Article 11321 at 07/11/30 18:27:48 From: bq (at mark) solarspeed.net Subject: [coba-e:11321] Re: AW: Re: Tracing emails being sent with apache

Index: [Article Count Order] [Thread]
Date:  Fri, 30 Nov 2007 10:27:27 +0100
From:  Michael Stauber <bq (at mark) solarspeed.net>
Subject:  [coba-e:11321] Re: AW:  Re: Tracing emails being sent with  apache
To:  coba-e (at mark) bluequartz.org
Message-Id:  <200711301027.28282.bq (at mark) solarspeed.net>
In-Reply-To:  <0d8d01c831da$b7116060$6700a8c0@OfficeKen>
References:  <031a01c831c8$ebd93500$0101a8c0@systemax> <0d8d01c831da$b7116060$6700a8c0@OfficeKen>
X-Mail-Count: 11321

Hi Ken,

> In your proftpd.conf, you could modify your Global container add the <Limit
> LOGIN> section.
> E.g.
> <Global>
> TimesGMT off
> DefaultChdir ../../web site-adm
> <Limit SITE_CHMOD>
> AllowAll
> </Limit>
> IdentLookups off
> MaxClientsPerHost 40
> MaxClientsPerUser 40
> DeferWelcome on
> <Limit LOGIN>
> DenyAll
> AllowGroup site-adm
> AllowUser someotheruserthatyouwanttoallow
> AllowUser someotheruserthatyouwanttoallow2
> AllowUser admin
> </Limit>
> ServerIdent off
> </Global>

Good idea. Actually I'm using a slightly different approach for one domain 
which also works:

Cronjob:

0-59/5 * * * * /root/ftpaccess.pl > /dev/null 2>&1

Script /root/ftpaccess.pl:

------------------------------------------------------------------------------------------------------------------
#!/usr/bin/perl

$dir = "/home/sites/www.domain.com/users/";

        opendir(USERDIRS,$dir);
        @userdirs = readdir(USERDIRS);
        @sorteduserdirs = sort {$a<=>$b} @userdirs;
        closedir(USERDIRS);
        foreach $user (@sorteduserdirs) {
          if  ($user) { 
                if (-f "$dir/$user/.ftpaccess") {
                        #print "User $user already has a .ftpaccess file\n";
                }
                else {
 system("echo '<Limit>\nDenyAll\n</Limit>\n' > '$dir/$user/.ftpaccess'");
                }
           }
        }
exit;
------------------------------------------------------------------------------------------------------------------

What it does:

It polls the "users" directory of the site "www.domain.com" for all usernames.

Next the script creates a ".ftpaccess" file in the home directory of each 
users with the following text in it:

<Limit>
DenyAll
</Limit>

It only does so if the user doesn't already have a ".ftpaccess" file in it.

If that file with the above contents is already present, the user in question 
will be unable to login by FTP.

But yeah, it should be possible to easily to extend the BlueQuartz GUI with a 
proper implementation of this feature. Just like the "accept email for 
domain/user" checkbox and depending on if it's checked or not ".ftpaccess" 
file will be created or removed from user(s) and/or sites.

I'll look into this.

-- 
With best regards,

Michael Stauber