On Thu, Jun 05, 2003 at 09:24:22AM +0200, Andre Oppermann wrote: % > Automatic base DN selection for qmail-ldap (Non-IP-based virtual hosting) % > http://horde.net/~jwm/software/qmail/#autobasedn % % While I understand the motivation behind this patch I have some % reservations from a cleaness standpoint. Usually in an ldap directory % you are not supposed to have more than one identical UID. However % this can be interpreted by saying only one local to an subtree.
We host a number of virtual domains and need to support broken clients like Netscape 4 that don't allow '@' in POP usernames. This could probably be cleaned up by adding a control file to specify the separator. If the separator occurs in a username, substitute @ for the separator and search on the mail attr for the full e-mail address. Less parsing that way. % > Customizable From: address on quota warning messages % > http://horde.net/~jwm/software/qmail/#quotawarning % % Why that? It'll break TMDA etc. Our customers have a nasty habit of replying to the quota warnings. Their questions should be going to our support desk, not [EMAIL PROTECTED] % > IP-based POP3 Virtual Hosting with qmail-ldap % > http://horde.net/~jwm/software/qmail/#virtualpop3 % % Again I can understand the motivation for this. On the other hand I % wonder how I will add 1000 IP addresses to my mailserver for all my % customers. And it is clearly a waste of precious IP addresses. This isn't intended for hosting large numbers of domains; I agree that IP-based hosting of many domains is a wasteful use of addresses. Instead, we use it to support three very large legacy domains. We had several hundred thousand users who had their clients set up to log in with the bare username. We wanted to support all three domains on a single mail cluster. IP-based hosting allowed us to do this; I don't consider it a waste because it only uses three IP addresses and saves the business innumerable costs in reconfiguring users. % > Verify SMTP RCPT TO: commands with qmail-ldap % > http://horde.net/~jwm/software/qmail/#verifyrcptto [snip] % Being able to verify the recipient can be good and bad. Good for rejecting % right at the SMTP level and bad as spammers can run dictionary attacks to % verify the mail addresses (I see that there is tarpit for verify). It's ultimately a site-specific tradeoff. In our situation, it keeps our mail machines from accepting many times the current mail volume. In exchange for shielding our mail servers from blind dictionary attacks, it's possible to more quickly verify the addresses. As a counterpoint, spammers could still verify the existence of an address even without verified RCPT TO commands if they're willing to deal with the bounces. john -- John Morrissey _o /\ ---- __o [EMAIL PROTECTED] _-< \_ / \ ---- < \, www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__
