Created a Floor and room for users to share emails for accounts receivables. Have it set to allow users to be able to delete and when checking permissions, they have everything except delete. The only user with delete is the roomaide.  The room is set public and all users allowed to post can delete. So at the moment the other users can not delete them.

There are sub rooms and folders and they all have the same permissions and no way to delete except the roomaide s able too.

Anyone have any idea?

Hi everyone,

For about a month I am playing around with Citadel trying to setup fast and reliable mail server. Was even changing provider that agrees to make a PTR record for me, to make it googlesafe).

Meanwhile I am straggling with configuration of DKIM on Citadel. Although it looks quite simple to me to add the public key to the header of the outgoing mail. The only instruction I found in documentation is to use postfix or provider's smtp relay and DKIMproxy as smarthost. This solution looks like a workaround in my current setup, I also think that the article dated 2008 might be not super actual, as nowadays without DKIM it is useless to have a SMTP server. I believe it is possible to set it up somewhere, but I just didn't find where. If anyone can give me a hint on this matter will be very much appreciated.

Hi Guys!

I’ve been trying out Citadel on Debian Buster and seems like a great piece of software, however, I have one little issue and I was hoping if someone could help out.

During the ‘Restart Now‘ cycle via the web, the IMAP, SMTP and other related services do not come back online. And I receive the following error via the terminal.

 citserver[465]: extensions: Citadel had trouble on starting up. We couldn't bind all ports you configured to be provided by Citadel Server.#012 This means, Citadel won't be the service provider for a specific service you configured it to.#012#012If you don't want Citadel to provide these services, turn them off in WebCit via: "Admin->System Preferences->Network".#012#012The failed ports and sockets are: extensions: TCP port *:504: (citadel-TCP) ;extensions: TCP port *:993: (IMAPS) ;extensions: TCP port *:465: (SMTPs-MTA) #012#012If you want Citadel to provide you with that functionality, check the output of "netstat -lnp" on Linux, or "netstat -na" on BSD and disable the program that binds these ports.#012#012#012To make both ways actualy take place restart the citserver with "sendcommand down"#012#012The errors returned by the system were:#012failed; failed; failed#012#012You can recheck the above if you follow this faq item:#012http://www.citadel.org/doku.php?id=faq:mastering_your_os:net#netstat

Broadcast message from systemd-journald@nyc-us-mail01 (Sun 2020-03-01 00:04:51 UTC):

citserver[465]: extensions: Citadel had trouble on starting up. We couldn't bind all ports you configured to be provided by Citadel Server.

 This means, Citadel won't be the service provider for a specific service you configured it to.

If you don't want Citadel to provide these services, turn them off in WebCit via: "Admin->System Preferences->Network".

The failed ports and sockets are: extensions: TCP port *:504: (citadel-TCP) ;extensions: TCP port *:993: (IMAPS) ;extensions: TCP port *:465: (SMTPs-MTA) 

If you want Citadel to provide you with that functionality, check the output of "netstat -lnp" on Linux, or "netstat -na" on BSD and disable the program that binds these ports.

To make both ways actualy take place restart the citserver with "sendcommand down"

The errors returned by the system were:

failed; failed; failed

You can recheck the above if you follow this faq item:

http://www.citadel.org/doku.php?id=faq:mastering_your_os:net#netstat

Message from syslogd@nyc-us-mail01 at Mar  1 00:04:51 ...

 citserver[465]: extensions: Startup Problems

Broadcast message from systemd-journald@nyc-us-mail01 (Sun 2020-03-01 00:04:51 UTC):

citserver[465]: extensions: Startup Problems

root@nyc-us-mail01:~# 

Resolved. Solution is as follows:

$ sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/citadel/citserver

Thanks.

I tried unsubscribing from this list, and I'm still getting e-mails from
it.  Could an admin please unsubscribe me?  Thanks.

Hi everyone,

Here me again quering the community regarding the functionality of DKIM on Citadel. It looks quite simple to me to add the public key to the header of the outgoing mail, however I didn't find any config for is as well as workaround such as outgoing mail filter that allowing scripting.

The only instruction I found in documentation is to use postfix/sendmail or provider's smtp relay and DKIMproxy as smarthost. This however looks very outdated, and I am frankly cannot believe, that DKIM is not supported out of the box, as that it almost a guarantee that all sent emails will land in the recipient spam folder. How do you deal with this situation? Since upon install citmail start to be used instead of the sendmail as standard mta, it is reasonable to assume that there should be similar functionality in regards with DKIM, however I had not much success while looking for the documentation.

Any help on this matter will be very much appreciated.

Hi all,

When I am EHLO the Citadel's 25th port it does not advertise STARTTLS. What is shown when I am doing the same on 587. Other good mail services though advertising STARTTLS also on port 25.

Does anyone has an idea what could be wrong?

https://github.com/copious-world/node-citadel

This is not yet tests. So, I have a slightly older version (a week or two) doing some work on my tiny website.

The current check-in is still full of bugs (as if it was C and was not yet compiled.) But, I thought you might like to know that it is mostly there.

