| Clint Adams - |
- portability enhancements - |
-
| Steven M. Bellovin - |
- author of public domain 'parsedate' function - |
-
| Nathan Bryant - |
- build system, security, database access, and
-others - |
-
| Art Cancro - |
- overall system design and lead
-developer - |
-
| Brian Costello - |
- cosmetics, additional commands - |
-
| Nick Georbit - |
- additional client features - |
-
| Michael Hampton - |
- client software development - |
-
| Urs Jannsen - |
- text
-search algorithm - |
-
| Andru Luvisi - |
- troubleshooting and development assistance - |
-
| Daniel Malament - |
- string compare function for IMAP server - |
-
| Stu Mark - |
- additional client features, IGnet protocol
-design - |
-
| Ben Mehlman - |
- additional client features - |
-
| Ari Samson - |
- assistance with project management - |
-
| John Walker - |
- author of public domain base64
-encoder/decoder - |
-
| Steve Williams - |
- documentation - |
-
| Ethan Young - |
- IGnet protocol design - |
-
Version 2, June 1991
-Copyright (C) 1989, 1991 Free Software Foundation, Inc.-
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
The licenses for most software are designed to take -away your freedom to share and change it. By contrast, the GNU General -Public License is intended to guarantee your freedom to share and -change free software--to make sure the software is free for all its -users. This General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too.
-When we speak of free software, we are referring to -freedom, not price. Our General Public Licenses are designed to make -sure that you have the freedom to distribute copies of free software -(and charge for this service if you wish), that you receive source code -or can get it if you want it, that you can change the software or use -pieces of it in new free programs; and that you know you can do these -things.
-To protect your rights, we need to make -restrictions that forbid anyone to deny you these rights or to ask you -to surrender the rights. These restrictions translate to certain -responsibilities for you if you distribute copies of the software, or -if you modify it.
-For example, if you distribute copies of such a -program, whether gratis or for a fee, you must give the recipients all -the rights that you have. You must make sure that they, too, receive or -can get the source code. And you must show them these terms so they -know their rights.
-We protect your rights with two steps: (1) -copyright the software, and (2) offer you this license which gives you -legal permission to copy, distribute and/or modify the software.
-Also, for each author's protection and ours, we -want to make certain that everyone understands that there is no -warranty for this free software. If the software is modified by someone -else and passed on, we want its recipients to know that what they have -is not -the original, so that any problems introduced by others will not -reflect -on the original authors' reputations.
-Finally, any free program is threatened constantly -by -software patents. We wish to avoid the danger that redistributors of a -free -program will individually obtain patent licenses, in effect making the -program -proprietary. To prevent this, we have made it clear that any patent -must -be licensed for everyone's free use or not licensed at all.
-The precise terms and conditions for copying, -distribution and modification follow.
-0. This License applies to any -program or other work which contains a notice placed by the copyright -holder saying it may be distributed under the terms of this General -Public License. The "Program", below, refers to any such program or -work, and a "work based on the Program" means either the Program or any -derivative work under copyright law: that is to say, a work containing -the Program or a portion of it, either verbatim or with modifications -and/or translated into another language. (Hereinafter, translation is -included without limitation in the term "modification".) Each licensee -is addressed as "you".
-Activities other than copying, distribution and -modification are not covered by this License; they are outside its -scope. The act of running the Program is not restricted, and the output -from the Program is covered only if its contents constitute a work -based on the Program (independent of having been made by running the -Program). Whether that is true depends on what the Program does.
-1. You may copy and distribute -verbatim copies of the Program's source code as you receive it, in any -medium, provided that you conspicuously and appropriately publish on -each copy an appropriate copyright notice and disclaimer of warranty; -keep intact all the notices that refer to this License and to the -absence of any warranty; and give any other recipients of the Program a -copy of this License along with the Program.
-You may charge a fee for the physical act of -transferring a copy, and you may at your option offer warranty -protection in exchange for a fee.
-2. You may modify your copy or -copies of the Program or any portion of it, thus forming a work based -on the Program, and copy and distribute such modifications or work -under the terms of Section 1 above, provided that you also meet all of -these conditions:
--
Version 3, 29 June 2007
+ +Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed.
+ +The GNU General Public License is a free, copyleft license for +software and other kinds of works.
+ +The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too.
+ +When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things.
+ +To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others.
+ +For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights.
+ +Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it.
+ +For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions.
+ +Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users.
+ +Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free.
+ +The precise terms and conditions for copying, distribution and +modification follow.
+ +“This License” refers to version 3 of the GNU General Public License.
+ +“Copyright” also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks.
+ + +“The Program” refers to any copyrightable work licensed under this +License. Each licensee is addressed as “you”. “Licensees” and +“recipients” may be individuals or organizations.
+ +To “modify” a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a “modified version” of the +earlier work or a work “based on” the earlier work.
+ +A “covered work” means either the unmodified Program or a work based +on the Program.
+ +To “propagate” a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well.
+ +To “convey” a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying.
+ +An interactive user interface displays “Appropriate Legal Notices” +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion.
+ +The “source code” for a work means the preferred form of the work +for making modifications to it. “Object code” means any non-source +form of a work.
+ +A “Standard Interface” means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language.
+ +The “System Libraries” of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +“Major Component”, in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it.
+ +The “Corresponding Source” for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work.
+ +The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source.
+ +The Corresponding Source for a work in source code form is that +same work.
+ +All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law.
+ +You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you.
+ +Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary.
+ +No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures.
+ +When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures.
+ +You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program.
+ +You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee.
+ +You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions:
+-
-
Thus, it is not the intent of this section to claim -rights -or contest your rights to work written entirely by you; rather, the -intent -is to exercise the right to control the distribution of derivative or -collective -works based on the Program.
