Language:
switch to room list switch to menu My folders
Go to page: 1 [2] 3 4 5 6 ... Last
[#] Fri Jul 27 2018 18:31:26 EDT from jmh @ Uncensored

Subject: Support

[Reply] [ReplyQuoted] [Headers] [Print]

Hey there. Been playing around with Citadel on my Rpi, just seeing if I can set up a nice simple privatebbs.

I've run into a snag I think I resolved, just putting this here in case something might need to be looked into... but it seems that when you do the easy install with only the dependencies listed on the easy install page for a debian like system, it results in an inaccessible, broken webcit. The final page of the setup screen fails to populate the url fields and the webcit page results in nothing but browser errors. Watching console gave me truncated lines of a login issue before giving the useragent.

I previously had tried using the version in the repos, had issues with that too but I made note of what packages were also going to be installed (along with suggested packages)... and installed all of those packages (except the citadel specific ones) before doing the easy install on a fresh Raspbian system. Then it works. Was able to duplicate the necessity of doing this twice.

When I get another Pi board to play with I'll document this fully if I can duplicate how everything went. All in all I ended up having to redo the easy install about 5 times before I found a way to make it stick.

 

Now for the actual support part.

Are doors supported? I see the command for it in the 'h'elp menu but unable to find a way to actually configure a room to be a door. Documentation online doesn't mention doors, either, as far as I've been able to find.

And can that 'h'elp page and non-expert prompt be edited? I notice that upon editing citadel.rc that you change the dot menu, but not the main help menu. I disabled floors and reassigned the < > keys to go prev/next room and would like the 'h'elp page to reflect that.

 

Thanks.



[#] Fri Jul 27 2018 18:39:50 EDT from "jake" <jake@aCe-Clan.org> to room_Citadel_Support@citadel.org

Subject: Re: [Citadel Support] Re: Gmail says that E-Mails from my Site arenot encrypted. Even thoughthey should be.

[Reply] [ReplyQuoted] [Headers] [Print]

Good Morining,

I have experimented a bit and I found that the servers respond to the
EHLO command does not include 250-STARTTLS on port 25.
Which, if I am not wrong, is correct as far as the standards are
concerned, because port 587 should be used and is correctly used for that.
BUT after doing the same test on smtp.gmail.com port 25, I noticed that
they seem to include STARTTLS encryption on port 25.

EHLO on my Server (port 25):

# netcat 127.0.0.1 25
220 aCe-Clan.org ESMTP Citadel server ready.
EHLO 127.0.0.1
250-Hello 127.0.0.1 (localhost.localdomain [127.0.0.1])
250-HELP
250-SIZE 10485760
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME

(Same result when testing from a non localhost pc.)

EHLO on my Server (port 587) (contains 250-STARTTLS):

# netcat 127.0.0.1 587
220 aCe-Clan.org ESMTP Citadel server ready.
EHLO 127.0.0.1
250-Hello 127.0.0.1 (localhost.localdomain [127.0.0.1])
250-HELP
250-SIZE 10485760
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME

Here is the same test with smtp.gmail.com (port 25)(Notice the responds
contains 250-STARTTLS):
# netcat smtp.gmail.com 25
220 smtp.gmail.com ESMTP c15-v6sm3622131wmb.2 - gsmtp
EHLO aCe-Clan.org
250-smtp.gmail.com at your service, [84.200.24.47]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8


./sendcommand 'conf putval|c_smtpclient_try_starttls|1'

These tests were performed after using this command.

I guess that a fix might be to also enable encryption on port 25. But,
as I am not an expert in SMTP, this is just a wild guess.

After looking into the code a bit I found that this was already
something that was thought about.


modules/smtp/serv_smtp.c:
[...]
#ifdef HAVE_OPENSSL
/*
* Offer TLS, but only if TLS is not already active.
* Furthermore, only offer TLS when running on
* the SMTP-MSA port, not on the SMTP-MTA port, due to
* questionable reliability of TLS in certain sending
MTA's.
*/
if ( (!CCC->redirect_ssl) && (sSMTP->is_msa) ) {
cprintf("250-STARTTLS\r\n");
}
#endif /* HAVE_OPENSSL */
[...]

