Re: [exim] php/script to control exim?

Top Page
Delete this message
Reply to this message
Author: Lars Nielsen
Date:  
To: exim-users
Subject: Re: [exim] php/script to control exim?

> Lars Nielsen wrote:
>> Hi List,
>>
>> I am developing a php-based webservice with which i want to control and
>> manage exim from a web-gui.
>>
>> What is the best and most secure way to control Exim from a php-script?
>> Some issue can be configured via a database but i still need to call the
>> exim executable some times!?
>>
>>
>
> Lars,
>
> Perhaps it is just time-zones and weekend priorities, but the lack of a
> response so far just might indicate a reluctance to help you implement
> what has to be akin to an attempt to walk on water .. and failing, have
> coded the electronic equivalent of a suicide-kit, 'abuseability' wise.
>
> php is a grand tool for coding nice web pages rapidly.
>
> Securing it and preventing a web app being suborned is NOT so fast and
> easy, adn more than a few MTA have suffered becasue of that.
>
> 'More better' if you must go that route to use the oldest and best
> tested and debugged off-the shelf F/LOSS php critter you can find.
>
> Its devel team and user community will at least already have the scars
> and wisdom gained from TRYING to secure it. And more than a few times.
>
> Easier to then customize look and feel than reinvent that entire
> wheel... a decidedly 'non-trivial' exercise.
>
> And one not really within Exim's purview...
>
> Anything that can invoke the binary ... can invoke the binary.
>
> Best Exim can do thereafter is try to filter and ratelimit.
>
> You'll need an acl_not_smtp critter to do some of that...
>
> Bill
> --
> 韓家標
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


Hi Bill,
Thanks for your advise and comment. I am sure this is not a trivial
task. Thats why I asked for ideas here! :-)

Is it possible to invoke the exim binary in another way than to call it
directly from a script/commandline? It would mostly be to reload
configuration-settings.

--
Med venlig hilsen / Best Regards

LFWeb
Lars Nielsen
www : http://www.lfweb.dk