-In addition, mere aggregation of another work not -based on the Program with the Program (or with a work based on the -Program) on a volume of a storage or distribution medium does not bring -the other work under the scope of this License.
-3. You may copy and distribute -the Program (or a work based on it, under Section 2) in object code or -executable form under the terms of Sections 1 and 2 above provided that -you also do one of the following: -
-A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +“aggregate” if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate.
+ +You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways:
+-
-
If distribution of executable or object code is -made by offering access to copy from a designated place, then offering -equivalent access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to -copy the source along with the object code.
-4. You may not copy, modify, -sublicense, or distribute the Program except as expressly provided -under this License. Any attempt otherwise to copy, modify, sublicense -or distribute the Program is void, and will automatically terminate -your rights under this License. However, parties who have received -copies, or rights, from -you under this License will not have their licenses terminated so long -as such parties remain in full compliance.
-5. You are not required to accept -this License, since you have not signed it. However, nothing else -grants you permission to modify or distribute the Program or its -derivative works. These actions are prohibited by law if you do not -accept this License. Therefore, by modifying or distributing the -Program (or any work based on the Program), you indicate your -acceptance of this License to do so, and all its terms and conditions -for copying, distributing or modifying the Program or works based on -it.
-6. Each time you redistribute the -Program -(or any work based on the Program), the recipient automatically -receives a -license from the original licensor to copy, distribute or modify the -Program subject to these terms and conditions. You may not impose any -further restrictions on the recipients' exercise of the rights granted -herein. You are not responsible for enforcing compliance by third -parties to this License.
-7. If, as a consequence of a -court judgment or allegation of patent infringement or for any other -reason (not limited to patent issues), conditions are imposed on you -(whether by court order, agreement or otherwise) that contradict the -conditions of this License, they do not excuse you from the conditions -of this License. If you cannot distribute so as to satisfy -simultaneously your obligations under this License and any other -pertinent obligations, then as a consequence you may not distribute the -Program at all. For example, if a patent license would not permit -royalty-free redistribution of the Program by all those who receive -copies directly or indirectly through you, then the only way you could -satisfy both it and this License would be to refrain entirely from -distribution of the Program.
-If any portion of this section is held invalid or -unenforceable under any particular circumstance, the balance of the -section is intended to apply and the section as a whole is intended to -apply in other circumstances.
-It is not the purpose of this section to induce you -to -infringe any patents or other property right claims or to contest -validity of any such claims; this section has the sole purpose of -protecting the integrity of the free software distribution system, -which is implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice.
-This section is intended to make thoroughly clear -what is believed to be a consequence of the rest of this License.
-8. If the distribution and/or use -of -the Program is restricted in certain countries either by patents or by -copyrighted -interfaces, the original copyright holder who places the Program under -this -License may add an explicit geographical distribution limitation -excluding -those countries, so that distribution is permitted only in or among -countries -not thus excluded. In such case, this License incorporates the -limitation -as if written in the body of this License.
-9. The Free Software Foundation -may publish revised and/or new versions of the General Public License -from time to time. Such new versions will be similar in spirit to the -present version, but may differ in detail to address new problems or -concerns.
-Each version is given a distinguishing version -number. If the Program specifies a version number of this License which -applies to it and "any later version", you have the option of following -the terms and conditions either of that version or of any later version -published by the Free Software Foundation. If the Program does not -specify a version number of this License, you may choose any version -ever published by -the Free Software Foundation.
-10. If you wish to incorporate -parts of the Program into other free programs whose distribution -conditions are different, write to the author to ask for permission. -For software which is copyrighted by the Free Software Foundation, -write to the Free Software Foundation; we sometimes make exceptions for -this. Our decision will be guided by the two goals of preserving the -free status of all -derivatives of our free software and of promoting the sharing and reuse -of software generally.
-NO WARRANTY
-11. BECAUSE THE PROGRAM IS -LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE -EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN -WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM -"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, -INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK -AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD -THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY -SERVICING, REPAIR OR CORRECTION.
-12. IN NO EVENT UNLESS REQUIRED -BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR -ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS -PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, -SPECIAL, -INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY -TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA -BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES -OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN -IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH -DAMAGES.
--
A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work.
+ +A “User Product” is either (1) a “consumer product”, which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, “normally used” refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product.
+ +“Installation Information” for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made.
+ +If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM).
+ +The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network.
+ +Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying.
+ +“Additional permissions” are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions.
+ +When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission.
+ +Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms:
+ +All other non-permissive additional terms are considered “further +restrictions” within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying.
+ +If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms.
+ +Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way.
+ +You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11).
+ +However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation.
+ +Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice.
+ +Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10.
+ +You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so.
+ +Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License.
+ +An “entity transaction” is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts.
+ +You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it.
+ +A “contributor” is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's “contributor version”.
+ +A contributor's “essential patent claims” are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, “control” includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License.
+ +Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version.
+ +In the following three paragraphs, a “patent license” is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To “grant” such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party.
+ +If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. “Knowingly relying” means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid.
+ + +If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it.
+ +A patent license is “discriminatory” if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007.
+ +Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law.
+ +If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program.
+ +Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such.
+ +The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns.
+ +Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License “or any later version” applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation.
+ +If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program.
+ +Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version.
+ +THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+ +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES.
+ +If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee.
