THANKS AGAIN!!!
Re: [qmailadmin] Working on new 1.0.7 version
At 02:49 PM 1/9/03 -0600, Ken Jones wrote: Main change I needed was an easier way to automatically log into qmailadmin via a url link. Does anyone see a problem with that? Besides the obvious possibility of seeing the login information in the url link. Loud cheer! A typical URL would be similar to: https://hostname/cgi-bin/qmailadmin?username=postmaster domain=somedomain.compassword=postmaster_password Do you have it working already, or should I update my patch that adds this ability? Rick Ken Jones
Re: [qmailadmin] qmailadmin on separate apache server
At 05:07 PM 11/27/02 -0500, Jesse Guardiani wrote: Yeah, you could probably get it working that way. This isn't the voice of experience though. I may be wrong, but I'd say that most people just throw a web server on the box with vpopmail/qmail and run qmailadmin from there. It kinda messes with the distributed nature of your setup, but qmailadmin modifies .qmail files and talks to vpopmail via the command line... It's gotta have access to those facilities to function. That's what I'd suggest too. It doesn't look unusual for mail administration and webmail to be served from http://mail.yourdomain.com/ so people shouldn't freak out about web pages that don't come from www. The best thing about doing it this way is it makes sure the web developers don't need any access to the mail server. Rick