I would like to know what this "questionable reliability" is, because it
seems like other smtp servers are doing exactly this.
Also with c_smtpclient_try_starttls(CURLUSESSL_TRY) enabled, the
encryption would just be used if the other server supports it, thus
there shouldn't be any "questionable reliability [issues] of TLS in
certain sending MTA's".

If I am correct, one could easily patch this by doing this change in
modules/smtp/serv_smtp.c:
-- if ( (!CCC->redirect_ssl) && (sSMTP->is_msa) ) {
++ if ( (!CCC->redirect_ssl) && ( (sSMTP->is_msa) || ( (sSMTP->is_mta)
&& CtdlGetConfigInt("c_smtp_mta_starttls") != 0 ) ) ) {

This patch would require a new config option c_smtp_mta_starttls to be
applied.

But I didn't look really further into the code thus I am not sure if
there might be some unforeseen consequences or bugs with that.

Maybe some dev can implement and test this.

TL;DR: Maybe fixable by enabling STARTTLS encryption on port 25(MTA).

Sincerely,
Jake

PS.: If you could see it, hope you enjoyed the bloodmoon today.


On 07/27/2018 05:25 PM, IGnatius T Foobar wrote:
I am rather sure I just have to configure Citadel to enforce Encryption

but I don't know where/how I can do that. I haven't found anything
useful in the FAQ, docs, webinterface, or through online searches.

As others have pointed out, you have to enable encryption on *outbound* SMTP
connections.

Fortunately, there is an undocumented option to enable this. Change to your
Citadel Server directory (/usr/local/citadel if using the Easy Install distribution)
and enter the following command:

./sendcommand 'conf putval|c_smtpclient_try_starttls|1'

With this option enabled, outbound SMTP connections will use encryption if
it is offered by the receiving server.

I'd like to ask you for some help please. Anyone who turns this option on,
please provide feedback regarding whether it works well or if there are side
effects. I think it's safe to use this everywhere now but I'd like to be
100% sure about it before we make this the default behavior.

[#] Fri Jul 27 2018 18:55:10 EDT from "s3cr3to" <s3cr3to@uncensored.citadel.org> to undisclosed-recipients: ;

Subject: Re: Gmail says that E-Mails from my Site are not encrypted. Eventhoughthey should be.

[Reply] [ReplyQuoted] [Headers] [Print]

Hi IGnatius/Art

Using Citadel 8.17
Installed using the DEBs; located in /usr/sbin/sendcommand

Some related questions:
* How can I read the current value of that option?
* To rollback the value is with:
sendcommand 'conf putval|c_smtpclient_try_starttls|0'



On 07/27/2018 09:25 AM, IGnatius T Foobar wrote:
I am rather sure I just have to configure Citadel to enforce Encryption

but I don't know where/how I can do that. I haven't found anything
useful in the FAQ, docs, webinterface, or through online searches.

As others have pointed out, you have to enable encryption on *outbound* SMTP
connections.

Fortunately, there is an undocumented option to enable this. Change to your
Citadel Server directory (/usr/local/citadel if using the Easy Install distribution)
and enter the following command:

./sendcommand 'conf putval|c_smtpclient_try_starttls|1'

With this option enabled, outbound SMTP connections will use encryption if
it is offered by the receiving server.

I'd like to ask you for some help please. Anyone who turns this option on,
please provide feedback regarding whether it works well or if there are side
effects. I think it's safe to use this everywhere now but I'd like to be
100% sure about it before we make this the default behavior.

[#] Fri Jul 27 2018 19:05:40 EDT from "jake" <jake@aCe-Clan.org> to room_Citadel_Support@citadel.org

Subject: Re: [Citadel Support] Re: Gmail says that E-Mails from my Site arenot encrypted. Eventhoughthey should be.