+ +END OF TERMS AND CONDITIONS
+Citadel/UX is an advanced, multiuser, client/server messaging system +
Citadel is an advanced, multiuser, client/server messaging system suitable for BBS, e-mail, and groupware applications. It is designed to handle the needs of both small dialup systems and large-scale Internet-connected systems. It was originally developed on an Altos @@ -547,7 +811,7 @@ and Unix-like platforms. The current development environment (and public BBS) is an ordinary Linux system. The current distribution includes:
Some knowledge of the Unix system is necessary to install and manage the system. It is mandatory that the sysop have "root" access to the -operating system. The following are required to install Citadel/UX:
+operating system. The following are required to install Citadel:If you are running Citadel/UX on a Linux system, it is STRONGLY -recommended that you run it on a recent distribution (such as Red Hat 7.3 or newer). A new-ish -distribution will have most or all of the prerequisite tools and +
If you are running Citadel on a Linux system, it is STRONGLY +recommended that you run it on a recent distribution (such as CentOS +4.1 or newer). A new-ish +distribution will have many of the prerequisite tools and libraries already integrated for you.
-Hopefully you've unpacked the distribution archive into its own
@@ -600,14 +866,15 @@ by the software if needed. Make sure you have Berkeley DB installed on
your system, and that you have all the development libraries and
headers
in place so that you can compile against them. If you don't, you can
-get the latest Berkeley DB at http://www.sleepycat.com.
+get the latest Berkeley DB at
+http://www.sleepycat.com.
If your operating system uses a separate library to support POSIX
threads (pthreads), make sure that library is installed as well. This
is almost never the case with Linux, but some commercial Unix flavors
might need it.
As with many Unix programs, Citadel wants to run under its own user ID. Unlike other programs, however, this user ID will do double-duty as a public login for your system if you are running a BBS. This account @@ -620,35 +887,36 @@ will use /usr/local/citadel) and the shell should be either "citadel" in that directory, or a script that will start up the citadel client. Example:
-bbs::100:1:Citadel Login:/usr/local/citadel:/usr/local/citadel/citadel+
citadel::100:1:Citadel Login:/usr/local/citadel:/usr/local/citadel/citadel
When you run setup later, you will be required to tell it the username or user ID of the account you created is, so it knows what -user to run as. If you create an account called bbs, guest, -or citadel, the setup program will automatically pick up the +user to run as. If you create an account called citadel, bbs, +or guest, the setup program will automatically pick up the user ID by default.
-For all other users in /etc/passwd, Citadel will automatically set -up +
For all other users in /etc/passwd (or in some other name
+service such as NIS), Citadel can automatically set up
+such as NIS), Citadel can automatically set up
an account using the full name (or 'gecos' in Unixspeak) of the user.
It'll also ignore any password you supply, because it uses the user's
-password
-on the host system. This allows a 'single sign on' type of environment.
-Note that this does have to be enabled at compile time -- it's the
-configure
-option called --enable-autologin. Keep in mind that these
-users
-can use *either* their Citadel login name or their login name on the
-host
-computer, and their password on the host computer.
-
-
If you normally log in to your host system using some method other than telnet (such as ssh), you might want the telnet service to go straight into Citadel, instead of displaying the login: prompt first. You -can do this by having telnetd start citadel directly instead of /bin/login. -This is actually very simple to implement; all you need to do is make a +can do this by having telnetd start citadel directly instead of +/bin/login. The setup program will offer to +configure +this automatically for you if it sees a configuration it understands. +If you would prefer to configure it manually, all you need to do is +make a simple change to your inetd or xinetd configuration. Here are some configuration examples.
An example for inetd (put the following line in /etc/inetd.conf,
@@ -665,14 +933,11 @@ local peculiarities which need to be observed, edit the above
configuration
accordingly as well. And, of course, if you're working remotely, make
sure you can successfully log in using SSH before you start
-changing
-your telnet configuration, otherwise you could lock yourself out of
-your
-system (ask any networking specialist about the dangers of "working
-inband"
--- then pull up a chair and get a fresh cup of coffee, because you're
-going
-to hear some war stories).
+making
+changes to telnet, because if you accidentally break telnet and don't
+have
+SSH running, you'll have effectively locked yourself out of your system
+until you can get physical access to the console.
Upgrading to a new version uses the same build procedure as
compiling
the program for a fresh install, except that you want to do make
-install-exec instead of make install. This will
+upgrade instead of make install. This will
overwrite the programs but not your data. Be sure to shut down
citserver during this process! If Citadel is running while you
upgrade, you may face data corruption issues.
After doing make install-exec, you should run setup +
After doing make upgrade, you should run setup again to bring your data files up to date. Please see the setup section below for more information on this.
-The text-based client included with Citadel is suitable for BBS applications. Much of its command set and other behavior is configurable through a Run Control (RC) file. The standard client looks for this file in the following locations:
Citadel/UX has a built-in message editor. However, you can also use +
Citadel has a built-in message editor. However, you can also use your favorite text editor to write messages. To do this you simply put a line in your citadel.rc file like this:
editor=/usr/bin/vi
The above example would make Citadel call the vi editor when using -the .Enter Editor command. You can also make +the .Enter Editor command, or when a user +selects the "Always compose messages with the full-screen +editor" option. You can also make it the default editor for the Enter command by editing the citadel.rc file. But be warned: external editors on public systems can @@ -756,13 +1024,14 @@ as' commands disabled, as well as any other functions which a destructive user could use to gain unauthorized access to your host system.
Citadel/UX can send messages to a printer, or just about anywhere +
Citadel can send messages to a printer, or just about anywhere else in your system. The variable PRINTCMD in citadel.rc specifies what command you use to print. Text is sent to the standard input (stdin) of the print command.
