On 2005-11-07, at 1015, Nicholas Harring wrote:
Please, please, please don't spread FUD by even implicitly blaming
chkuser for this.

i wasn't trying to cast blame anywhere, and if it sounded like i was then i apologize.

There's no way to implement chkuser in even a vaguely
efficient manner without linking against vpopmail. Vpopmail needs to
begin building a shared library, then everybody else can just magically
begin using it.

This puts the blame squarely where it belongs, on the heads of the
developers maintaining vpopmail who completely refuse to integrate
shared library support into vpopmail. They've been sent patches, and
never offered detailed reasons for refusing to integrate.

i understand the problem... however i wasn't aware that they had received patches which would enable building libvpopmail as a shared library. you are right- if they would expose the libvpopmail stuff as a shared library rather than as a static library, that would totally remove one of my two objections to the chkuser patch (the other being that it locks you into vpopmail and doesn't make any provision for other arbitrary authentication schemes, at least not from what i was able to find on the chkuser web site.)

my own solution to this was to take the validrcptto patch, change it to use a cdb file, and add the logic needed to properly handle "- default" aliases. http://qmail.jms1.net/patches/validrcptto.cdb.shtml

it works well, but of course it has the down-side that whenever something changes (domains, users, or aliases are added or deleted) the cdb file needs to be rebuilt. my own suggestion for vpopmail would be to include a hook so that it would call an external program whenever a change is made- because right now i'm doing this as a once- per-minute cron job, and the overhead of firing off the cron job is a bit much.

| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/           <[EMAIL PROTECTED]> |
| Mac OS X proves that it's easier to make UNIX  |
| pretty than it is to make Windows secure.      |

Attachment: PGP.sig
Description: This is a digitally signed message part

Reply via email to