[Reply] [ReplyQuoted] [Headers] [Print]

Hello,


On 07/28/2018 12:55 AM, s3cr3to wrote:
* How can I read the current value of that option?

You can use getval to get the current value of an option.
./sendcommand 'conf getval|c_smtpclient_try_starttls'

Or you can use listval to see the complete config.
./sendcommand 'conf listval'

On 07/28/2018 12:55 AM, s3cr3to wrote:
* To rollback the value is with:
sendcommand 'conf putval|c_smtpclient_try_starttls|0'

Yes.


Further info:
http://www.citadel.org/doku.php?id=documentation:appproto:system_config

Sincerely,
Jake

On 07/28/2018 12:55 AM, s3cr3to wrote:


Hi IGnatius/Art

Using Citadel 8.17
Installed using the DEBs; located in /usr/sbin/sendcommand

Some related questions:
* How can I read the current value of that option?
* To rollback the value is with:
  sendcommand 'conf putval|c_smtpclient_try_starttls|0'



On 07/27/2018 09:25 AM, IGnatius T Foobar wrote:
  >I am rather sure I just have to configure Citadel to enforce
Encryption
  >but I don't know where/how I can do that. I haven't found anything
  >useful in the FAQ, docs, webinterface, or through online searches.
  As others have pointed out, you have to enable encryption on
*outbound* SMTP
connections.
  Fortunately, there is an undocumented option to enable this.  Change
to your
Citadel Server directory (/usr/local/citadel if using the Easy Install
distribution)
and enter the following command:
  ./sendcommand 'conf putval|c_smtpclient_try_starttls|1'
  With this option enabled, outbound SMTP connections will use
encryption if
it is offered by the receiving server.
  I'd like to ask you for some help please.  Anyone who turns this
option on,
please provide feedback regarding whether it works well or if there
are side
effects.  I think it's safe to use this everywhere now but I'd like to be
100% sure about it before we make this the default behavior.

[#] Sat Jul 28 2018 10:29:12 EDT from iMav @ Uncensored

Subject: Re: Outbound email issue and webcit shutdown/startup issue...

[Reply] [ReplyQuoted] [Headers] [Print]

So, no one has a clue???



[#] Mon Jul 30 2018 04:23:06 EDT from anwoke8204 @ Uncensored

Subject: no login page after install

[Reply] [ReplyQuoted] [Headers] [Print]

Hi I am trying to install Citadel on Centos 7.  I ran through the install, but then when it says to browse to my server to get to the login page, nothing comes up.  I have restarted Webcit, as well as tried changing the port it was running on to see if I was conflicting with apache(not installed, this is a fresh centos install) or something.



[#] Mon Jul 30 2018 16:05:25 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: Gmail says that E-Mails from my Site are not encrypted. Even thoughthey should be.

[Reply] [ReplyQuoted] [Headers] [Print]


A clarification:

The option to encrypt outbound SMTP appeared in Citadel Server version 912.

If you are running an older version of the server, no amount of tweaking will enable this behavior.

Encrypted outbound SMTP will become the default behavior in version 922.

[#] Mon Jul 30 2018 16:06:48 EDT from Zoaky @ Uncensored

Subject: Citadel on Raspberry Pi

[Reply] [ReplyQuoted] [Headers] [Print]

Hello

Has anybody managed to get a fully working install of Citadel on a Raspberry Pi 3+ running Rasbian Stretch? I can get as far as logging in, setting up accounts etc and adding domains in the Domain names and Internet mail configuration section. but there seems to be no way of selecting a preferred email address. The field is blank.