So if you did this:
-printcmd="nl|pr|lpr -Plocal"-
...that would add line numbers, then paginate, then print on the +
printcmd="a2ps -o - |lpr -Plocal"+
...that would convert the printed text to PostScript, then print on +the printer named "local". There's tons of stuff you can do with this feature. For example, you could use a command like cat <<$HOME/archive to save copies of important messages in a @@ -807,6 +1076,21 @@ will be preserved.
port which Citadel clients use to connect to your Citadel server. In almost all cases, you want to use the default -- port 504, which is the official port number assigned by the IANA for Citadel implementations. +setup will then ask you about authentication mode. Please +understand this question thoroughly before answering it. You have a +choice of two authentication modes: +
The Citadel service will then be started, and you will see the following message:
Setup is finished. You may now log in.@@ -826,7 +1110,7 @@ this section and do what you need to in order to get things configured.
Before you can use Citadel, you must define the "citadel" service to your system. This is accomplished by adding a line to your /etc/services file that looks something like this:
-citadel 504/tcp # Citadel/UX Server+
citadel 504/tcp # Citadel Server
504 is the port number officially designated by the IANA for use by Citadel. There should not be any need to use a different port number, unless you are running multiple Citadels on the same computer and @@ -835,7 +1119,7 @@ a different port for each one.
The next step is to arrange for the server to start. The citserver program is the main Citadel server. Before we cover the recommended method of starting the server, let's examine its usage options:
-citserver [-hHomeDir] [-xDebugLevel] [-tTraceFile] [-d] [-f]+
citserver [-hHomeDir] [-xDebugLevel] [-tTraceFile] [-lLogFacility] [-d] [-f]
The options are as follows:
-hHomeDir - the directory your Citadel data files live in. This should, of course, be a directory that you've run the setup @@ -843,19 +1127,41 @@ program against to set up some data files. If a directory is not specified, the directory name which was specified in the Makefile will be used.
-xDebugLevel - Set the verbosity of trace messages printed. -The -available debugging levels are:
+When -x is used, it will suppress messages sent to syslog(see below). +In +other words, syslog will never see certain messages if -x is used. +Normally +you should configure logging through syslog, but -x may still be useful +in +some circumstances. The available debugging levels are:-tTraceFile - Tell the server where to send its debug/trace output. Normally it is sent to stdout.
+-lLogFacility - Tell the server to send its debug/trace +output +to the syslog service on the host system instead of +to a +trace file. LogFacility must be one of: kern, user, +mail, +daemon, auth, syslog, lpr, news, uucp, local0, local1, local2, local3, +local4, local5, local6, local7. Please note that use of the +-l option will cancel any use of the -t option; that +is, +if you specify a trace file and a syslog facility, log output +will +only go to the syslog facility. +
-d - Run as a daemon; i.e. in the background. This switch would be necessary if you were starting the Citadel server, for example, from an rc.local script (which is not recommended, because @@ -868,8 +1174,8 @@ entry in your /etc/inittab file. This will conveniently bring the server up when your system is up, and terminate it gracefully when your system is shutting down. The exact syntax for your system may vary, but here's an entry that could be used on a Linux system:
-cit:2345:respawn:/usr/local/citadel/citserver -h/usr/local/citadel -t/dev/tty9 -x3-
In this example, we've chosen debugging level 3, and have the trace +
cit:2345:respawn:/usr/local/citadel/citserver -h/usr/local/citadel -t/dev/tty9 -x6+
In this example, we've chosen debugging level 6, and have the trace
stuff output to one of the virtual consoles. It's important to remember
to turn off any getty that is set up on that virtual console, if you do
this. After making this change, the command init q works on
@@ -877,7 +1183,7 @@ most systems to tell init to re-read the file. If in doubt, just reboot
the computer.
At this point, your system is ready to run. Run the citadel
program from the shell and log in as a new user. NOTE: the first user
@@ -904,7 +1210,7 @@ single-instance message store, so all the new users are actually
looking at the same copy of the message on disk.
Please take note! This function really represents the "old" @@ -961,12 +1267,12 @@ command).
Citadel/UX, when installed properly, will do most of its maintenance +
Citadel, when installed properly, will do most of its maintenance by itself. It is intended to be run unattended for extended periods of time, and most installations do just that without any software failures.
The system has seven access levels. Most users are at the bottom and @@ -1261,6 +1567,12 @@ messages around forever (or until they are manually deleted), until they become a certain number of days old, or until a certain number of additional messages are posted in the room, at which time the oldest ones will scroll out.
+When a new Citadel system is first installed, the default +system-wide +expire policy is set to 'manual' -- no automatic purging of messages +takes place anywhere. For public message boards, you will probably want +to set some sort of automatic expire policy, in order to prevent your +message base from growing forever.
You will notice that you can also fall back to the default expire policy for the floor upon which the room resides. This is the default setting. You can change the floor's default with the ;Aide Edit @@ -1373,7 +1685,7 @@ help files to suit whatever is appropriate for your system.
There are several strings that you can put in help files that will be automatically substituted with other strings. They are:
-+
^nodename = The node name of your system on a Citadel/UX network
^humannode = Human-readable node name (also your node name on C86Net)
^fqdn = Your system's fully-qualified domain name
^username = The name of the user reading the help file
^usernum = The user number of the user reading the help file
^sysadm = The name of the system administraor (i.e., you)
^variantname = The name of the software you're running
^bbsdir = The directory on the host system in which you have
installed the Citadel system.
^nodename = The node name of your system on a Citadel network
^humannode = Human-readable node name (also your node name on C86Net)
^fqdn = Your system's fully-qualified domain name
^username = The name of the user reading the help file
^usernum = The user number of the user reading the help file
^sysadm = The name of the system administraor (i.e., you)
^variantname = The name of the software you're running
^bbsdir = The directory on the host system in which you have
installed the Citadel system.
So, for example, you could create a help file which looked like:
"Lots of help, of course, is available right here on ^humannode. Of
course, if you still have trouble, you could always bug ^sysadm about it!"
