* DONE Email::Valid does not accept UTF-8 emails adresses (e.g., peace@☮.net).
LDAP doesn't allow UTF-8 in the DNs anyway, so maybe convert the
domains/emails to Punycode internally?
* DONE Better check for existing lists (commands).
- When adding a new alias/mailbox 'test', check for existing alias/mailbox 'test', and list 'test'.
- When adding a new alias/mailbox 'test-request', check for existing alias/mailbox 'test-request', list 'test-request' *and* list 'test'. (The same for other list commands.)
- When adding a new list 'test', check for existing alias/mailbox/list 'test', 'test-request',...
- (Lists of the form 'test-request' are forbidden);
* CANCELED Check for cycles when creating new aliases?
CLOSED: [2012-09-29 Thu 16:12]
- CLOSING NOTE [2012-09-29 Thu 16:12] \\
1/ It is impossible to do it properly since the authenticated user may not have full read access on the graph.
2/ Cycles may also be created by catch-alls or mailbox forwarding, or even externally with another server.
3/ Postfix warns the administrator with a
"unreasonable virtual_alias_maps map nesting for test-loop1@fripost.org"
in the logs if there's a loop in the alias resolution.
* DONE Write a script to check every runmode against the W3 validator.
(Cf. cgiapp_postrun);
* DONE Use FastCGI. References
- http://www.cgi-app.org/index.cgi?FastCGI
- http://stackoverflow.com/questions/11771564/nginx-fastcgi-configuration-for-cgiapplication-app
* TODO Use HTML::Template::Pro. Not sure it's really worth it, though.
* DONE Escape reserved characters in URLs:
http://mark.stosberg.com/blog/2010/12/percent-encoding-uris-in-perl.html
* CANCELED How should we encode the URL for internationalized domain names? Punicode vs. unicode vs. HTML entities?
CLOSED: [2012-09-27 Thu 00:03]
- CLOSING NOTE [2012-09-27 Thu 00:03] \\
It's up to the browser (Firefox supports unicode in URLs).
* CANCELED Forbid UTF8 in the domain part of lists? (Test if the list
managers support it at least.)
CLOSED: [2012-09-27 Thu 03:38]
- CLOSING NOTE [2012-09-27 Thu 03:38] \\
Mailman and Schleuder do not support IDNs, but we convert the list name
into punicode first.
* DONE Give the right for domain postmasters to grant the right
to create aliases and lists.
* TODO Give the right to appoint co owners (for list and aliases).
* TODO Make every service use Kerberos, and remove the passphrase on
their GPG private keys.
* DONE Check list names against mailman's and schleuder's regexps?
* DONE What to do when a list creation fails? Set up a new service
to clean out the pending lists and domains if they have not been fixed
within 24h (daemon).
- CLOSING NOTE [2013-01-22 Thu 01:53] \\
* TODO Automatically generated passwords.
* TODO check if amavis{WhiteBlack}listSender supports catchall @example.org
* TODO Improve the CSS. Examples
http://www.qubesys.com/25-css-form-templates-and-input-styles/
https://github.com/pmcelhaney/semantic-form.css/blob/master/semantic-form.css
http://designshack.net/articles/10-css-form-examples/
http://www.codeproject.com/Tips/170049/Pure-HTML-5-CSS-3-Modal-Dialog-Box-no-JavaScript
http://www.examiner.com/article/html5-best-practices-table-formatting-via-css3
http://coding.smashingmagazine.com/2011/09/19/css3-flexible-box-layout-explained/
http://demo.webtuts.info/popup/
http://cssbutton.com/forms/
http://www.urcss.com/design-css-form-submit-button/
http://css-tricks.com/snippets/css/rounded-corners/
http://files.christophzillgens.com/form-test.html
Keep me logged in
Nicer buttons:
(darker on hover, depth effect on click)
* TODO Maximum pending entries per user (10).
