Is this something with the Citadel Server? Does it changes the
message?
Citadel does not do anything with DKIM for incoming messages. If you have SpamAssassin connected to Citadel it can look at incoming signatures, but Citadel Server does not do anything with them.
The new DKIM functionality in Citadel Server v1000 strictly applies to outgoing mail. DKIM signatures are added to outgoing messages at the moment of delivery.
It's done by the SMTP delivery agent, so you won't even see the signature in your Sent Items folder.
If you are getting DKIM mismatch in Thunderbird I am not surprised; Citadel does rewrite the headers for incoming messages. It doesn't change the information but it stores the headers in a format other than RFC2822 so by the time Thunderbird sees a message, the header appearance can be ever so *slightly* different -- and that's enough to make DKIM fail. I don't think we have a way to work around that, so if you care about incoming DKIM you should probably set it up further back in the chain (for example, with SpamAssassin).
I really think that it is a drawback of Citadel. In the future will you change that? Some funcionalitty to migrate the storage to new format that is compatible with DKIM.
And if I forward that message will it not go the SPAM in the other email account?
I already received a message of a forward that a message is not compatible with RFC (I do not know which RFC).
Another thing. A good feature is to turn on and off the rules without cleaning them.
If someone has to populate the INBOX from a local folder (e.g. with Thunderbird) and it has a forward rule the other account will receive a bunch of annoying emails. It happened to me.
I hope I am not being rude.
Thank you much for you suggestion. I will definetly explore the Static VPN option :)
Any recommendations on SMART Hosts that is no google so that the sender appears under my domain and not the External SMTP Servers Domain?
If you're using gmail as a smart host, then yes it's going to do that.
You might try Twilio SendGrid. I haven't used it myself but I've heard good things about that.
You might also try using a Static IP VPN that will place your Citadel Server into a "good neighborhood" with controllable static IP and reverse DNS, and then you can set things up to deliver directly without a smart host. (This is what uncensored.citadel.org is using, by the way. The server is running in a residential environment but has a Static IP VPN.)
Subject: unsubscribed a while ago, and now getting emails again
Hi I unsubscribed from this list, why am I getting emails again? How do I unsubscribe from here can someone give me a link?
Thanks.
JH
Thank you much for you suggestion. I will definetly explore the Static VPN
option :)
Here's the one I use:
[ https://www.aceinnovative.com/internet-access/static-ip-vpn/ ]
I'm not associated with them at all, just a VERY happy customer. They even send you the router. (I don't use the router because I implemented the tunnel in software, but most people will simply plug their servers into the router.)
Subject: Re: unsubscribed a while ago, and now getting emails again
Hi I unsubscribed from this list, why am I getting emails again? How doI unsubscribe from here can someone give me a link?
https://uncensored.citadel.org/listsub
You'll also find a "List-Unsubscribe:" link in the headers of each email from the list, if you want to attempt a One Click Unsubscribe. I hope that someday Google trusts us enough to turn that into an Unsubscribe button.
When I try and paste it into my DNS manager I get a error about it being too long. I think only 1024 bit signing works and it looks like you are creating 2048? My 1024 bit keys work fine...
Marisa
Hi,
please help with the following error -
I've changed the permissions in as many places as possible but it's still erroring
I assumed citadel is using root? as I started the citadel process under root (service citadel start)
regards,
Craig.
can someone please assist me with installation. I do not see WEBCIT and would be willing to compensate someone to help me setup the system.
usually there is a webcit with port 2000 or 2001. If you can leave your email and are willing to help me seup for a small fee, please let me know. Debain/Linux 11.5
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:5222 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 812/mariadbd
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:563 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 765/sshd: /usr/sbin
tcp 0 0 0.0.0.0:119 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 724/cupsd
tcp 0 0 0.0.0.0:504 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 4723/citserver
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 4723/citserver
tcp6 0 0 :::80 :::* LISTEN 857/apache2
tcp6 0 0 :::22 :::* LISTEN 765/sshd: /usr/sbin
tcp6 0 0 ::1:631 :::* LISTEN 724/cupsd
tcp6 0 0 :::443 :::* LISTEN 857/apache2
udp 0 0 0.0.0.0:631 0.0.0.0:* 782/cups-browsed
udp 0 0 0.0.0.0:5353 0.0.0.0:* 654/avahi-daemon: r
udp 0 0 0.0.0.0:38682 0.0.0.0:* 654/avahi-daemon: r
udp6 0 0 fe80::9a90:96ff:feb:546 :::* 658/NetworkManager
udp6 0 0 :::35851 :::* 654/avahi-daemon: r
udp6 0 0 :::5353 :::* 654/avahi-daemon: r
You are best off asking for help over in the support room.
Greetings
is there a report, process, procedure to get idea of users and messages attributed them out of the database?
Subject: Re: Cant get the DKIM conffig working....
When I try and paste it into my DNS manager I get a error about it being too long. I think only 1024 bit signing works and it looks like you are creating 2048? My 1024 bit keys work fine...
1024 bit keys are deprecated by a lot of places now. Sending an email signed by a 1024 bit key is almost as undesirable as not signing it at all. I would definitely suggest finding out how to get the longer string into your DNS manager instead of trying to figure out how to get Citadel to generate a shorter key.
Here's a Server Fault article where people are discussing the same topic:
https://serverfault.com/questions/255580/how-do-i-enter-a-strong-long-dkim-key-into-dns
Subject: Re: permission error on citadel.key file
I've changed the permissions in as many places as possible but it's still erroring
I assumed citadel is using root? as I started the citadel process under root (service citadel start)
Citadel is started as root (usually by systemd or its equivalent) but then it will drop its permissions to another user (perhaps a user called "citadel") in most configurations.
You can do a "ps auxf" to find what user name citserver is running at, then change your certificate file permissions to handle that.
Is there any way I can get my username changed here?
Hi, citadel service is running under citadel user... I changed all the symbolic link permissions with chown -h citadel:root as well as the actual key.
same error in the logs, even after service restart.
!?!?
Craig.
Sat Jun 08 2024 16:09:41 EDT from IGnatius T Foobar Subject: Re: permission error on citadel.key file
I've changed the permissions in as many places as possible but it's still erroring
I assumed citadel is using root? as I started the citadel process under root (service citadel start)
Citadel is started as root (usually by systemd or its equivalent) but then it will drop its permissions to another user (perhaps a user called "citadel") in most configurations.
You can do a "ps auxf" to find what user name citserver is running at, then change your certificate file permissions to handle that.
I am running Debian 12, do you know if OPENID is still supported and what libraries LDAP requires so that the modules are built during the easy setup process?
I would like like to run both OpenID and LDAP but see very limited support.
I am running Debian 12, do you know if OPENID is still supported and what libraries LDAP requires so that the modules are built during the easy setup process?
I would like like to run both OpenID and LDAP but see very limited support.
What i actually need to know is what dependencies do I need to pre-load so that the easy install script will recognize the OpenID and LDAP need to build those modules. This is for Linux/Debian 12
New to this support Forum, looking for search.
Need help on SSL letsencrypt. Domain on server is registered with letsencrypt
Is there any way I can get my username changed here?
Sure, send me a private message with your desired new name and use it next time you log in.