Require registration for new users [No]: No+
Disable self-service user account creation [No]: No
Initial access level for new users [4]:
Access level required to create rooms [4]:
Automatically give room aide privs to a user who creates a private room [No]: No
Automatically move problem user messages to twit room [Yes]: Yes
Name of twit room [Trashcan]:
Restrict Internet mail to only those with that privilege [No]: No
Allow Aides to Zap (forget) rooms [Yes]: Yes
Allow system Aides access to user mailboxes [Yes]: Yes
Log all pages [No]: No
Require registration for new users [No]: No
Disable self-service user account creation [No]: No
Initial access level for new users [4]:
Access level required to create rooms [4]:
Automatically give room aide privs to a user who creates a private room [No]: No
Automatically move problem user messages to twit room [Yes]: Yes
Name of twit room [Trashcan]:
Restrict Internet mail to only those with that privilege [No]: No
Allow Aides to Zap (forget) rooms [Yes]: Yes
Log all pages [No]: No
'Registration' refers to the process of a user entering various personal contact information (real name, address, telephone number, etc.) into the system. When enabled, this information is stored as a @@ -1518,14 +1830,14 @@ answer Yes to 'Restrict Internet mail to only those with that privilege.' Obviously this makes no sense for an internal e-mail system, but for a public BBS it might be appropriate.
-Normally, Aides have access to every room, public or private, except -for user mailboxes. They are also forbidden from Zapping +
Normally, Aides have access to every room, public or private. +They are also forbidden from Zapping rooms, because the review of content is considered one of their roles. If you wish to change these policies, the next two options allow you to. You may 'Allow Aides to Zap (forget) rooms', in which case they may use the Zap command just like any other user. -Furthermore, if you 'Allow system Aides access to user mailboxes', then -they may .Goto any private mailbox belonging to any +Aides may also .Goto any private mailbox belonging to +any user, using a special room name format.
If your local security and/or privacy policy dictates that you keep a @@ -1538,7 +1850,7 @@ only the sender and recipient of each individual message will receive a copy.
The next set of options deals with the tuning of your system. It is usually safe to leave these untouched.
-Server connection idle timeout (in seconds) [900]:+
Maximum concurrent sessions [20]:
Maximum message length [2147483647]:
Minimum number of worker threads [5]:
Maximum number of worker threads [256]:
Server connection idle timeout (in seconds) [900]:
Maximum concurrent sessions [20]:
Maximum message length [10000000]:
Minimum number of worker threads [5]:
Maximum number of worker threads [256]:
Automatically delete committed database logs [Yes]:
The 'Server connection idle timeout' is for the connection between client and server software. It is not an idle timer for the user interface. 900 seconds (15 minutes) is the default and a sane @@ -1553,26 +1865,29 @@ prevent enormous multimedia files from finding their way into your message base. This maximum is enforced in all protocols and is also advertised by the ESMTP service.
The minimum and maximum number of worker threads can be tuned to -your -liking. Citadel will attempt to keep one worker thread running per -session, -within these constraints. You should be aware that due to the use of -the -worker thread model, Citadel can handle a large number of concurrent -sessions -with a much smaller thread pool. If you don't know the programming -theory -behind multithreaded servers, you should leave these parameters alone.
+your liking. Citadel will attempt to keep one worker thread running per +session, within these constraints. You should be aware that due to the use of +the worker thread model, Citadel can handle a large number of concurrent +sessions with a much smaller thread pool. If you don't know the programming +theory behind multithreaded servers, you should leave these parameters alone.'Automatically delete committed database logs' is a crucial setting which affects your
+system's disk utilization and backup recoverability. Please refer
+to the database maintenance
+section of this document to learn how the presence or absence of
+database logs affect your ability to reliably backup your Citadel
+system.
+
The next set of options affect how Citadel behaves on a network.
-How often to run network jobs (in seconds) [3600]:-
POP3 server port (-1 to disable) [110]:
IMAP server port (-1 to disable) [143]:
SMTP server port (-1 to disable) [25]:
Correct forged From: lines during authenticated SMTP [Yes]:
"How often to run network jobs" refers to the sharing of content on -a -Citadel network. If your system is on a Citadel network, this -configuration -item dictates how often the Citadel server will contact other Citadel -servers to send and receive messages. In reality, this will happen more -frequently than you specify, because other Citadel servers will be -contacting yours at regular intervals as well.
+Server IP address (0.0.0.0 for 'any') [0.0.0.0]:+
POP3 server port (-1 to disable) [110]:
POP3S server port (-1 to disable) [995]:
IMAP server port (-1 to disable) [143]:
IMAPS server port (-1 to disable) [993]:
SMTP MTA server port (-1 to disable) [25]:
SMTP MSA server port (-1 to disable) [587]:
SMTPS server port (-1 to disable) [465]:
Correct forged From: lines during authenticated SMTP [Yes]:
Allow unauthenticated SMTP clients to spoof my domains [No]: No
Instantly expunge deleted IMAP messages [No]: Yes
"Server IP address" refers to the IP address on your server to which Citadel's +protocol services should be bound. Normally you will leave this +set to 0.0.0.0, which will cause Citadel to listen on all of your +server's interfaces. However, if you are running multiple +Citadels on a server with multiple IP addresses, this is where you +would specify which one to bind this instance of Citadel to.
Then you can specify TCP port numbers for the SMTP, POP3, and IMAP services. For a system being used primarily for Internet e-mail, these are essential, so you'll want to specify the standard port numbers: 25, @@ -1580,6 +1895,39 @@ are essential, so you'll want to specify the standard port numbers: 25, though, then you might want to choose other, unused port numbers, or enter -1 for any protocol to disable it entirely.
