$Log$
+Revision 654.10 2005/08/10 21:47:41 ajc
+* Added "instant expunge" and "allow spoofing" site config options.
+
Revision 654.9 2005/08/10 21:10:54 ajc
* moved "instant expunge" to imap_do_store() so that it gets called from
both STORE and UID STORE commands.
Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
* Initial CVS import
+
*/
#define REV_LEVEL 655 /* This version */
#define REV_MIN 591 /* Oldest compatible database */
-#define EXPORT_REV_MIN 652 /* Oldest compatible export files */
+#define EXPORT_REV_MIN 655 /* Oldest compatible export files */
#define SERVER_TYPE 0 /* zero for stock Citadel; other developers please
obtain SERVER_TYPE codes for your implementations */
int c_pop3s_port; /* POP3S listener port (usually 995)*/
int c_smtps_port; /* SMTPS listener port (usually 465)*/
char c_auto_cull; /* Cull db logs automatically? */
+ char c_instant_expunge; /* IMAP instant expunge deleted msgs*/
+ char c_allow_spoofing; /* SMTP allow spoofing of my domains*/
};
cprintf("%d\n", config.c_smtps_port);
cprintf("%d\n", config.c_enable_fulltext);
cprintf("%d\n", config.c_auto_cull);
+ cprintf("%d\n", config.c_instant_expunge);
+ cprintf("%d\n", config.c_allow_spoofing);
cprintf("000\n");
}
case 43:
config.c_auto_cull = atoi(buf);
break;
+ case 44:
+ config.c_instant_expunge = atoi(buf);
+ break;
+ case 45:
+ config.c_allow_spoofing = atoi(buf);
+ break;
}
++a;
}
system.<br>
</p>
<p>The next set of options affect how Citadel behaves on a network.</p>
-<pre>Server IP address (0.0.0.0 for 'any') [0.0.0.0]:<br>POP3 server port (-1 to disable) [110]:<br>POP3S server port (-1 to disable) [995]:<br>IMAP server port (-1 to disable) [143]:<br>IMAPS server port (-1 to disable) [993]:<br>SMTP MTA server port (-1 to disable) [25]:<br>SMTP MSA server port (-1 to disable) [587]:<br>SMTPS server port (-1 to disable) [465]:<br>Correct forged From: lines during authenticated SMTP [Yes]:<br></pre>
+<pre>Server IP address (0.0.0.0 for 'any') [0.0.0.0]:<br>POP3 server port (-1 to disable) [110]:<br>POP3S server port (-1 to disable) [995]:<br>IMAP server port (-1 to disable) [143]:<br>IMAPS server port (-1 to disable) [993]:<br>SMTP MTA server port (-1 to disable) [25]:<br>SMTP MSA server port (-1 to disable) [587]:<br>SMTPS server port (-1 to disable) [465]:<br>Correct forged From: lines during authenticated SMTP [Yes]:<br>Allow unauthenticated SMTP clients to spoof my domains [No]: No<br>Instantly expunge deleted IMAP messages [No]: Yes<br></pre>
<p>"Server IP address" refers to the IP address on <span
style="font-style: italic;">your server</span> to which Citadel's
protocol services should be bound. Normally you will leave this
suppress
this behavior, answer 'No' at the prompt (the default is 'Yes') and the
headers
-will never be altered.<br>
+will never be altered.</p>
+<p>"Instant expunge" affects what happens when IMAP users delete
+messages. As you may already know, messages are not <i>truly</i> deleted
+when an IMAP client sends a delete command; they are only <i>marked for
+deletion</i>. The IMAP client must also send an "expunge" command
+to actually delete the message. The Citadel server automatically expunges
+messages when the client logs out or selects a different folder, but if you
+select the Instant Expunge option, an expunge operation will automatically
+follow any delete operation (and the client will be notified, preventing any
+mailbox state problems). This is a good option to select, for example, if you
+have users who leave their IMAP client software open all the time and are
+wondering why their deleted messages show up again when they log in from a
+different location (such as WebCit).</p>
+<p>"Allow spoofing" refers to the security level applied to
+non-authenticated SMTP clients. Normally, when another host connects to
+Citadel via SMTP to deliver mail, Citadel will reject any attempt to send
+mail whose sender (From) address matches one of your host's own domains. This
+forces your legitimate users to authenticate properly, and prevents foreign
+hosts (such as spammers) from forging mail from your domains. If, however,
+this behavior is creating a problem for you, you can select this option to
+bypass this particular security check.<br>
<span style="font-family: monospace;"><br>
Connect this Citadel to an LDAP directory [No]: No</span><br>
</p>
}
}
-#ifdef INSTANT_EXPUNGE
/*
- * The following two commands implement "instant expunge"
- * which is experimental.
+ * The following two commands implement "instant expunge" if enabled.
*/
- imap_do_expunge();
- imap_rescan_msgids();
-#endif /* INSTANT_EXPUNGE */
+ if (config.c_instant_expunge) {
+ imap_do_expunge();
+ imap_rescan_msgids();
+ }
}
void do_system_configuration(CtdlIPC *ipc)
{
-#define NUM_CONFIGS 44
+#define NUM_CONFIGS 46
char buf[SIZ];
char sc[NUM_CONFIGS][256];
a);
a = (a ? 0 : 1);
snprintf(sc[25], sizeof sc[25], "%d", a);
+ snprintf(sc[45], sizeof sc[45], "%d", (boolprompt(
+ "Allow unauthenticated SMTP clients to spoof my domains",
+ atoi(&sc[45][0]))));
+ snprintf(sc[44], sizeof sc[44], "%d", (boolprompt(
+ "Instantly expunge deleted IMAP messages",
+ atoi(&sc[44][0]))));
/* LDAP settings */
if (ipc->ServInfo.supports_ldap) {
}
/* Otherwise, make sure outsiders aren't trying to forge mail from
- * this system.
+ * this system (unless, of course, c_allow_spoofing is enabled)
*/
- else {
+ else if (config.c_allow_spoofing == 0) {
process_rfc822_addr(SMTP->from, user, node, name);
if (CtdlHostAlias(node) != hostalias_nomatch) {
cprintf("550 5.1.8 "
cprintf("%s\n", config.c_baseroom);
cprintf("%s\n", config.c_aideroom);
cprintf("%d\n", config.c_auto_cull);
+ cprintf("%d\n", config.c_instant_expunge);
+ cprintf("%d\n", config.c_allow_spoofing);
/* Export the control file */
get_control();
client_getln(config.c_baseroom, sizeof config.c_baseroom);
client_getln(config.c_aideroom, sizeof config.c_aideroom);
client_getln(buf, sizeof buf); config.c_auto_cull = atoi(buf);
+ client_getln(buf, sizeof buf); config.c_instant_expunge = atoi(buf);
+ client_getln(buf, sizeof buf); config.c_allow_spoofing = atoi(buf);
config.c_enable_fulltext = 0; /* always disable */
put_config();
lprintf(CTDL_INFO, "Imported config file\n");
41. Port number for POP3S (SSL-encrypted POP3)
42. Port number for SMTPS (SSL-encrypted SMTP)
43. Flag (0 or 1) - enable full text search index
+ 44. Flag (0 or 1) - automatically cull database log files
+ 45. Flag (0 or 1) - enable IMAP "instant expunge" of deleted messages
+ 46. Flag (0 or 1) - allow unauthenticated SMTP clients to spoof my domains
CONF also accepts two additional commands: GETSYS and PUTSYS followed by an
arbitrary MIME type (such as application/x-citadel-internet-config) which