Looking forward to more VEXIM
167 views
Skip to first unread message
Tomas Hood
Feb 23, 2013, 6:08:41 PM2/23/13
to ve...@googlegroups.com
I have been using VEXIM for a number of years. I wonder if there will be any new updates and improvements. I'm looking forward to discussions.
- Tomas
Avleen Vig
Feb 23, 2013, 6:22:17 PM2/23/13
to Tomas Hood, ve...@googlegroups.com
Development has been stalled for a few reasons:
1. I've simply not had much time at all. This might chance soon, but
I've said that a few times now. Time is precious and hard to find :)
2. I've wondered a few times if Vexim could be a source of income
for me. If it could, I would definitely dedicate more time to it. As
it is, I have to focus on other things that help put food on the
table.
Really, it just comes down to these few things.
There are some really good features I want to add (better groups /
mailing list support, bundling a webmail interface, better spam
detection, other authentication options like LDAP etc).
If people have specific features they want to see I'd love to hear
them, maybe we can get some momentum going again.
1. I've simply not had much time at all. This might chance soon, but
I've said that a few times now. Time is precious and hard to find :)
2. I've wondered a few times if Vexim could be a source of income
for me. If it could, I would definitely dedicate more time to it. As
it is, I have to focus on other things that help put food on the
table.
Really, it just comes down to these few things.
There are some really good features I want to add (better groups /
mailing list support, bundling a webmail interface, better spam
detection, other authentication options like LDAP etc).
If people have specific features they want to see I'd love to hear
them, maybe we can get some momentum going again.
Sebastian Cabrera
Apr 2, 2013, 4:39:01 PM4/2/13
to ve...@googlegroups.com, Tomas Hood
If you're going to move that Project to one of those collaboration platforms (sourceforge, github), I'd be happy to donate some time and effort to add some code to the Project. I'm pretty sure others would like to do so, too.
What do you think?
What do you think?
Rimas Kudelis
Apr 2, 2013, 4:49:25 PM4/2/13
to ve...@googlegroups.com
Rimas Kudelis
May 17, 2013, 6:14:28 AM5/17/13
to ve...@googlegroups.com
Hi,
WRT future of Vexim, I have a few ideas up my sleeve, which I hope to
implement, if time allows.
First of all, I plan to migrate it from Pear:DB to PDO, to reduce our
dependency list.
Later on, I'm thinking about trying to redo Vexim (and its current
functionality) as a Yii application. This would not only bring it more
up-to-date in terms of UI and UX, but would also help me gain some
PHP/Yii practice.
BY the way, I wonder what system requirements would people consider
reasonable for Vexim? The current list of official requirements (MySQL3,
PHP4) looks quite outdated to me. I've already changed the README to say
we require PHP5, but I wonder what would be acceptable for our users?
If anyone has any input, that would be appreciated.
Rimas
WRT future of Vexim, I have a few ideas up my sleeve, which I hope to
implement, if time allows.
First of all, I plan to migrate it from Pear:DB to PDO, to reduce our
dependency list.
Later on, I'm thinking about trying to redo Vexim (and its current
functionality) as a Yii application. This would not only bring it more
up-to-date in terms of UI and UX, but would also help me gain some
PHP/Yii practice.
BY the way, I wonder what system requirements would people consider
reasonable for Vexim? The current list of official requirements (MySQL3,
PHP4) looks quite outdated to me. I've already changed the README to say
we require PHP5, but I wonder what would be acceptable for our users?
If anyone has any input, that would be appreciated.
Rimas
Avleen Vig
May 17, 2013, 10:31:28 AM5/17/13
to Rimas Kudelis, ve...@googlegroups.com
Thanks Rimas :)
I think Yii app should be OK. I'll read a bit more into this but I've heard other people say many good things.
Yes the requirements should definitely improve. We obviously haven't used any of the mysql5 or php5 features but almost everyone should be on those by now. If not you're probably running systems with huge security holes :)
This all sounds like a great idea!
