[BlueOnyx:00777] Re: FW: Squirrelmail wont capture default username
Michael Aronoff
maronoff at gmail.com
Sat Mar 14 23:04:27 -05 2009
Michael Wrote:
> Sorry, I don't think so. You have to take into account that a site may not
> always be named www.site.com and there could be legitimate cases where you
> have something like ...
I get your point, but 99% of BO users will be in a domain hosted as
www.anydomain.com. That is why back in the cobalt days we had a script that
ran for openwebmail every so often to create a custom virtusertable to have
it so when users logged into Openwebmail they were automatically setup
properly. Later in Brian's package he hacked the BQ GUI to achieve the same
result each time a user was added. This way 99% of the time things were
automatic and the few times someone needed something else they could go into
their Openwebmail preferences and change/add email addresses. That just
makes more sense to me.
I fail to see why it would not be a good idea to do the same for BO's
Squirrel Mail. As a matter of fact I did a quick search and Squirrel Mail's
Login Manager Plug-in appears to offer this capability:
http://www.squirrelmail.org/plugin_view.php?id=47
As of version 3.10.1 : Make $smHostIsDomainThatUserLoggedInWith default to 1
so Squirrel Mail $domain always matches whatever the user's login domain is.
And as of 3.10 : Added ability to add domain to the username when using it
to set the outgoing email address ($appendDomainToOutgoingEmailAddress)
Further this plug-in appears to have the ability to make sure a user cannot
use your BO server to SPAM with the following setting:
Added ability to derive IMAP and/or SMTP server addresses from the user's
domain name (see $IMAPServerRules and $SMTPServerRules)
This way if a user fakes an email address, Squirrel Mail will attempt to use
the same domain name for SMTP instead of your server, Squirrel Mail would
act as a true mail client and not a server. For folks that tried this. This
looks like a good setting to look into for security too.
I am in the process of getting a new server to start playing with BO so I
guess I will play with all of this myself soon.
Also, on the webmail front has anyone looked at Hastymail2? It is PHP and
Ajax and fast as heck. Like Openwebmail on crank! http://www.hastymail.org,
I have begun hacking around with it and I am trying to get it to see the
login domain for the users profile automatically and then I may do a How-to
for the community. A server wide install is quite simple.
M Aronoff Out
More information about the Blueonyx
mailing list