Do you guys know much about ifps?

PLEASE UNSUB ME FROM THIS LIST!!!!

Your unsub form on the website doesnt work so an admin will have to do
it.  My email is gamept@game-point.net

Hey, if I start spamming the list you'll have to ban me, right? If you
don't remove me I'm gonna start fucking spamming, fuckers!!!

Yours truly,
- Piss off

A couple weeks ago, new mail stopped showing up in my webmail. However it is syncing to all devices. I checked my pop settings and it is set to leave messages on the server (and firing up a laptop that had not been on in a while, it got all the new messages as well). Any ideas? I tired restarting the webcit service as well as the whole of the server running citadel.

Fri Feb 14 2020 09:48:35 EST from IGnatius T Foobar @ Uncensored Subject: Re: Webcit - File Uploads Corrupted

Falco: thanks for posting the corrupted version of the upload. We'll have a look at it
!

Found anything yet? As I said it's arm64 (aarch64) on ubuntu (19.10) server (64 bit). It's all running on a raspberry pi 4. if you need any more info please ask.
How about switching to github? It'd make managing issues a lot easier, you get version control and outside people can handle the code easier.
Also how about those tooltips (html title attribute) for those settings and options?

Hello, I installed Citadel using the easyinstall script but now I'm having problems with the ports:
The after installing it the installer gives me this output:

The failed ports and sockets are: extensions: TCP port *:504: (citadel-TCP) ;extensions: TCP port *:143: (IMAP) ;extensions: TCP port *:993: (IMAPS) ;extensions: TCP port *:119: (NNTP) ;extensions: TCP port *:563: (NNTPS) ;extensions: TCP port *:110: (POP3) ;extensions: TCP port *:995: (POP3S) ;extensions: TCP port *:25: (SMTP-MTA) ;extensions: TCP port *:465: (SMTPs-MTA) ;extensions: TCP port *:587: (SMTP-MSA)

but if I try using sudo netstat -lnp | grep <port> I get nothing, so that would mean they aren't used.
Any help?

So I tried doing a search for a sender, and in that view the newer messages were showing, Just not if I do an all messages view sorted by date.

Is there some sort of limit (coded or otherwise) with the number of messages the web view will be able to process and show?

Hello,

I would like to come back to this topic as I'm still facing those issues. I would like to make my citadel be able to establish/answer STARTTLS based connections (submission port 587 AND smtp port 25) using certificates provided by my ISP (Let's encrypt)

I followed the instructions on the documentations page (http://www.citadel.org/doku.php?id=faq:systemadmin:how_to_install_a_certificate_signed_by_a_recognized_certificate_authority) and I copied the key pair (public + private key) into /etc/ssl/citadel and I renamed them to citadel.cer and citadel.key.

After that I restarted the citadel service using sudo service citadel restart.

However, I was able to get unix machine and to try to establish an TLS connection using openssl, where I could clearly see, that the wrong certificate is used