* TODO Limit what a user can create. Examples
fripostQuota: what limit [group [address]]
fripostQuota: list 3 normal @fripost.org -> users with canCreateList can create at most 3 lists under that domain.
fripostQuota: alias 15 owner owner@fripost.org -> this owner can create at most 15 aliases under that domain
fripostQuota: mailbox 30 postmaster -> the postmaster(s) can create at most 30 mailboxes
* TODO Find a way to grant alias creation to a whole domain except a few
users. (Add new attributes fripostCannotAdd{Domain,Aliases,List}).
* TODO https://en.wikipedia.org/wiki/Tld#Reserved_domains
* TODO Use captions to explain active/pending status and anti-spam
options.
http://www.webdesignerdepot.com/2012/10/creating-a-modal-window-with-html5-and-css3/
http://sixrevisions.com/css/css-only-tooltips/
* TODO Add a a button to allow domains/aliases deletion.
* TODO Redocument the library.
* TODO We need a test-suite for the web application as well. And
ideally, for the whole library.
http://search.cpan.org/~hartzell/Test-WWW-Mechanize-CGIApp-0.05/lib/Test/WWW/Mechanize/CGIApp.pm
http://search.cpan.org/~petdance/Test-WWW-Mechanize-1.44/Mechanize.pm
* TODO Alternative to set user passwords:
http://search.cpan.org/~marschap/perl-ldap-0.52/lib/Net/LDAP/FAQ.pod#..._in_most_LDAP_servers?
http://search.cpan.org/~esskar/Crypt-SaltedHash-0.06/lib/Crypt/SaltedHash.pm
http://search.cpan.org/~zefram/Authen-Passphrase-0.008/lib/Authen/Passphrase.pm
http://www.openldap.org/faq/data/cache/347.html
http://www.zytrax.com/books/ldap/ch6/ppolicy.html
* TODO "A DN containing "[" "]" does not expand correctly.", quote from
http://www.openldap.org/faq/data/cache/1133.html
Try with an example (e.g., canAddAlias)
* TODO Wildcards (attapt the search method):
* => *@*
xy* => xy*@*
*xy => *@*xy
x*y => x*@*y
* TODO: Ensure that the domain and local parts are always lowercase.
(we're doing a naive DN check)
* TODO: check the list commands with recipient_delimiter (-bounces+*,
-confirm+*), cf https://www.gnu.org/software/mailman/mailman-install.txt
* TODO add options -destination/-forward/-catchall to the search methods
to filter on these values as well.
* TODO bug: new user "very.(),:;<>[]\".VERY.\"very@\\ * \"very\".unusual"@☮.net, upon error
- check every unusual mail (maildrop, canAdd{list,alias}, alias, user).
- check injection of code: in forms, upon login (escape forms).
* TODO Close the connection upon error at login and rest. (Maybe with cgiapp_postrun)
* TODO Explore untaint
http://search.cpan.org/~wonko/HTML-Template-2.94/lib/HTML/Template.pm#Error_Detection_Options
http://gunther.web66.com/FAQS/taintmode.html
http://perldoc.perl.org/perlsec.html
* TODO Try to factorize the templates. Maybe with cgiapp_postrun (output_ref)
* TODO Add -welcome options to all add methods, to send welcome mails.
* TODO Hide the SpamAssassin form
http://dev.opera.com/articles/view/css3-show-and-hide/
http://www.webdeveloper.com/forum/showthread.php?168061-Hide-Show-div-on-mouseclick-with-CSS-(no-JS)
http://stackoverflow.com/questions/5593500/html5-and-css3-show-form-hints-on-element-focus
* TODO check selfread access for canAdd{List,Alias} permission
https://www.rfc-editor.org/rfc/rfc3876.txt
* TODO unlock accounts:
ldapmodify -Y EXTERNAL -H ldapi:///
dn: fvl=user1,fvd=fripost.org,ou=virtual,o=mailHosting,dc=fripost,dc=dev
changetype: modify
delete: pwdAccountLockedTime
* TODO template filters
http://www.perl.com/pub/2006/11/30/html-template-filters.html
http://comments.gmane.org/gmane.comp.lang.perl.modules.html-template/2004
* TODO domain validation...
https://en.wikipedia.org/wiki/Certificate_authority