+You'll also notice that you can specify two port numbers for SMTP:
+one
+for MTA (Mail Transport Agent) and one for MSA (Mail Submission Agent).
+The
+traditional ports to use for these purposes are 25 and 587. If you are
+running an external MTA, such as Postfix (which submits mail to Citadel
+using
+LMTP) or Sendmail (which submits mail to Citadel using the 'citmail'
+delivery agent), that external MTA will be running on port 25, and you
+should
+specify "-1" for the Citadel MTA port to disable it. The MSA port
+(again,
+usually 587) would be the port used by end-user mail client programs
+such as
+Aethera, Thunderbird, Eudora, or Outlook, to submit mail into the
+system.
+All connections to the MSA port must use Authenticated SMTP.
+
The protocols ending in "S" (POP3S, IMAPS, and SMTPS) are
+SSL-encrypted. Although all of these protocols support the
+STARTTLS command, older client software sometimes requires connecting
+to "always encrypted" server ports. Usually when you are looking
+at a client program that gives you a choice of "SSL or TLS," the SSL
+option will connect to one of these dedicated ports, while the TLS
+option will connect to the unencrypted port and then issue a STARTTLS
+command to begin encryption. (It is worth noting that this is not the proper use of the acronyms
+SSL and TLS, but that's how they're usually used in many client
+programs.)
+
All of the default port numbers, including the encrypted ones, are
+the standard ones.
+
The question about correcting forged From: lines affects how Citadel behaves with authenticated SMTP clients. Citadel does not ever allow third-party SMTP relaying from unauthenticated clients -- any incoming @@ -1602,9 +1950,36 @@ suppress this behavior, answer 'No' at the prompt (the default is 'Yes') and the headers will never be altered.
+"Instant expunge" affects what happens when IMAP users delete +messages. As you may already know, messages are not truly deleted +when an IMAP client sends a delete command; they are only marked for +deletion. The IMAP client must also send an "expunge" command +to actually delete the message. The Citadel server automatically expunges +messages when the client logs out or selects a different folder, but if you +select the Instant Expunge option, an expunge operation will automatically +follow any delete operation (and the client will be notified, preventing any +mailbox state problems). This is a good option to select, for example, if you +have users who leave their IMAP client software open all the time and are +wondering why their deleted messages show up again when they log in from a +different location (such as WebCit).
+"Allow spoofing" refers to the security level applied to
+non-authenticated SMTP clients. Normally, when another host connects to
+Citadel via SMTP to deliver mail, Citadel will reject any attempt to send
+mail whose sender (From) address matches one of your host's own domains. This
+forces your legitimate users to authenticate properly, and prevents foreign
+hosts (such as spammers) from forging mail from your domains. If, however,
+this behavior is creating a problem for you, you can select this option to
+bypass this particular security check.
+
+Connect this Citadel to an LDAP directory [No]: No
+
The LDAP configuration options are discussed elsewhere in this
+document.
+
The final set of options configures system-wide defaults for the auto-purger:
-Default user purge time (days) [120]:+
Default room purge time (days) [30]:
System default message expire policy (? for list) [2]:
Keep how many messages online? [150]:
Default user purge time (days) [120]:
Default room purge time (days) [30]:
System default message expire policy (? for list) [0]:
Keep how many messages online? [150]:
Mailbox default message expire policy (? for list) [0]:
How often to run network jobs (in seconds) [1800]:
Enable full text search index (warning: resource intensive) [Yes]: Yes
Hour to run purges (0-23) [4]:
+Perform journaling of email messages [No]:
Perform journaling of non-email messages [No]:
Email destination of journalized messages [example@example.com]:
Any user who does not log in for the period specified in 'Default user purge time' will be deleted the next time a purge is run. This setting may be modified on a per-user basis.
@@ -1618,12 +1993,57 @@ messages are expired (purged) off the system. You can specify any of:Again, this setting may be overridden on a per-floor basis, and the -floor setting may be overridden on a per-room basis.
-Save this configuration? No+floor setting may be overridden on a per-room basis. You'll also notice +that you can set a different default for mailbox rooms if you +want +to. This can allow you, for example, to set a policy under which old +messages scroll out of public rooms, but private mail stays online +indefinitely +until deleted by the mailbox owners.
"How often to run network jobs" refers to the sharing of content on
+a
+Citadel network. If your system is on a Citadel network, this
+configuration
+item dictates how often the Citadel server will contact other Citadel
+servers to send and receive messages. In reality, this will happen more
+frequently than you specify, because other Citadel servers will be
+contacting yours at regular intervals as well.
+
"Hour to run purges" determines when expired and/or deleted objects +are purged from the database. These purge operations are +typically run overnight and automatically, sometime during whatever +hour you specify. If your site is much busier at night than +during the day, you may choose to have the auto-purger run during the +day.
+"Enable full text search index," if enabled, instructs the server to +build and maintain a searchable index of all messages on the +system. This is a time and resource intensive process -- it could +take days to build the index if you enable it on a large +database. It is also fairly memory intensive; we do not recommend +that you enable the index unless your host system has at least 512 MB +of memory. Once enabled, however, it will be updated +incrementally +and will not have any noticeable impact on the interactive response +time of your system. The full text index is currently only +searchable when using IMAP clients; other search facilities will be +made available in the near future.
+The "Perform journaling..." options allow you to configure +your Citadel server to send an extra copy of every message, along with +recipient information if applicable, to the email address of your choice. +The journaling destination address may be an account on the local Citadel +server, an account on another Citadel server on your network, or an Internet +email address. These options, used in conjunction with an archiving service, +allow you to build an archive of all messages which flow through your Citadel +system. This is typically used for regulatory compliance in industries which +require such things. Please refer to the journaling +guide for more details on this subject.
