On Monday 05 April 2004 7:36 pm, Rick Widmer wrote: > Ken Jones wrote: > > On Monday 05 April 2004 2:46 pm, Ken Jones wrote: > >>[snip] > > > > I'd like any comments or votes on how this version > > is using a POP3 type protocol. > > I like it very much so far! > > The way you put the user name and password on the same transaction is > even better than following pop3 exactly and requiring user and pass > commands for login. Great! looks like a keeper.
> > > I think it works pretty nicely. A single "." on a line by itself > > represents End of File when sending or receiving multiple > > lines of infomation. > > That will work very well for parsing results. If you always check for > ., +, and - as the first character of a result it should be pretty easy > to keep from getting lost when parsing responses. > > > So the mod_user function would take it's > > options on additional lines, like: > > moduser [EMAIL PROTECTED] > > no_smtp > > quota 1234 > > . > > And the server would reply back > > +OK > > or > > -ERR XXX error message > > If I wanted to add no_smpt and no_dialup, do both go on the same line > that specifies GID options, or is it one item per line. If the latter, > it should not matter what order they are specified in. Just one item per line. The only order dependent option I could think of is the clear_all_flags option. So you could start clean and only add in exactly what you wanted. > > > Do you think the protocol is simple enough to make it easy to use? > > It looks good so far. I will attempt to modify my sample PHP code that > uses sockets to connect to the daemon and see how it goes... Excellent :) > > > I'd like to complete the full list of commands and responses for > > a first version. > > > > Any votes on which way of specifying directories would be easier > > from the client program's point of view? > > a) full paths > > b) relative based on user or command > > As long as you tell me where ~vpopmail is when I login, always using > fully qualified paths will be easiest, I think. That way I don't have > to change how I build commands depending on the access level of the user. On login I could send vpopmail_dir /base/path/to/~vpopmail > That requires the daemon to verify that requests point to the proper > directories, but already does. Gotcha. There is code for validating directory input to restrict each level of user to their respective base directories. Also it is checking for ".." in any part of the directory. In case input tries to walk down to / and trod on any file in the filesystem. Any other things we should check for? Perhaps "%" in filenames?
