|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Postfix - remote controll (Diploma thesis)
From: Sheldon T. Hall (pf
tandem.artell.net)
Date: Wed Aug 02 2006 - 13:16:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> ml_fleglcentrum.cz writes ...
>
> I've got a question to Postfix administrators. At this time, I'm
> considering a theme of Diploma thesis. One of them is 'Remote
> controll of
> Postfix systems via electronic mail communication'. I'd like
> to know if
> this would be usable in practice and if it's got a sence to
> spare a time
> on this job and also if it's not yet solved (via mailling
> lists servers?
> etc.).
> My idea is:
> - when configured postfix (main.cf, master.cf) admins must
> connect to
> server via ssh, if one has got tens of servers and need change some
> parameter, one must log on to all of them and do the same job
> - there is a module to WEBMIN system, but I suppose that
> admins of MTA
> servers don't want (throught security reasons) to install
> perl and open
> other port in firewall
> How it should do a job:
> - admins will send an email from web interface to specific
> email address
> - on MTA will be special relaying to local pipe where script or
> C-program will process controlling email
> - emails will be crypted for security reasons
> - response of succesful changes will be stored back to
> mysql server via
> mysql-cli and showed in web interface or sended by email to admin
This is certainly possible. Whether it is beneficial would be harder to
determine.
There are two things agsint which you'd have to guard; one is simple, one is
much more difficult:
Security - You would have to prevent unauthorized persons from making
changes to the mailserver configuration.
Operations - You would have to be sure that any change made by this method
did not disable the mail system, or cause it to reject or ignore future
reconfiguration messages. This could be fairly diffiult.
One further consideration: Some Postifx main.cf configuration information
is easy to change, using 'postconf -e', because the order of the parameters
doesn't matter. Some other parts of main.cf, however, are sensitive to
parameter order, and modifying them programatically would be more difficult.
Although I am generally inclined towards automation and remote control of
server processes, I'm not sure that e-mail is the proper way to achieve that
in this particular case.
-Shel
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]