+Save this configuration? No
+
When you're done, enter 'Yes' to confirm the changes, or 'No' to discard the changes.
If your relay server is running on a port other +than the standard SMTP port 25, you can also specify the port number +using "host:port" syntax; i.e. relay99.myisp.com:2525
+Furthermore, if your relay server requires authentication, you can +specify it using username:password@host or username:password@host:port +syntax; i.e. jsmith:pass123@relay99.myisp.com:25
directory: a domain for which you are participating in directory services across any number of Citadel nodes. For example, if users who have addresses in the domain citadel.org are spread @@ -1787,7 +2213,7 @@ the server from a shell and watch it load. It might look something like this:
-smw @ pixel % ./citserver+
Multithreaded message server for Citadel/UX
Copyright (C) 1987-2003 by the Citadel/UX development team.
Citadel/UX is open source, covered by the GNU General Public License, and
you are welcome to change it and/or distribute copies of it under certain
conditions. There is absolutely no warranty for this software. Please
read the 'COPYING.txt' file for details.
Loading citadel.config
Opening databases
This is GDBM version 1.8.0, as of May 19, 1999.
Checking floor reference counts
Creating base rooms (if necessary)
Registered a new service (TCP port 504)
Registered a new service (TCP port 0)
Initializing loadable modules
Registered server command CHAT (Begin real-time chat)
Registered server command PEXP (Poll for express messages)
Registered server command GEXP (Get express messages)
Registered server command SEXP (Send an express message)
Registered server command DEXP (Disable express messages)
Registered a new session function (type 0)
Registered a new x-msg function (priority 0)
Loaded module: $Id$
Registered a new session function (type 1)
Registered a new message function (type 201)
Registered a new message function (type 202)
Registered server command REGI (Enter registration info)
Registered server command GREG (Get registration info)
Registered a new user function (type 100)
Loaded module: $Id$
Server-hosted upgrade level is 5.62
Loaded module: $Id$
Registered server command EXPI (Expire old system objects)
Registered server command FSCK (Check message ref counts)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 25.
Registered a new service (TCP port 0)
Registered a new session function (type 50)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 110.
Registered a new session function (type 0)
Loaded module: $Id$
Registered a new message function (type 202)Loaded module: $Id$
Registered server command RWHO (Display who is online)
Registered server command HCHG (Masquerade hostname)
Registered server command RCHG (Masquerade roomname)
Registered server command UCHG (Masquerade username)
Registered server command STEL (Enter/exit stealth mode)
Loaded module: $Id$
Changing uid to 513
Starting housekeeper thread
smw @ pixel % ./citserver
Multithreaded message server for Citadel
Copyright (C) 1987-2006 by the Citadel development team.
Citadel is open source, covered by the GNU General Public License, and
you are welcome to change it and/or distribute copies of it under certain
conditions. There is absolutely no warranty for this software. Please
read the 'COPYING.txt' file for details.
Loading citadel.config
Opening databases
This is GDBM version 1.8.0, as of May 19, 1999.
Checking floor reference counts
Creating base rooms (if necessary)
Registered a new service (TCP port 504)
Registered a new service (TCP port 0)
Initializing loadable modules
Registered server command CHAT (Begin real-time chat)
Registered server command PEXP (Poll for instant messages)
Registered server command GEXP (Get instant messages)
Registered server command SEXP (Send an instant message)
Registered server command DEXP (Disable instant messages)
Registered a new session function (type 0)
Registered a new x-msg function (priority 0)
Loaded module: $Id$
Registered a new session function (type 1)
Registered a new message function (type 201)
Registered a new message function (type 202)
Registered server command REGI (Enter registration info)
Registered server command GREG (Get registration info)
Registered a new user function (type 100)
Loaded module: $Id$
Server-hosted upgrade level is 5.62
Loaded module: $Id$
Registered server command EXPI (Expire old system objects)
Registered server command FSCK (Check message ref counts)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 25.
Registered a new service (TCP port 0)
Registered a new session function (type 50)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 110.
Registered a new session function (type 0)
Loaded module: $Id$
Registered a new message function (type 202)Loaded module: $Id$
Registered server command RWHO (Display who is online)
Registered server command HCHG (Masquerade hostname)
Registered server command RCHG (Masquerade roomname)
Registered server command UCHG (Masquerade username)
Registered server command STEL (Enter/exit stealth mode)
Loaded module: $Id$
Changing uid to 513
Starting housekeeper thread
The lines emphasized in boldface in the above log output tell you
that Citadel "can't bind" to various ports. The error 'address already
in use' generally means that something else is already running on the
@@ -1825,9 +2251,23 @@ server, while keeping the existing Unix mailboxes intact.
However, it is beyond the scope of this document to detail the finer
points of the configuration of Postfix or any other mailer, so refer to
the documentation to those programs and keep in mind that Citadel has
-LMTP support.
-
For outbound mail, you +LMTP support.
+There are actually two LMTP sockets. One is called +lmtp.socket and the other is called lmtp-unfiltered.socket +(both are found in your Citadel directory). The difference should be +obvious: messages submitted via lmtp.socket are subject to +any +spam filtering you may have configured (such as SpamAssassin), while +messages +submitted via lmtp-unfiltered.socket will bypass the filters. +You +would use the filtered socket when receiving mail from an external MTA +such +as Postfix, but you might want to use the unfiltered socket with +utilities +such as fetchmail.
+For outbound mail, you can either allow Citadel to perform deliveries directly (this won't affect your other mail system because outbound mail doesn't @@ -1837,7 +2277,7 @@ tell Citadel to forward all of its outbound mail to your other mail system.
