Accountwizard
In my las blog, I promised that I would explain a bit about what I did manage to work on the last months. A while ago, we all agreed that the account configuration as we all know it in KMail is not the most user friendly way of communicating to users. Providing options for TLS / SSL / CRAM-MD5, etc. We know most people don’t understand it at all and it gave a lot of fuel for bugreports.
This resulted in Volker writing code to make this wizard based. You ask the user what there full name is, etc. guiding them though the whole process. He also made it so that it would be possible for providers to provide a wizard on their own. That means providers could provide a script which only asks the needed information and fills in the other needed data. Like TLS / SSL / CRAM-MD5, etc. They obviously know the correct values to connect to their servers, and it leaves a limited set of questions the end user has to fill in. In the most ideal situation only their username and password.
While Volker did all that work, I kind of picked it up where he left it and decided this system would be an excellent candidate for get hot new stuff. My idea was that these provider based scripts should be downloadable by the end user, although I wanted it to be transparent. That means that when the user enters the wizard, it asks: which provider are you using? The list with providers is automatically fetched from the ghns-server and displayed. If their provider is not available they will be ale to enter the account details manually. That’s now implemented, see this screenshot.
What will strike your attention is, that there is only one provider available. So true. And that’s where my new project will kick in. I want to automate this process. In the idea work flow, the very first user of a provider will have to enter their data manually. After this process it is possible to use that account to create a new template script for that provider, and upload it back to the ghns-server. The second ever user immediately sees that new provider in the script and only has to fill in just a few details. Of course we will do so for some well know providers like gmail, gmx, etc.
What’s particulary interesting in this setup is that the provider wizard are scripted, that means it uses kross and the files are javascript. So each provider can provide their own scripts without needing a development environment or knowledge of C++. Everyone can do it. Companies can provide their own wizard for easy setup for new employees or whatever….
I hope to get started on this somewhere during this meeting. If you want to help, jump in the #akonadi channel. I probably need to create the foundations of this application first, after that help is appreciated, as I probably become distracted again soon after the meeting is over.
Isn’t it more convenient to let user enter his e-mail, then lookup provider scripts that know how to handle this @host.domain?
hi,
good to see work going on in this area, as this is truly not the shiny side of kmail – looking forward to test kmail2 when it doesn’t eat kittens anymore :)
@Yury, that’s how Thunderbird 3 works.
See http://ispdb.mozillamessaging.com/
Maybe Akonadi could use this information, too (if allowed by mozilla).
What is important: If users can submit configurations, there should be a review process to prevent account stealing.
An attacker might simly enter his own server and configure plain text authentication when creating a new account. Very, very dangerous.
Sounds like a great idea!
One concern though — I think it is fairly likely that the first user will enter incorrect information on their first try. There needs to be a way to correct the uploaded configuration, or to only upload it once it’s confirmed to work.
Very good idea, but what about security?
I think from a support/deployment point of view it’s a fantastic idea. I can imagine users just having to type their email and everything being automagically configured for them (even Kolab/other groupware account settings). Unfortunatelly I’m the only one using kmail or even linux at my workplace. :-( (I know there is kontact for Windows)
BUT, have you considered the security implications?
What if somebody puts a malicious ghns script saying it’s for gmail and pointing to “myrogueserver.pirates.com”. You enter your credentials and … off they go.
Thanks anyways for your work.
Regarding security: we will have to find a way to moderate it indeed. Not sure if ghns offers that. I’ll look into that, thanks for the pointers to that potential problem.
forgot the link to the autoconfiguration page on the mozilla wiki:
https://wiki.mozilla.org/Thunderbird:Autoconfiguration
Maybe you can adapt some of their ideas, like for example trying to autodetect by probing imap.domain.tld, pop.domain.tld, pop3.domain.tld, autodetecting ssl etc.
@Robin
The intent with ISPDB is to make it useful, not only for Thunderbird, but for other projects too. Evolution recently started to make use of the data as well [1] and it would be great if KMail wanted to join the fun as well!
More projects means more users, means more data for everyone! :)
There is a mailing list here where you can discuss ISPDB:
http://groups.google.com/group/ispdb
1. http://git.gnome.org/browse/api-web/tree/evolution/autoconfig
i also think that joining the ISPDB route would make most sense – i was very pleased to see that entering username + pass was enough to find the settings when i installed thunderbird on my sisters laptop.
Didn’t know about mozilla’s ISPDB. Don’t know if its working now (Thunderbird 3.0.4), but it’s auto searching for mail servers is a bit a pain in the ass. Even when you stop it to enter your own settings it keeps changing what you manually entered. (I know, not the place to complain, but still) Regarding it’s security I can see similar concerns to mine’s. Basically it’s the same technique as phishing, cheating you into a rogue server where you enter your credentials.
A discussion on this topic for mozilla
http://groups.google.com/group/ispdb/browse_thread/thread/b25e909d9f610a85
I can see the merit in dns txt records for autoconfiguration though.
Still missing: A nice wizard for GnuPG which just works.
It is much more complicated then the few radio-buttons for selecting the login-method.
There is always something to complain about, right? What about saying thank you first? :)
This is the biggest advance in configuration dialogs since the invention of the configuration dialog.
The “first user sets all up, second user gets an auto setup” mantra should be applied to Linux, entirely. We’ll scrap Windows in a second with this.
AMAZING.