The install is quite messy:

  1. Update the Pi's OS
  2. sudo apt-get install citadel-suite (which fails due to configuration setting c_default_cal_zone is empty, but must not - check your config! error msg)
  3. Enter sudo sendcommand conf listval
  4. Enter sudo sendcommand "CONF PUTVAL|c_default_cal_zone|Europe/London" (in my case)
  5. Reboot
  6. Login
  7. Tried re-running setup again and it just hangs
  8. Reboot
  9. Login
  10. Enter sudo apt-get install build-essential curl g++ gettext shared-mime-info libssl-dev zlib1g-dev
  11. sudo -i
  12. cd /opt
  13. Then run Easy Install the normal way: curl http://easyinstall.citadel.org/install | bash
  14. Setup will complete and ask you to configure the server settings
  15. Login via the web interface


That's as far as I can get

I know this is far from ideal but its the only way I've found

Anybody got any ideas?

P.S apologies if I've managed to post this twice



[#] Mon Jul 30 2018 16:09:04 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: [Citadel Support] Re: Gmail says that E-Mails from my Site arenot encrypted. Even thoughthey should be.

[Reply] [ReplyQuoted] [Headers] [Print]

But I didn't look really further into the code thus I am not sure if
there might be some unforeseen consequences or bugs with that.

The reason we don't offer STARTTLS on inbound SMTP by default is because the default out-of-the-box deployment creates a self-signed certificate, and there are a lot of SMTP agents out there that will refuse to deliver mail to a server that presents an invalid certificate. Better to just do unencrypted SMTP and let the mail go through.

Yes, it would make sense to have options available to tweak this behavior.
No, I don't have the time to work on this right now. But we would be grateful to accept a patch.

[#] Tue Jul 31 2018 04:58:44 EDT from jmh @ Uncensored

Subject: Re: no login page after install

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Jul 30 2018 04:23:06 EDT from anwoke8204 @ Uncensored Subject: no login page after install

Hi I am trying to install Citadel on Centos 7.  I ran through the install, but then when it says to browse to my server to get to the login page, nothing comes up.  I have restarted Webcit, as well as tried changing the port it was running on to see if I was conflicting with apache(not installed, this is a fresh centos install) or something.



This was the exact issue I ran into that I described in my post above.

Check through your repos to see what suggested/also installed packages come up when you attempt to install from there.

In my case, in Debian (and also Raspbian):

  • Suggested packages:   apache2 apache2 | lighttpd | httpd
  • Recommended packages:   db4.6-util
  • The following NEW packages will be installed: citadel-client citadel-server citadel-suite citadel-webcit javascript-common libcitadel4 libjs-prototype libjs-scriptaculous libmarkdown2 libsieve2-1 tinymce
Ignore the duplicate http servers and citadel named packages, install everything else.
 
I installed the following: apache2, db4.6-util, javascript-common, libjs-prototype, libjs-scriptaculous, libmarkdown2, libsieve2-1, tinymce
 
I also installed libdb-dev (berkeley db)
 
THEN went through the easy install steps by installing: build-essential, curl, g++, gettext, shared-mime-info, libssl-dev, zlib1g-dev
 
And only after then did I run the easy installer script, be sure to run it as root (sudo su) and not as a root command (sudo curl...)
 
And then when I went through the setup questions, ensure that the account the citadel service is to run on already exists. If it doesn't (and you choose something other than root), you'll likely run into issues.
 
Doing everything I laid out here was the only way I could get the easy installer script to quit with a URL string that was correct and working.
 
Surprised nobody has bothered to answer two simple questions. Doors and where to edit the 'H'elp menu text.


[#] Tue Jul 31 2018 10:39:32 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: no login page after install

[Reply] [ReplyQuoted] [Headers] [Print]

Surprised nobody has bothered to answer two simple questions. Doors
and where to edit the 'H'elp menu text.

* Support for external programs ("doors") was removed from the system some number of years ago, since the vast majority of sites no longer use the software in that way ... user reach would be a problem

* The help menu text is embedded into "commands.c". Until recently we fetched that text from the server, but it made more sense to put something that specific to the text client *into* the text client.

[#] Wed Aug 01 2018 12:09:23 EDT from "s3cr3to" <s3cr3to@uncensored.citadel.org> to room_Citadel_Support@citadel.org

Subject: Re: [Citadel Support] Re: Gmail says that E-Mails from my Site arenotencrypted. Eventhoughthey should be.

