I ended up going that route with a combination of web forms and sudo
scripts. It is a security risk and you really have to protect the user
from being allowed to write anything directly in their .mailfilter. My
web scripts are simply checkbox forms which enable/disable spam and
antivirus filtering and vacation autoreplies. There is a squirremail
module which allows the user to create basic search/match rules and
forward mail to designated folders.
http://www.squirrelmail.org/plugin_view.php?id=210
It's a bit tricky to set up. Instead of using sudo, the author has
devised a suid permissions hack which alters the ownership of the
.mailfilter file accordingly. You can get an idea of how to write your
own script by examining the source in the module.
~Rolan
Troels Arvin wrote:
I'm considering creation of a web-frontend combined with a sudo-run
script, so that (virtual) users may install maildrop filters in their
virtual home directories. However, can that be made safe at all? - As far
as I can see, maildrop filters may call any system command (like "rm -fr
/var/maildirs") through command substitution. Is it possible to bring
maildrop in a "safety mode" where only a limited set of directives are
available?
Next: If it is somehow possible, is there a way to make maildrop do syntax
checking of a filter file? - I would like to do that, so that filters with
syntax errors are not installed.
If neither wish has a reasonable solution: Does someone know of solutions
which somehow allow virtual users to create simple filter-rules, such as
"If from X, then put in Y"? (Such as is possible with Sieve scripts.)
4 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] Virtual users and saf...
