headers
Lars Nielsen | 16 Jun 2012 10:48
Picon
Favicon

php/script to control exim?

Hi List,

I am developing a php-based webservice with which i want to control and
manage exim from a web-gui.

What is the best and most secure way to control Exim from a php-script?
Some issue can be configured via a database but i still need to call the
exim executable some times!?

-- 
Med venlig hilsen / Best Regards

LFWeb
Lars Nielsen
Thorsensvej 30
4800 Nykøbing Falster
Tlf: +45 20 64 85 76
email : lars <at> lfweb.dk
www : http://www.lfweb.dk

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Permalink | Reply |
headers
W B Hacker | 16 Jun 2012 18:11

Re: php/script to control exim?

Lars Nielsen wrote:
> Hi List,
>
> I am developing a php-based webservice with which i want to control and
> manage exim from a web-gui.
>
> What is the best and most secure way to control Exim from a php-script?
> Some issue can be configured via a database but i still need to call the
> exim executable some times!?
>
>

Lars,

Perhaps it is just time-zones and weekend priorities, but the lack of a 
response so far just might indicate a reluctance to help you implement 
what has to be akin to an attempt to walk on water .. and failing, have 
coded the electronic equivalent of a suicide-kit, 'abuseability' wise.

php is a grand tool for coding nice web pages rapidly.

Securing it and preventing a web app being suborned is NOT so fast and 
easy, adn more than a few MTA have suffered becasue of that.

'More better' if you must go that route to use the oldest and best 
tested and debugged off-the shelf F/LOSS php critter you can find.

Its devel team and user community will at least already have the scars 
and wisdom gained from TRYING to secure it. And more than a few times.
(Continue reading)

Permalink | Reply |
headers
Lars Nielsen | 19 Jun 2012 17:04
Picon
Favicon

Re: php/script to control exim?


> Lars Nielsen wrote:
>> Hi List,
>>
>> I am developing a php-based webservice with which i want to control and
>> manage exim from a web-gui.
>>
>> What is the best and most secure way to control Exim from a php-script?
>> Some issue can be configured via a database but i still need to call the
>> exim executable some times!?
>>
>>
>
> Lars,
>
> Perhaps it is just time-zones and weekend priorities, but the lack of a
> response so far just might indicate a reluctance to help you implement
> what has to be akin to an attempt to walk on water .. and failing, have
> coded the electronic equivalent of a suicide-kit, 'abuseability' wise.
>
> php is a grand tool for coding nice web pages rapidly.
>
> Securing it and preventing a web app being suborned is NOT so fast and
> easy, adn more than a few MTA have suffered becasue of that.
>
> 'More better' if you must go that route to use the oldest and best
> tested and debugged off-the shelf F/LOSS php critter you can find.
>
> Its devel team and user community will at least already have the scars
> and wisdom gained from TRYING to secure it. And more than a few times.
(Continue reading)

Permalink | Reply |
headers
W B Hacker | 19 Jun 2012 18:27

Re: php/script to control exim?

Lars Nielsen wrote:
>
>> Lars Nielsen wrote:
>>> Hi List,
>>>
>>> I am developing a php-based webservice with which i want to control and
>>> manage exim from a web-gui.
>>>
>>> What is the best and most secure way to control Exim from a php-script?
>>> Some issue can be configured via a database but i still need to call the
>>> exim executable some times!?
>>>
>>>
>>
>> Lars,
>>
>> Perhaps it is just time-zones and weekend priorities, but the lack of a
>> response so far just might indicate a reluctance to help you implement
>> what has to be akin to an attempt to walk on water .. and failing, have
>> coded the electronic equivalent of a suicide-kit, 'abuseability' wise.
>>
>> php is a grand tool for coding nice web pages rapidly.
>>
>> Securing it and preventing a web app being suborned is NOT so fast and
>> easy, adn more than a few MTA have suffered becasue of that.
>>
>> 'More better' if you must go that route to use the oldest and best
>> tested and debugged off-the shelf F/LOSS php critter you can find.
>>
>> Its devel team and user community will at least already have the scars
(Continue reading)

Permalink | Reply |

Gmane