UEDA Hiroyuki wrote: > > All things are very great!! Especially I am looking forward to SMTP > Auth and control file info. in ldap(is it ldap control patch?) :-). > > BTW, do you have a plan to merge following patches made by John > Morrissey ?
Hmmm... never knew that stuff existed... > Automatic base DN selection for qmail-ldap (Non-IP-based virtual hosting) > http://horde.net/~jwm/software/qmail/#autobasedn While I understand the motivation behind this patch I have some reservations from a cleaness standpoint. Usually in an ldap directory you are not supposed to have more than one identical UID. However this can be interpreted by saying only one local to an subtree. > Customizable From: address on quota warning messages > http://horde.net/~jwm/software/qmail/#quotawarning Why that? It'll break TMDA etc. > IP-based POP3 Virtual Hosting with qmail-ldap > http://horde.net/~jwm/software/qmail/#virtualpop3 Again I can understand the motivation for this. On the other hand I wonder how I will add 1000 IP addresses to my mailserver for all my customers. And it is clearly a waste of precious IP addresses. > Verify SMTP RCPT TO: commands with qmail-ldap > http://horde.net/~jwm/software/qmail/#verifyrcptto Putting ldap code (and consequently libc) into qmail-smtpd is imho far too dangerous. You never know what kind of buffer overflow is in there. Being able to verify the recipient can be good and bad. Good for rejecting right at the SMTP level and bad as spammers can run dictionary attacks to verify the mail addresses (I see that there is tarpit for verify). I will include this our list right below SMTP AUTH. The right way to implement SMTP VRFY is to have a separate verify daemon which maintains a persistent ldap connection. qmail-smtpd will then have access to an named pipe or something like that to write an address. The verify daemon will then do the ldap lookup (and cache it) and send the answer back to qmail-smtpd. Every so often the daemon will exit (to clean up any possible mess or memory leak) so supervise can restart it. > I am a ISP system administrator, so these patches are very useful. Many > people will be happy if they are merged to qmail-ldap patch... Some will eventually. > Your great works always help us, thank you :-). You are welcome :-) -- Andre
