|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Victor Duchovni (Victor.Duchovni
MorganStanley.com)
Date: Fri Feb 01 2008 - 15:07:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, Feb 01, 2008 at 07:50:18PM +0100, Andre Huebner wrote:
> i wrote now my own policy-server in php. it is already working, but still
> ander development.
This is why Postfix has a policy extension mechanism, when you run out
of rope, there's more.
> But i think modern software should provide more own controlmethods for
> problems like this...
The problem is that no small improvement is ever enough, nothing short
of a full interpreter inside the SMTP server is ever really sufficient.
Postfix currently provides simple, widely applicable, and often sufficient
mechanisms in the SMTP server. The rest is done via policy services
and milters.
It is possible, for example, to build a new "pysmtpd" server for
Postfix that includes a Python interpreter, and and replace the current
restriction checks by calls into the interpreter. Then we'd also need a
"plsmtpd" for the Perl lovers and a "tclsmtpd" for Tcl fans. Finally,
we can invent our own scripting language that nobody knows...
This should it make clear that the path to a fully expressive built-in
policy engine is difficult.
Perhaps gluing-in an interpreter can be done in a generic way, and people
can choose which one to glue-in, with optional contributed modules that
provide Python, Perl, Tcl, ... (as with SASL Cyrus vs. Dovecot AUTH).
Finally, some might object to the security implications of that much rope.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]