On Tue, Jun 09, 2020 at 10:35:14AM +1000, Russell Coker via luv-main wrote: > On Friday, 29 May 2020 11:20:45 AM AEST James McGlashan via luv-main > wrote: > > After a quick look through their documentation; the former doesn't > > appear to require a relational database, while the latter does. Let > > that be MySQL, PostgreSQL, or sqlite. > > You need to store webmail settings somewhere. Using a choice of > sqlite or a database server allows running multiple web servers with a > single database server backend. Using just flat files as Squirrelmail > does means you probably need a distributed filesystem (or at least an > NFS server) if you want to have multiple web frontends.
I advise against sharing a sensitive service (database) among unrelated services (email and websites). Isolation is simple; confused deputies are not. Just as it is dangerous for a webapp to be able to change or add to its own code dynamically, much worse if it can touch the code for other webapps. It is dangerous for a webapp to connect to and share a database server used by other applications. It is common for email servers to accept unauthenticated clients from 127.0.0.1 and allow them to send email as any other user. Webmail clients tend to inherit this undesired power, which enables a user to impersonate another. Similarly, a web application which isn't email shouldn't have the ability to send email. Either by interacting with the local SMTP service which can do DKIM signatures or by connecting to external SMTP servers. If you need consistency between replicas; you likely don't need synchronous global consistency. Eventual consistency is generally sufficient and promotes locality which doesn't result in downtime under network partitions between the replicas. SQL is too complicated and provides stronger properties which forbid this optimization. To be clear; I'm thinking architecturally as if I were to implement this; to determine the properties to look for in an ideal solution hopefully already written by another. This does not appear to be the case. > > I wouldn't trust any PHP or SQL stack but I don't have any better > > suggestions for webmail. > > A SQL server is a lot easier to get right than a distributed > filesystem. Even an NFS server can make things more difficult. By trust I'm referring to all the PHP code vulnerable to XSS, SQLi, CSRF, et al issues not present with safer languages and libraries. PHP makes it too easy to express XSS and its legacy database interfaces make it too easy to express SQLi. Last I checked PHP's defaults were tuned for developers privately debugging their applications, which broadcasts sensitive information (including database credentials) when errors occur. I advise against complex stacks littered with poor design decisions. PHP and SQL are two hot examples. If you're writing an application which doesn't need relational data, a key-value store (such as [Anna]) is likely sufficient. If you need relational data, then [DataLog] is much more expressive with a fraction of the syntax of SQL. Unlike SQL, DataLog scales with complex graph queries. Relational data is useful for a webmail client when a user wants to perform a filter over a large mailbox. Relational data is overkill for simple preferences and contact lists. I have found some webmail clients written in safer languages but none are sufficiently feature complete or maintained or unbundled from other bloat or otherwise suitable for production use. [Anna]: https://blog.acolyer.org/2018/03/27/anna-a-kvs-for-any-scale/ [DataLog]: https://en.wikipedia.org/wiki/Datalog _______________________________________________ luv-main mailing list [email protected] https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
