Language:
switch to room list switch to menu My folders
Go to page: First ... 18 19 20 21 [22] 23 24 25 26 ... Last
[#] Wed Jul 12 2017 13:48:46 EDT from athos-mn @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]

Outbound SMTP. Here's the discussion (just two messages that I can see): http://uncensored.citadel.org/readfwd?go=Citadel%20Support?start_reading_at=4090070#4090070 and the relevant quote:

 

"I wasn't aware that Google is now red-flagging any emails that don't arrive via encrypted SMTP. That sucks. Citadel doesn't send out SMTP connections with TLS encryption in the current version, sorry to say. Since the mighty Google overlords now seem to be shaming everyone for doing that, I suppose we should put it on the short list. "

 

 

Wed Jul 12 2017 12:56:17 EDT from IGnatius T Foobar @ Uncensored Subject: Re: TLS Encryption

 

Wed Jul 12 2017 11:09:52 AM EDT from athos-mn @ Uncensored Subject: TLS Encryption

I'm just following up on a message from last year where TLS encryption wasn't yet part of Citadel. Has that been added to the roadmap (or added and I missed it)? 



I don't remember the discussion that took place last year.  What part of the system needed encryption that didn't already have it?



 



[#] Wed Jul 12 2017 16:24:53 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]

Ah yes ... that :)

Something very relevant has happened between then and now. All outbound protocol handling is now performed by libcurl, which was already a dependency so it didn't cost anything to use. This reduced the Citadel Server by thousands of LoC and removed two other external dependencies.

Right now, if you are using a smart-host for outbound mail, you can specify that smart-host as "smtps://username:password@smtp.domain.com" (for example) and it will do exactly what it looks like it ought to do.

What it does *not* yet do, is try SMTPS for every outbound connection when it is delivering directly to the destination. Based on a quick read of the code, I'm thinking that if we modified getmx() to return all of the MX records prefixed by "smtps://"
followed by all of the same MX records prefixed by "smtp://" it would probably produce the desired result.

I'm a little strapped for time right now, but if you have the ability to build from git-master and operate a test system, this could be another thing we can do with a hidden configuration option? (The more I think about this methodology, the more I like it ... it's a good way to engage the community of Citadel site operators to help with testing.)

[#] Wed Jul 12 2017 17:10:06 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]

Ok, forget all that stuff I said about smtps:// and smtp://

https://curl.haxx.se/libcurl/c/CURLOPT_USE_SSL.html ]

It turns out there's a libcurl option we can set with one line of code to tell it to attempt STARTTLS if the other end offers it.  It's yet another example of why it was such a big win to let libcurl do all of the heavy lifting on these things.

So the offer stands -- if you have the ability to test it, I'll put it in as an unsupported and hidden configuration option.



[#] Wed Jul 12 2017 19:00:11 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]

The option is called "c_smtpclient_try_starttls" and is available in git-master starting now. It will be included (but not documented or supported yet) in the next release. Set this option to 1 to get it to try STARTTLS on outbound SMTP connections, when available.

[#] Wed Jul 12 2017 21:16:41 EDT from bennabiy @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]

I agree. You know I do not mind testing, but this is a use case I cannot test on because all my mail through citadel is strictly internal. If I do get opportunity, I will let you know :)

Wed Jul 12 2017 04:24:53 PM EDT from IGnatius T Foobar @ Uncensored Subject: Re: TLS Encryption
Ah yes ... that :)

Something very relevant has happened between then and now. All outbound protocol handling is now performed by libcurl, which was already a dependency so it didn't cost anything to use. This reduced the Citadel Server by thousands of LoC and removed two other external dependencies.

Right now, if you are using a smart-host for outbound mail, you can specify that smart-host as "smtps://username:password@smtp.domain.com" (for example) and it will do exactly what it looks like it ought to do.

What it does *not* yet do, is try SMTPS for every outbound connection when it is delivering directly to the destination. Based on a quick read of the code, I'm thinking that if we modified getmx() to return all of the MX records prefixed by "smtps://"
followed by all of the same MX records prefixed by "smtp://" it would probably produce the desired result.

I'm a little strapped for time right now, but if you have the ability to build from git-master and operate a test system, this could be another thing we can do with a hidden configuration option? (The more I think about this methodology, the more I like it ... it's a good way to engage the community of Citadel site operators to help with testing.)

 



[#] Wed Jul 12 2017 21:27:00 EDT from bennabiy @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]

That is great news. 

