Please wait...
0 files
if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^
Can I host more than one certificate on a single Citadel server?
That is, can I host xxx.yyy.com and aaa.bbb.com on the same server just by installing more than one certificate/key pair?
So instead of something like multi-hosts or SNI, I'll simply need a cert with all the domains supported listed as SANs, correct?
So if I have xxx.com, and yyy.com, when an email comes to xxx.com, will it only be seen by someone having and email, ex. joe@xxx.com and not also the same joe@yyy.com???
if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^
So instead of something like multi-hosts or SNI, I'll simply need a cert with all the domains supported listed as SANs, correct?
So if I have xxx.com, and yyy.com, when an email comes to xxx.com, will it only be seen by someone having and email, ex. joe@xxx.com and not also the same joe@yyy.com???
if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^
if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^
it would CERT-ainly be the easiest way, as afaik citadel was made for small use cases and only takes one cert.. so you'd have to combine them. easiest way to combine them and keep them up to date is lets encrypt.. and the mail server should be visible at least at mail.example1.com and mail.example2.com if you set it up right with multidomains.. and when you request mail.example1.com and mail.example2.com it SHOULD also grant example1.com and example2.com by default... so even if your mail server isn't the main website on the domain, it should work. for me, i have an nginx reverse proxy on my domain.tld and mail is mail.domain.tld and all my certs are handled by the reverse proxy which then just has a cron that rsyncs them to all the other web-facing servers in my network daily, so every system always has up to date certs and if a system fails, i get notified about it via the cron email thingy and i just have the rsync directory be the one that citadel takes its certs from and then just forget about it. of course, make sure you can only log into whatever user via SSH certs and not passwords, because that's safer.
- Afrikaans
- Albanisch
- Amharisch
- Arabisch
- Armenisch
- Aserbaidschanisch
- Bengalisch
- Birmanisch
- Bulgarisch
- Chinesisch (traditionell)
- Chinesisch (vereinfacht)
- Deutsch
- Dänisch
- Englisch
- Estnisch
- Finnisch
- Französisch
- Griechisch
- Gujarati
- Haitianisch
- Hebräisch
- Hindi
- Indonesisch
- Isländisch
- Italienisch
- Japanisch
- Kannada
- Kasachisch
- Katalanisch
- Khmer
- Koreanisch
- Kroatisch
- Kurdisch (kurmandschi)
- Lao
- Lettisch
- Litauisch
- Malagasy
- Malayalam
- Malaysisch
- Maltesisch
- Maori
- Marathi
- Nepalesisch
- Niederländisch
- Norwegisch
- Paschtu
- Persisch
- Polnisch
- Portugiesisch
- Punjabi
- Rumänisch
- Russisch
- Samoanisch
- Schwedisch
- Slowakisch
- Slowenisch
- Spanisch
- Tamil
- Telugu
- Thailändisch
- Tschechisch
- Türkisch
- Ukrainisch
- Ungarisch
- Urdu
- Vietnamesisch
- Walisisch
So instead of something like multi-hosts or SNI, I'll simply need a cert with all the domains supported listed as SANs, correct?
So if I have xxx.com, and yyy.com, when an email comes to xxx.com, will it only be seen by someone having and email, ex. joe@xxx.com and not also the same joe@yyy.com???
if your server can be seen by multiple domains, you can use let's encrypt to request a certificate with multiple domains in it... then just have it be created in /usr/local/citadel/keys i think. it has to be named whatever.crt and whatever.key and they have to have permission for read and write and be owned by whatever user you set up to run citadel. at that point, you can simply add in hostnames to your let's encrypt config and magically have them be supported... at least that's how mine works. ^v^
Is there a way to redirect all HTTP traffic on the web client to HTTPS?
Thanks.
Is there a way to redirect all HTTP traffic on the web client to HTTPS?
Not using Citadel by itself, but you can easily do that by putting some other web server on port 80 and redirecting to HTTPS as per the normal method.
Trying to follow instructions at https://www.citadel.org/how_do_i_retrieve.html -> Webcit
First question: can the local cit server be referred to as a remote pop3? When I say no, I try to change folder settings as follows
Positioned at my room, folder Mail (INBOX) -> Advanced -> Edit or delete this room
-> Configuration. Making changes (e.g. tick File directory room, Directory name /home/pi/Mail
Upon Save changes, Webcit says "Cannot edit this room". What's required?
Some details:
citadel and webcit installed on RaspberryPi 4
User "pi" has admin privilege. Logged in locally (keyboard, mouse and screen, i.e. not ssh)
ls -ld /home/pi/Mail :: drwxrwxrwx 2 root pi 4096 Aug 15 12:53 /home/pi/Mail
Chromium-browser URL=http://192.168.0.21:8090 functioning perfectly so far.
In the end I want to access incoming mail from a place like /var/mail/pi using a basic command like cat
/hgs_at_oso
Thanks for the hint. I'm still struggling with inconsistent settings in a range of configs. fetchmail is installed. Awaiting success...
/hgs_at_oso
On my system there's no lpr. As a workaround I defined in /etc/citadel/citadel.rc
printcmd=/usr/bin/lpr
a script intended to pipe STDIN to a file
ls -l /usr/bin/lpr
-rwxr-xr-x 1 root root 77 Aug 19 09:12 /usr/bin/lpr
cat /usr/bin/lpr
#!/bin/sh
echo "This is a fake lpr"
cat >> /home/pi/Mail/container.txt
exit
ls -l /home/pi/Mail/container.txt
-rw-rw-rw- 1 pi pi 0 Aug 18 23:01 /home/pi/Mail/container.txt
Using it from a bash command line the script is working. Restarting citserver from webcit, going to a message in my Mail room and clicking print doesn't do the intended. Instead, there's a short flash of a window too short to read. Is /etc/citadel/citadel.rc the right file to edit? What do I have to do?