[Reply] [ReplyQuoted] [Headers] [Print]

Thank you Jake.

My Citadel version 8.17 doesn't support that command/options, anyway I'm
looking forward to setup a new Citadel server; hopefully after September.

Art/IGnatius says:
Unfortunately, you do not have this option. It first appeared in
Citadel Server version 912.


# sendcommand 'conf getval|c_smtpclient_try_starttls'
sendcommand: started (pid=22848) connecting to Citadel server at
/var/run/citadel/citadel-admin.socket
200 em Citadel server ADMIN CONNECTION ready.
conf getval|c_smtpclient_try_starttls
512 Illegal option(s) specified.
sendcommand: processing ended.

# sendcommand 'conf listval'
sendcommand: started (pid=22851) connecting to Citadel server at
/var/run/citadel/citadel-admin.socket
200 em Citadel server ADMIN CONNECTION ready.
conf listval
512 Illegal option(s) specified.
sendcommand: processing ended.



On 07/27/2018 05:05 PM, jake wrote:


Hello,


On 07/28/2018 12:55 AM, s3cr3to wrote:
* How can I read the current value of that option?

You can use getval to get the current value of an option.
  ./sendcommand 'conf getval|c_smtpclient_try_starttls'

Or you can use listval to see the complete config.
  ./sendcommand 'conf listval'

On 07/28/2018 12:55 AM, s3cr3to wrote:
* To rollback the value is with:
    sendcommand 'conf putval|c_smtpclient_try_starttls|0'

Yes.


Further info:
http://www.citadel.org/doku.php?id=documentation:appproto:system_config

Sincerely,
    Jake

On 07/28/2018 12:55 AM, s3cr3to wrote:


Hi IGnatius/Art

Using Citadel 8.17
Installed using the DEBs; located in /usr/sbin/sendcommand

Some related questions:
* How can I read the current value of that option?
* To rollback the value is with:
   sendcommand 'conf putval|c_smtpclient_try_starttls|0'



On 07/27/2018 09:25 AM, IGnatius T Foobar wrote:
  >I am rather sure I just have to configure Citadel to enforce
Encryption
  >but I don't know where/how I can do that. I haven't found anything
  >useful in the FAQ, docs, webinterface, or through online searches.
  As others have pointed out, you have to enable encryption on
*outbound* SMTP
connections.
  Fortunately, there is an undocumented option to enable this.
Change to your
Citadel Server directory (/usr/local/citadel if using the Easy
Install distribution)
and enter the following command:
  ./sendcommand 'conf putval|c_smtpclient_try_starttls|1'
  With this option enabled, outbound SMTP connections will use
encryption if
it is offered by the receiving server.
  I'd like to ask you for some help please.  Anyone who turns this
option on,
please provide feedback regarding whether it works well or if there
are side
effects.  I think it's safe to use this everywhere now but I'd like
to be
100% sure about it before we make this the default behavior.

[#] Thu Aug 02 2018 15:55:12 EDT from unquietwiki @ Uncensored

Subject: Let's Encrypt wildcard cert generating connection errors

[Reply] [ReplyQuoted] [Headers] [Print]

Hey all. Wanted to report an issue of some importance.

 

crypto: SSL_accept failed: retval=-1, errval=5, err=error:00000005:lib(0):func(0):DH lib

 

Getting that error when TLS-enabled mail services try to connect to my new install (using a 921 fresh build). 

Cert locations

/etc/letsencrypt/live/DOMAIN/fullchain.pem -> /usr/local/citadel/keys/citadel.cer
/etc/letsencrypt/live/DOMAIN/privkey.pem -> /usr/local/citadel/keys/citadel.key

Relevant instructions

https://community.letsencrypt.org/t/getting-wildcard-certificates-with-certbot/56285
http://www.citadel.org/doku.php?id=faq:systemadmin:how_to_install_a_certificate_signed_by_a_recognized_certificate_authority

 



[#] Thu Aug 02 2018 19:53:51 EDT from iMav @ Uncensored

Subject: Re: Outbound email issue and webcit shutdown/startup issue...