 

For those who are willing to try this, and not sure how to go about setting undocumented options (in easy install):

/usr/local/citadel/sendcommand "CONF PUTVAL|c_smtpclient_try_starttls|1"

where the c_smtpclient_try_starttls would be replaced with whatever option (documented or undocumented) and the next value after the | is the intended state.

A list of documented options (which most also have a GUI place to set them as well) is found at:

http://www.citadel.org/doku.php/documentation:appproto:system_config#confgetorsetglobalconfigurationoptions

with a summary of what I just said above at: 

http://www.citadel.org/doku.php/faq:systemadmin:edit_config_the_hard_way

The option is called "c_smtpclient_try_starttls" and is available in git-master starting now. It will be included (but not documented or supported yet) in the next release. Set this option to 1 to get it to try STARTTLS on outbound SMTP connections, when available.

 



[#] Wed Jul 12 2017 22:22:49 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: TLS Encryption

[Reply] [ReplyQuoted] [Headers] [Print]


Good tip. :)

Configuration options can also be set using ctdlsh, if you have it.


[#] Thu Jul 13 2017 10:48:42 EDT from athos-mn @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I'll probably give it a go once it hits the queasy install - but I wouldn't be a good tester at this stage. Thanks for working on it, though!



[#] Fri Jul 14 2017 04:15:40 EDT from janik @ Uncensored

Subject: Re: send Emails error 551 relaying denied

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Jul 10 2017 21:13:12 EDT from IGnatius T Foobar @ Uncensored
i can send emails but not receive. error is 551 relaying denied..

what could i do?

First make sure it's actually Citadel that's listening on port 25 of your server. Telnet to port 25, and you should see something like

220 uncensored.citadel.org ESMTP Citadel server ready.

If it doesn't say "Citadel" somewhere in the greeting, you have another mail server running, and it needs to be shut off.

Hi IGnatius,

 

I've tested this several times and it shows Citadel. Also sending mails via telnet is ok.

So Citadel is the only application on my port 25 :(

 

Do you have any further steps for me ? :)

 

Thanks!



[#] Fri Jul 14 2017 08:45:33 EDT from bennabiy @ Uncensored

Subject: Re: send Emails error 551 relaying denied

[Reply] [ReplyQuoted] [Headers] [Print]

Check to make sure you have proper MX records at the DNS level, and that you have properly set the domains to which citadel should be the recipient...  

Fri Jul 14 2017 04:15:40 AM EDT from janik @ Uncensored Subject: Re: send Emails error 551 relaying denied

 

Mon Jul 10 2017 21:13:12 EDT from IGnatius T Foobar @ Uncensored
i can send emails but not receive. error is 551 relaying denied..

what could i do?

First make sure it's actually Citadel that's listening on port 25 of your server. Telnet to port 25, and you should see something like

220 uncensored.citadel.org ESMTP Citadel server ready.

If it doesn't say "Citadel" somewhere in the greeting, you have another mail server running, and it needs to be shut off.

Hi IGnatius,

 

I've tested this several times and it shows Citadel. Also sending mails via telnet is ok.

So Citadel is the only application on my port 25 :(

 

Do you have any further steps for me ? :)

 

Thanks!



 



[#] Fri Jul 14 2017 09:21:26 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: send Emails error 551 relaying denied

[Reply] [ReplyQuoted] [Headers] [Print]

Do you have your domain names set properly in the system configuration?



[#] Sun Jul 16 2017 01:09:02 EDT from janik @ Uncensored

Subject: Re: send Emails error 551 relaying denied

[Reply] [ReplyQuoted] [Headers] [Print]

 

Fri Jul 14 2017 09:21:26 EDT from IGnatius T Foobar @ Uncensored Subject: Re: send Emails error 551 relaying denied

Do you have your domain names set properly in the system configuration?



I'm sorry to say, I hat a little spelling mistake in my "local-host-names" file *embarrassing* ..

 

Sorry for wasting time and Thanks for helping! :)



[#] Sun Jul 16 2017 09:18:20 EDT from bennabiy @ Uncensored

Subject: Re: send Emails error 551 relaying denied

[Reply] [ReplyQuoted] [Headers] [Print]

As long as you got it fixed, it was not a waste of time... Now if you found the mistake and didn't do anything, that would be a waste.