Citadel has built in mailing list service (known in the 'net +
Citadel has built in mailing list service (known in Internet vernacular as "listserv") functionality. You can turn any room into a mailing list. Users can then choose how they participate -- by logging on to your Citadel server directly, or by having the @@ -1891,7 +2331,12 @@ Citadel system.
In order to prevent "just anyone" from subscribing to any room on your system, there is a setting in the .Aide Edit room command:
-CitaNews} . Aide Edit this room+
Room name [CitaNews]:
(lots of other stuff omitted for brevity...)
Self-service list subscribe/unsubscribe [No]: Yes
CitaNews} . Aide Edit this room
+Room name [CitaNews]:
+
+(lots of other stuff omitted for brevity...)
+
+Self-service list subscribe/unsubscribe [No]: Yes
When you answer "Yes" to self-service list subscribe/unsubscribe, you are enabling that feature. Now, all you have to do is tell the world about @@ -1914,7 +2359,7 @@ you simply click on (or paste into your browser if you can't click on URL's in your e-mail software) and the confirmation is automatically completed.
-If you are using Citadel as the e-mail and groupware platform for a large organization, you can use its networking features to build a large network of Citadel servers which share content (think of rooms as @@ -1935,8 +2379,7 @@ integrate the global address book. It might make sense, for example, in a large corporation to give each department or location its own Citadel server. Thanks to Citadel's global address book features, you could still have all of -the -users share a single e-mail domain.
+the users share a single e-mail domain.Obviously, the first thing you have to do is find another Citadel to share rooms with, and make arrangements with them. The following Citadels are a good place to start:
@@ -1945,8 +2388,6 @@ Citadels are a good place to start:You don't have to be a part of the citadel.org domain to participate in the public Citadel network, but the DNS service is provided free of @@ -2029,14 +2470,11 @@ your favorite text editor, right?) with a screen that looks like this:
# Configuration for room: Quiche Recipes
# Nodes with which we share this room
# Specify one per line.
All you have to do is enter the name of the other Citadel node (i.e. "frobozz" in our example) on a line by itself. As usual, lines starting -with a -"#" are comments. Just go to the end of the file, type "frobozz" -(without -the quotes), save the file... and you're done!
+with a "#" are comments. Just go to the end of the file, type "frobozz" +(without the quotes), save the file... and you're done!At this point, you just sit back and enjoy. Your Citadel and the other one will begin polling each other at regular intervals (once per -hour -by default) and sharing messages.
+hour by default) and sharing messages.You can send mail to any user on any node of your Citadel network. It may take a little while for your system to learn the entire node @@ -2060,39 +2498,94 @@ would occur every 15 minutes.
maintenanceCitadel/UX contains an importer/exporter module, affectionately +
Citadel contains an importer/exporter module, affectionately known as the "Art Vandelay" module (a not-so-obscure Seinfeld reference). It allows you to export the entire contents of your Citadel databases to a @@ -2189,6 +2687,209 @@ sort of pseudo-backup.
Citadel provides built-in support for encryption using Transport +Layer Security (TLS) for ESMTP, IMAP, POP3, and the Citadel client +protocol. +A simple cryptographic configuration is installed automatically when +you +bring the system online. The remainder of this section describes how +this +configuration is built, and what you can do to make changes to it.
+Encryption files are kept in the keys/ directory. The +three +files used by Citadel are:
+If you wish to interact with 3rd party clients +that have hard coded lists of acceptable Certificate Authorities, and +you +do not want annoying dialog boxes popping up for the user on the first +(or +all) connections, then you will have to have your key signed by a valid +Certificate Authority.
+It is beyond the scope of this document to provide a complete +tutorial +on SSL certificates. Here are the general rules to follow:
+The most widely accepted and standardized object for storing +personal data clearly is "inetOrgPerson". Citadel therefore extends this +standard schema with an object class called "citadelInetOrgPerson".
+If you are using OpenLDAP as your directory server, you should +choose options similar to the following:
++include /etc/openldap/schema/core.schema +include /etc/openldap/schema/cosine.schema +include /etc/openldap/schema/inetorgperson.schema +include /etc/openldap/schema/rfc2739.schema +include /etc/openldap/schema/citadel.schema + +... + +database bdb +suffix "dc=example,dc=com" +rootdn "cn=manager,dc=example,dc=com" +rootpw secret +directory /var/openldap-data + ++ +
Notes on this configuration: +
Lobby> . Aide System configuration General+Once you've done this, restart your Citadel service with the .Aide Terminate-server +Now command. When +Citadel restarts, it will connect to your LDAP directory. Note +that we gave Citadel the same Base DN, Bind DN, and password that was +in our LDAP server configuration example. Obviously, everything +needs to be identical on both sides or the connection will be +refused. 127.0.0.1 is the loopback address, and 389 is the +standard port number for LDAP, so this would be the proper host and +port combination for an LDAP service running on your local +server. It could just as easily be on another server, for example +an organization-wide directory server.
(lots of other stuff omitted for brevity...)
Connect this Citadel to an LDAP directory [Yes]: Yes
Host name of LDAP server []: 127.0.0.1
Port number of LDAP service [389]: 389
Base DN []: dc=servername,dc=domain,dc=org
Bind DN []: cn=manager,dc=servername,dc=domain,dc=org
Password for bind DN []: secret
(more questions omitted...)
Save this configuration? Yes
This utility is intended to be used to enable Citadel server commands to -be executed from shell scripts. Review the script called weekly -which ships with the Citadel distribution for an example of how this -can -be used.
+be executed from shell scripts.NOTE: be sure that this utility is not world-executable. It connects to the server in privileged mode, and therefore could present -a security hole -if not properly restricted.
+a security hole if not properly restricted.