Rimas Kudelis
May 20, 2013, 1:15:57 PM5/20/13
to ve...@googlegroups.com
Hello,
here's another thought that I came up with today: I think that having both 'crypt' and 'clear' fields in the database is superfluous and doesn't make sense. On one hand, having 'clear' passwords in the database makes the 'crypt' field redundant, on the other hand, if you use only the 'crypt' field, 'clear' becomes just a nuisance.
I think for the next major version, these fields should be consolidated into one (probably called 'password'). Instead of keeping both versions of the password in the DB simultaneously, I think Vexim could provide "no encryption" as one of the password encryption schemes (it's probably about time to provide more of these anyway).
By the way, I wonder how tightly is Vexim tied to Exim? From my (uneducated) PoV, it looks like there's nothing architectural that could really prevent Vexim from "becoming friends" with other MTAs.
Rimas
here's another thought that I came up with today: I think that having both 'crypt' and 'clear' fields in the database is superfluous and doesn't make sense. On one hand, having 'clear' passwords in the database makes the 'crypt' field redundant, on the other hand, if you use only the 'crypt' field, 'clear' becomes just a nuisance.
I think for the next major version, these fields should be consolidated into one (probably called 'password'). Instead of keeping both versions of the password in the DB simultaneously, I think Vexim could provide "no encryption" as one of the password encryption schemes (it's probably about time to provide more of these anyway).
By the way, I wonder how tightly is Vexim tied to Exim? From my (uneducated) PoV, it looks like there's nothing architectural that could really prevent Vexim from "becoming friends" with other MTAs.
Rimas
Rimas Kudelis
Jun 5, 2013, 1:48:36 PM6/5/13
to ve...@googlegroups.com
Hello,
I have converted Vexim to use PDO instead of Pear::DB. Would anyone be
willing to test the result and give any feedback?
For those who are interested, you can check out the pdo branch from
github: https://github.com/avleen/vexim2/tree/pdo .
Regards,
Rimas
2013.05.17 13:14, Rimas Kudelis rašė:
> H
I have converted Vexim to use PDO instead of Pear::DB. Would anyone be
willing to test the result and give any feedback?
For those who are interested, you can check out the pdo branch from
github: https://github.com/avleen/vexim2/tree/pdo .
Regards,
Rimas
2013.05.17 13:14, Rimas Kudelis rašė:
> H
Avleen Vig
Jun 19, 2013, 2:19:51 AM6/19/13
to Rimas Kudelis, ve...@googlegroups.com
On Mon, May 20, 2013 at 10:15 AM, Rimas Kudelis <r...@akl.lt> wrote:
Hello,
here's another thought that I came up with today: I think that having both 'crypt' and 'clear' fields in the database is superfluous and doesn't make sense. On one hand, having 'clear' passwords in the database makes the 'crypt' field redundant, on the other hand, if you use only the 'crypt' field, 'clear' becomes just a nuisance.
I think for the next major version, these fields should be consolidated into one (probably called 'password'). Instead of keeping both versions of the password in the DB simultaneously, I think Vexim could provide "no encryption" as one of the password encryption schemes (it's probably about time to provide more of these anyway).
Definitely. Originally there were requests from some larger users to have a "clear" field to help support users a little better, but over time I think this presents nothing but a huge security issue waiting to happen.
My preference would be to just have one "password" field and to store a salted hash.
It would also be *super* cool to offer two-factor auth through something like Google Authenticator if we wanted to get fancy about it :)
By the way, I wonder how tightly is Vexim tied to Exim? From my (uneducated) PoV, it looks like there's nothing architectural that could really prevent Vexim from "becoming friends" with other MTAs.
It is deliberately decoupled :) I tested it once with Postfix, many moons ago, and was able to get the basics to work.
Reply all
Reply to author
Forward
0 new messages