openssl s_client -connect my-ip-address:587 -starttls smtp
CONNECTED(00000003)
depth=0 C = ZZ, ST = The World, L = My Location, O = Generic certificate, OU = Citadel server, CN = *
verify error:num=18:self signed certificate
verify return:1
depth=0 C = ZZ, ST = The World, L = My Location, O = Generic certificate, OU = Citadel server, CN = *
verify return:1
---
Certificate chain
 0 s:/C=ZZ/ST=The World/L=My Location/O=Generic certificate/OU=Citadel server/CN=*
   i:/C=ZZ/ST=The World/L=My Location/O=Generic certificate/OU=Citadel server/CN=*
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDaDCCAlACAQAwDQYJKoZIhvcNAQEEBQAwejELMAkGA1UEBhMCWloxEjAQBgNV
BAgMCVRoZSBXb3JsZDEUMBIGA1UEBwwLTXkgTG9jYXRpb24xHDAaBgNVBAoME0dl
bmVyaWMgY2VydGlmaWNhdGUxFzAVBgNVBAsMDkNpdGFkZWwgc2VydmVyMQowCAYD
VQQDDAEqMB4XDTE5MDgxNTA4MzQ1NloXDTI5MDgxMjA4MzQ1NlowejELMAkGA1UE
BhMCWloxEjAQBgNVBAgMCVRoZSBXb3JsZDEUMBIGA1UEBwwLTXkgTG9jYXRpb24x
HDAaBgNVBAoME0dlbmVyaWMgY2VydGlmaWNhdGUxFzAVBgNVBAsMDkNpdGFkZWwg
c2VydmVyMQowCAYDVQQDDAEqMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzazFQH4/H/2Oa3p0cuSPuEvU4kbEq3L7lHU3Fl+Ardz+/S4E8QB4GSdWsU0R
rXzS/kSY/R//KSSso+ev0nuDqIzTqY1LPcENt2OGs4vPy2sU/iKADt9wks6+3f3C
LuRYaQQi15ZIAZnFTO9V5Yv3CRQjtRbbJJU9hJ3VJ+zdZpaWanEeVuz3/6BScG2V
TI4SSAuHbamOzlnkf4DnXGH/paMDKWVOkMYijLIJAT2jaOOkQHbeoVrdxv16rUZE
a0J3m/a/HJaXbOLzvA56b+PhT+3WCwS0yWp3NjBSU4e40cHZHXr7CshPMc6+adrD
hBOOvOh4PXAGCss2BzE4voffPwIDAQABMA0GCSqGSIb3DQEBBAUAA4IBAQB6uQNh
tsn3+U/v2eQ/FYQDirf61TI/+pCXwRkE59CVQ73obPziT0hvQMAyrRNgdtwK/VsS
7VBpsV0r3zEyMTz5gIvONrsZbHl1cEnt/mV6EGCq8sRZXVOxH2Zf1SmkmrmFdoFI
z5a98NzW5VQuuEjPd2Ds9FvbiZOap5px+wdbvwd7vjZartM746gE2MywvlsTrlWu
D98aYhqA3BLy+LjJO4Lp6+eFbnLvr3i54/+1GR7qr+w7/KXy44zW3L0BGPogg+bG
lH0kMj6j+roJAvcuq2t1Xc7xitPjUdImy54Ox2F6269iupkLT5VRzKIno+wBhZS6
GOXYXuPGAdZyzrLG
-----END CERTIFICATE-----
subject=/C=ZZ/ST=The World/L=My Location/O=Generic certificate/OU=Citadel server/CN=*
issuer=/C=ZZ/ST=The World/L=My Location/O=Generic certificate/OU=Citadel server/CN=*
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1780 bytes and written 463 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 0F53FA4338C40B28B8755C94B3490D2BF6DE3EEB521C8FDC81F37928D89DA671
    Session-ID-ctx:
    Master-Key: C0B01C57B35CC0DF2A9555D3A53A84E1A1113AECD57B46E7D9CBAD1E7BC1FB0A020B6AF14284ED13FF8BC4F0709FA70A
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - ab 7f 18 87 9e f9 04 15-ae 5b 3a 98 7a 46 00 92   .........[:.zF..
    0010 - 36 20 18 df b5 2a d8 c4-23 1c 43 f9 db 34 4b f9   6 ...*..#.C..4K.
    0020 - 5a df 0e 74 40 14 3d d2-25 6d 31 27 7f 40 e9 03   Z..t@.=.%m1'.@..
    0030 - 7b 9c 12 85 89 71 8b a9-62 3b 5e 3a 26 2d f4 7d   {....q..b;^:&-.}
    0040 - 89 22 ef c6 14 3b b7 f4-97 9e 11 e8 84 43 d9 0c   ."...;.......C..
    0050 - 98 a5 85 84 81 8d 4c 39-57 05 c2 73 92 3c 6a 45   ......L9W..s.<jE
    0060 - ae c9 68 48 e2 86 76 66-e8 15 9b 75 94 07 5e 4c   ..hH..vf...u..^L
    0070 - f9 c4 02 da f4 bb 14 58-f1 11 14 f4 77 9e 16 7c   .......X....w..|
    0080 - 3b 57 23 32 f8 15 a3 8c-43 0a 07 70 b6 2f 3e ec   ;W#2....C..p./>.
    0090 - b6 5c 48 5b e2 a2 53 18-64 a3 16 05 61 20 59 d4   .\H[..S.d...a Y.

    Start Time: 1584555723
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
250 8BITMIME

• How could this happen? I deleted the old "default" certificates from /etc/ssl/citadel, so where do those certificates come from?
• What's behind the folder /etc/ssl/certs? Are those the trusted CAs?
• What's the purpose of /etc/ssl/openssl.cnf file?

Sat Feb 15 2020 21:58:03 EST from MAS3 @ Uncensored Subject: Re: Mail aliases limited ?

So i started to do this right away.

Made a test user and copied the alias test1@mydomain.com 50 times (or thought i did).

Then i started to edit the number so that i would end up with aliases test1 to test 50.
But when i was at the number 10, i couldn't add characters anymore.
That field seems limited to 512 characters, and thus limiting the number of aliases after all.
In this test case, it limits the number of aliases to 24.
And they seem to work for this new test user, sent and received an external mail to test23@mydomain.com.

Both users i tried to add aliases to, should have space to add at least 1 alias to the list of 512 characters, but still there's trouble in getting that done.
So there must be something else that's going wrong, and i'm assuming it's me doing something wrong here.

 

 

Hi MAS3,

I'm facing quite the same issues concerning those aliases. I'm not using that many aliases like you do, but nevertheless they disappear totally randomly. As a workaround I'm checking every day whether the aliases have been disappeared or not, which is horrible. Furthermore the documentation seems to be quite poor, just like for other topics in Citadel as well...

Anyway...

Does anybody know in which file should those aliases appear? Sometimes I have the feeling that the Web-GUI of the admin page does not really transmit the changes, only after a service restart of Citadel.

Hope you'll get forward with this. I will try also my very best and as soon as I have a solution I'm going to post this here.

Cheers,

StonedMind