Sun Jul 16 2017 01:09:02 AM EDT from janik @ Uncensored Subject: Re: send Emails error 551 relaying denied

 

Fri Jul 14 2017 09:21:26 EDT from IGnatius T Foobar @ Uncensored Subject: Re: send Emails error 551 relaying denied

Do you have your domain names set properly in the system configuration?



I'm sorry to say, I hat a little spelling mistake in my "local-host-names" file *embarrassing* ..

 

Sorry for wasting time and Thanks for helping! :)



 



[#] Sun Jul 16 2017 14:20:00 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: send Emails error 551 relaying denied

[Reply] [ReplyQuoted] [Headers] [Print]

We're happy to help you find the right place to troubleshoot. Thanks for reporting the fix.

[#] Sun Jul 16 2017 18:00:37 EDT from Harold Feit @ Uncensored

Subject: Problems after changing some server config

[Reply] [ReplyQuoted] [Headers] [Print]

After changing some server configuration, I now get

citserver[10115]: configuration setting c_port_number is not -1 (disabled) or a valid TCP-Port - check your config! Default setting is: 504

whenever I start the server.

I did not intentionally change whatever setting it was that broke.



[#] Sun Jul 16 2017 21:29:47 EDT from Harold Feit @ Uncensored

Subject: Re: Problems after changing some server config

[Reply] [ReplyQuoted] [Headers] [Print]

re-ran the setup bin to reconfigure, somehow the service port ends up being changed to 0.

Sun Jul 16 2017 18:00:37 EDT from Harold Feit @ Uncensored Subject: Problems after changing some server config

After changing some server configuration, I now get

citserver[10115]: configuration setting c_port_number is not -1 (disabled) or a valid TCP-Port - check your config! Default setting is: 504

whenever I start the server.

I did not intentionally change whatever setting it was that broke.



 



[#] Mon Jul 17 2017 09:40:51 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: Problems after changing some server config

[Reply] [ReplyQuoted] [Headers] [Print]

What version of Citadel Server are you running?  That is a known issue we fixed some time ago.



[#] Mon Jul 17 2017 12:34:47 EDT from warbaby @ Uncensored

Subject: Fix automatically appearring (null) room in Main Floor

[Reply] [ReplyQuoted] [Headers] [Print]

Administration -> Edit Site-Wide Configuration -> Access

"Name of room to log pages"  [(null)]

Change to "Aide", Save. Delete the floor named "(null)"  It should stay gone now. 

Also clarifying this mystery folder is not related to security as was previously imagined. 

 

 

 



[#] Thu Jul 20 2017 06:48:48 EDT from wylekyote @ Uncensored

Subject: DB errror after migration

[Reply] [ReplyQuoted] [Headers] [Print]

I'm needing to migrate my citadel instance from one server to another.

performed an easy-install on the target system

used ./ctdlmigrate   to bring all the data across

 

wait 2 days without email while things oooze across the net -- (Why doesn't ctdlmigrate invoke ssh -C? ) anyway ...

 

after migration  start websit and try to log in as the admin using the migrated credentials

 

citserver segment faults

 

 

