[clue-admin] User setup for "member" accounts

Jed S. Baer thag at frii.com
Thu Dec 30 17:49:46 MST 2004 

On Thu, 30 Dec 2004 17:16:22 -0700
Jeff Cann wrote:

> Perhaps I should have defined specifically what I meant by 'setting
> their email alias'.  I wasn't precise.   
> 
> I meant to say that we should 'allow users to change the forwarding
> address of their clue.denver.co.us email address without sys admin
> intervention'.

Well, I think we all understood that we're talking about the forwarding
address.

> 3.  We have some means for Joe User to change his forwarding address
> from joe_user at example.com to joe at another_example.com.  This would
> *automatically* update the aliases file.

Yeah, there's that word we all like. :)

> I think this would be easier on the system admin.  In addition, I'm sure
> you've all used ISP accounts that allow authenticated users to change 
> forwarding email addresses.

In practice, the number of times this will happen doesn't seem to me to be
a burden on the admin who'll do the actual work. It's login, change one
line, run postalias.

This seems pretty trivial to do, compared to the effort of building a
web-enabled, secure method for doing the same thing. Sure, it's possible
to parse the aliases file, find the alias file in question, make the
change, and then spawn a command with privileges to run postalias. Which
we need to make sure isn't hackable. Probably can use sed, awk, Perl, or
even ex, with a properly formed incantation to do the change.

Regardless, it'd be a good idea to make the members alias a seperate file,
and include it into the /etc/aliases file (or tell Postfix to snag it
seperately from the /etc/aliases file, the same way that the Mailman
aliases are brought in).

Something like this would be pretty low on my priority list, as far as
website work goes.

> Another thing I thought of is : what are we going to do about removing 
> forwarding addresses that are no longer valid?

I think this is maybe a small enough issue to handle on an ad-hoc basis.
We can expect members to be reasonable about not just dropping an ISP
account without mentioning it. Again, I don't think it's going to be a
frequent enough problem to require much attention. Although I do think
it'd be a nice thing to detect those bounces and do a notification to the
sysadmin or membership officer. Since I'm not a mail adminstrator, I don't
know if there's a better way to do that than grepping the maillog file on
occassion.

jed

-- 
http://s88369986.onlinehome.us/freedomsight/
Key fingerprint = B027 FEFB 4281 CC72 67D1  4237 F2D0 D356 077A A30E
... it is poor civic hygiene to install technologies that could someday
facilitate a police state. -- Bruce Schneier

More information about the clue-admin mailing list