Thanks in advance
/hgs_at_oso
fetchmail doesn't allow me to connect to citserver (neither POP3 nor SMTP).
However, with telnet to port 110 I can list the emails and extract the content. There's a request for certificates. Who's the culprit? Have goggled around, got no clue.
telnet localhost.private 110
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
+OK Citadel POP3 server ready.
USER pi
+OK Password required for pi
PASS ********
+OK pi is logged in (17 messages)
LIST
+OK Here's your mail:
1 1709
2 1175
3 1828
4 1726
5 1205
6 1242
7 1242
8 1730
9 1166
10 1819
11 1717
12 1196
13 1233
14 826
15 864
16 1732
17 1248
.
RETR 14
+OK Message 14:
Return-Path: pi@raspberrypi
Date: Mon, 15 Aug 2022 11:43:51 +0200
To: pi@raspberrypi
Subject: hello
Message-ID: <62FA1557-00000173@mail.raspberrypi.com>
From: "pi" <pi@raspberrypi>
MIME-Version: 1.0
X-Mailer: WebCit 957
Content-type: multipart/alternative; boundary="Citadel--Multipart--bredband.tele2.se--0946--0008"
This is a multipart message in MIME format.
--Citadel--Multipart--bredband.tele2.se--0946--0008
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
hello from fingal =0A=0A=C2=A0=0A
--Citadel--Multipart--bredband.tele2.se--0946--0008
Content-type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html><body>
<p>hello from fingal</p>=0A<p>=C2=A0</p>
</body></html>
--Citadel--Multipart--bredband.tele2.se--0946--0008--
.
Subject: How to send email via citadel's SMTP service?
Hello! So far, citadel is so wonderful for our small group but, we have a website now and its two machines.. one for citadel and one for the website.. ports are set up right, mail works and all that... but we're unable to connect to the SMTP to send email from the website. is there something i need to change to allow remote connections to send email from the SMTP as a relay? i'm able to read email just fine in thunderbird and all that, but i'm not able to send it there either. is there a setting to change to be able to remotely connect to the SMTP server?
Hi,
I'm trying to send email from my citadel server to my Gmail but my outgoing mails bounce back with the error 550-[5.7.1]. My incoming emails are working fine. Any help would be highly appreciated 🙂
P.S.: I have SSL certificate enabled which I thought was the issue but it wasn't -,-
Hello Citadel community,
I am going through my second rebuild for my Citadel mail server, and I have ended up back to square one.
journalctl is reporting
citserver[3836]: db: cdb_fetch(4): BDB0075 DB_PAGE_NOTFOUND: Requested page not found.
Any help would be greatly appreciated.
/Hutch
Did you ever get this fixed?
Think I may have gotten past the initial service start.
In /usr/local/citadel, ran the database cleanup script
sudo ./database_cleanup.sh
********************************
GOT:
you will need 28Mof free space.
We will attempt to look for a Citadel database in /usr/local/citadel/data
Do you want to continue? Y
DO NOT INTERRUPT THIS PROCESS.
Dumping cdb.00
db_dump: BDB5115 open: cdb.00: No such file or directory
error 1
Exiting.
utch@mail:~$ sudo journalctl -e -u citadel
Aug 23 15:38:59 mail citserver[960]: citserver[960]: rbl: 216.200.152.158 [0.000008] none found
Aug 23 15:38:59 mail citserver[960]: rbl: 216.200.152.158 [0.000008] none found
Aug 23 15:38:59 mail citserver[960]: citserver[960]: context: [ 19]SRV[SMTP-MTA] Session ended.
Aug 23 15:38:59 mail citserver[960]: context: [ 19]SRV[SMTP-MTA] Session ended.
Aug 23 15:39:05 mail citserver[960]: citserver[960]: context: session (IMAP) started from 192.168.100.15 (192.168.100.15) uid>
Aug 23 15:39:05 mail citserver[960]: context: session (IMAP) started from 192.168.100.15 (192.168.100.15) uid=-1
Aug 23 15:39:05 mail citserver[960]: citserver[960]: crypto: TLS using TLS_AES_128_GCM_SHA256 on TLSv1.3 (128 of 128 bits)
Aug 23 15:39:05 mail citserver[960]: crypto: TLS using TLS_AES_128_GCM_SHA256 on TLSv1.3 (128 of 128 bits)
Aug 23 15:39:06 mail citserver[960]: citserver[960]: <plain_auth>
Aug 23 15:39:06 mail citserver[960]: <plain_auth>
Aug 23 15:39:07 mail citserver[960]: citserver[960]: <password>
Aug 23 15:39:07 mail citserver[960]: citserver[960]: user_ops: CtdlTryPassword: no user selected
Aug 23 15:39:07 mail citserver[960]: <password>
Aug 23 15:39:07 mail citserver[960]: user_ops: CtdlTryPassword: no user selected
Aug 23 15:39:07 mail citserver[960]: citserver[960]: LOGIN...
Aug 23 15:39:07 mail citserver[960]: LOGIN...