[Reply] [ReplyQuoted] [Headers] [Print]

This is frustrating as there seems to be know support information "out there".  

I used the installation script on a brand new Ubuntu server build.  If anyone would be willing to point me to a fail-safe walkthrough document for a new install, I'd be willing to rebuild...just need to back up my Unifi controller config.

As I mentioned before, I have run a Citadel node before (SEVERAL years ago).  The install was straight forward and I had ZERO issues.  I am at a loss as to why my vanilla install on a fresh Ubuntu server is having these issues...



[#] Fri Aug 03 2018 02:10:47 EDT from iMav @ Uncensored

Subject: Re: Outbound email issue and webcit shutdown/startup issue...

[Reply] [ReplyQuoted] [Headers] [Print]

I've resolved all the issues.  I am now cooking with grease.  LOL



[#] Fri Aug 03 2018 04:58:58 EDT from maxzilla @ Uncensored

Subject: Urgent free space problem

[Reply] [ReplyQuoted] [Headers] [Print]

Hi guys,
We use the Citadel in our company.
There are ~50 users on the server, the mail traffic is quite heavy because of large messages with attachments.
The size of Citadel partition is 180Gb, and we are running out of space on this partition.
We started cleaning process when there were about 8Gb of free space (4-5 weeks ago).
I am pretty sure a lot of space should be free at the moment, we have deleted all unused accounts and cleaned all other account. In fact, there wee lots of Sent item folders with >15000 messages and now all of them have been cleaned.
The empty space is still decreasing, the process is quite stable. Now we have less than 3Gb left.
We have added all the available server free space to Citadel LVM partition, so no more options to get free space are left.
And I am pretty sure there has to be a lot of free space in the internal Citadel database.
I am pretty sure that real life process is not as it described in FAQ section Why doesn't deleting messages free up disk space: "When messages or other data are removed from the store, that spaceis made available for other data".

We run Centos 6 and the last Citadel v.8.24 from the repository.


Please, advise.

Thanks!



[#] Fri Aug 03 2018 09:03:53 EDT from iMav @ Uncensored

Subject: Mailing list help

[Reply] [ReplyQuoted] [Headers] [Print]

Ok.  Now trying to set up a room to act like a mailing list.  I want to add external email addresses (not members of the community) and also use an alternative address (not "room_*").

From a configuration standpoint, it seems I have it figured out...but it does not act as expected.  I can only get citadel to accept emails to the room if I use the "room_*" format...and then, the message only goes to the room...not forwarded on to subscribers.  And, even though I set up the alternate email address in the mailing list config, Citadel will not accept the email to that address ("address not found").

Any help would be appreciated!!



[#] Fri Aug 03 2018 09:18:57 EDT from iMav @ Uncensored

Subject: Re: Mailing list help

[Reply] [ReplyQuoted] [Headers] [Print]

If I can get mailing list functionality and email forwards working (without having to have those folks as users), then Citadel is definitely here to stay.



[#] Fri Aug 03 2018 16:05:43 EDT from IGnatius T Foobar @ Uncensored

Subject: Re: Mailing list help

[Reply] [ReplyQuoted] [Headers] [Print]

We've been using it that way for years. What part of it isn't working for you?

[#] Fri Aug 03 2018 16:38:34 EDT from iMav @ Uncensored

Subject: Re: Mailing list help

[Reply] [ReplyQuoted] [Headers] [Print]

 

Fri Aug 03 2018 16:05:43 EDT from IGnatius T Foobar @ Uncensored Subject: Re: Mailing list help
We've been using it that way for years. What part of it isn't working for you?

The room will not forward on to subscribers.  And, ALSO, it will not accept email to the alternate email address.



Go to page: 1 [2] 3 4 5 6 ... Last