John Simpson wrote:
> you're more apt to find them on a phpbb mailing list rather than the
>
vpopmail mailing list.
I just didn't want to get into explaining what vpopmail/qmail was if it
was a completely ridiculous idea.
> also, a suggestion- i don't know whether your stuff works by running
> "vchkpw" or by somehow calling the libvpopmail functions
Two things... I actually just directly query the mysql backend that
vpopmail uses with the phpbb authentication scripts. And, having typed
that last line out loud, I see that this is fairly off-topic AND that I
probably should have used vpopmaild! Thank you. I can't believe I didn't
stumble onto that when I was trying to hatch up a solution.
>
from the technical end, yes. however, i'll be honest- i suspect most
> of the people here also read bugtraq and know how often new security
>
holes are found in phpbb, and therefore aren't overly interested in
> running phpbb on our servers.
Indeed... the phpbb is on another server so the 'most' that [c|sh]ould
be compromised is that web server's chroot and the table for that
domain's mail.
Thanks again for the input,
Matt