restarting citserver results in

root@debian# /usr/local/citadel/citserver
citserver[22990]: 
citserver[22990]: 
citserver[22990]: *** Citadel server engine ***
citserver[22990]: Version 911 (build 3f857d7) ***
citserver[22990]: Copyright (C) 1987-2017 by the Citadel development team.
citserver[22990]: This program is distributed under the terms of the GNU General Public License.
citserver[22990]: 
citserver[22990]: libcitadel(unnumbered)
citserver[22990]: main: creating lockfile
citserver[22990]: master_startup() started
citserver[22990]: Checking directory access
citserver[22990]: Opening databases
citserver[22990]: db: open_databases() starting
citserver[22990]: db: Compiled libdb: Berkeley DB 5.1.29: (October 25, 2011)
citserver[22990]: db:   Linked libdb: Berkeley DB 5.1.29: (October 25, 2011)
citserver[22990]: db:    Linked zlib: 1.2.8
citserver[22990]: db: Setting up DB environment
citserver[22990]: db: dbenv->open(dbenv, /usr/local/citadel/data/, 19091, 0)
citserver[22990]: db: Finding last valid log LSN: file: 1676 offset 863747
citserver[22990]: db: Recovery starting from [1676][862449]
citserver[22990]: db: Recovery complete at Thu Jul 20 09:56:22 2017
citserver[22990]: db: Maximum transaction ID 80000040 Recovery checkpoint [1676][863747]
citserver[22990]: db: mounting databases
citserver[22990]: Initializing configuration system
citserver[22990]: config: setting c_default_cal_zone is empty, but must not - check your config!
citserver[22990]: housekeeping: checking floor reference counts
citserver[22990]: housekeeping: floor 0 has 307 rooms
citserver[22990]: housekeeping: floor 1 has 0 rooms
citserver[22990]: housekeeping: floor 2 has 0 rooms
citserver[22990]: housekeeping: floor 3 has 0 rooms
citserver[22990]: housekeeping: floor 4 has 0 rooms
citserver[22990]: housekeeping: floor 5 has 0 rooms
citserver[22990]: housekeeping: floor 6 has 0 rooms
citserver[22990]: housekeeping: floor 7 has 0 rooms
citserver[22990]: housekeeping: floor 8 has 0 rooms
citserver[22990]: housekeeping: floor 9 has 0 rooms
citserver[22990]: housekeeping: floor 10 has 0 rooms
citserver[22990]: housekeeping: floor 11 has 0 rooms
citserver[22990]: housekeeping: floor 12 has 0 rooms
citserver[22990]: housekeeping: floor 13 has 0 rooms
citserver[22990]: housekeeping: floor 14 has 0 rooms
citserver[22990]: housekeeping: floor 15 has 0 rooms
citserver[22990]: Creating base rooms (if necessary)
citserver[22990]: room_ops: CtdlCreateRoom(name=Lobby, type=0, view=0)
citserver[22990]: room_ops: cannot create room <Lobby> - already exists
citserver[22990]: room_ops: CtdlCreateRoom(name=Aide, type=3, view=0)
citserver[22990]: room_ops: cannot create room <Aide> - already exists
citserver[22990]: room_ops: CtdlCreateRoom(name=Local System Configuration, type=3, view=0)
citserver[22990]: room_ops: cannot create room <Local System Configuration> - already exists
citserver[22990]: room_ops: CtdlCreateRoom(name=Trashcan, type=0, view=0)
citserver[22990]: room_ops: cannot create room <Trashcan> - already exists
citserver[22990]: Seeding the pseudo-random number generator...
citserver[22990]: master_startup() finished
citserver[22990]: control: sanity checking the recorded highest message, user, and room numbers
citserver[22990]: db: cursor still in progress on cdb 02: attempt to write during r/o cursor
citserver[22990]: db: citserver is stopping in order to prevent data loss. uid=0 gid=0 euid=0 egid=0

db_verify thinks all is well

 

Verification of cdb.00 succeeded.
Verification of cdb.01 succeeded.
Verification of cdb.02 succeeded.
Verification of cdb.03 succeeded.
Verification of cdb.04 succeeded.
Verification of cdb.05 succeeded.
Verification of cdb.06 succeeded.
Verification of cdb.07 succeeded.
Verification of cdb.08 succeeded.
Verification of cdb.09 succeeded.
Verification of cdb.0a succeeded.
Verification of cdb.0b succeeded.
Verification of cdb.0c succeeded.
Verification of cdb.0d succeeded.

 

db_recover -c  makes no changes

 

replacing cdb.02 from a backup doesn't help ..  it causes the same error

 

 

 

 



[#] Thu Jul 20 2017 11:19:53 EDT from Christian.Commarmond @ Uncensored

Subject: Big number of messages...

[Reply] [ReplyQuoted] [Headers] [Print]

Hi,

 

Follow up on this subject:

With nearly 300000 messages in a room, I get "Failure: [object Object]" error when I try to open the room. And then, the loading of the messaes seems to take forever. The room with 66000 messages works well.

What can I do?

 

regards,

Christian COMMARMOND

 

 

 

Mon Jul 03 2017 06:28:05 EDT from Christian.Commarmond @ Uncensored Subject: Big number of messages...

Hi,

I installed Citadel and try to synch with my 1,500,000 messages gmail account. (OK, I receive more than 2000 per day, mostly automatized reports).

I try to do the synch with imapsync. It is super slow. I will try soon to do the initial loading from thunderbird.

 

My concern is that, when I go in a folder which contains nearly 200,000 messages, I get the good number at top of screen, but I can only see around 32000 messages (I guess, because I see only to 19th of may 2015). And worse, only the olders...

 

Questions:

Is this normal? Can I override this? Can I get to see the newest messages?

 

Thank you for your help.

 

Christian

 

 



 



Go to page: First ... 18 19 20 21 [22] 23 24 25 26 ... Last