From: Art Cancro Date: Wed, 10 Aug 2005 21:47:42 +0000 (+0000) Subject: * Added "instant expunge" and "allow spoofing" site config options. X-Git-Tag: v7.86~4738 X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=95513036236be7c19824da8e9630844d74b97185 * Added "instant expunge" and "allow spoofing" site config options. --- diff --git a/citadel/ChangeLog b/citadel/ChangeLog index 239bd95de..026c2d7d6 100644 --- a/citadel/ChangeLog +++ b/citadel/ChangeLog @@ -1,4 +1,7 @@ $Log$ +Revision 654.10 2005/08/10 21:47:41 ajc +* Added "instant expunge" and "allow spoofing" site config options. + Revision 654.9 2005/08/10 21:10:54 ajc * moved "instant expunge" to imap_do_store() so that it gets called from both STORE and UID STORE commands. @@ -7025,3 +7028,4 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant Fri Jul 10 1998 Art Cancro * Initial CVS import + diff --git a/citadel/citadel.h b/citadel/citadel.h index ced109b9a..2a631747f 100644 --- a/citadel/citadel.h +++ b/citadel/citadel.h @@ -47,7 +47,7 @@ extern "C" { */ #define REV_LEVEL 655 /* This version */ #define REV_MIN 591 /* Oldest compatible database */ -#define EXPORT_REV_MIN 652 /* Oldest compatible export files */ +#define EXPORT_REV_MIN 655 /* Oldest compatible export files */ #define SERVER_TYPE 0 /* zero for stock Citadel; other developers please obtain SERVER_TYPE codes for your implementations */ diff --git a/citadel/config.h b/citadel/config.h index 09e0b8be9..7c7cb254f 100644 --- a/citadel/config.h +++ b/citadel/config.h @@ -67,6 +67,8 @@ struct config { int c_pop3s_port; /* POP3S listener port (usually 995)*/ int c_smtps_port; /* SMTPS listener port (usually 465)*/ char c_auto_cull; /* Cull db logs automatically? */ + char c_instant_expunge; /* IMAP instant expunge deleted msgs*/ + char c_allow_spoofing; /* SMTP allow spoofing of my domains*/ }; diff --git a/citadel/control.c b/citadel/control.c index bad2a68d3..bbf3bf6ef 100644 --- a/citadel/control.c +++ b/citadel/control.c @@ -228,6 +228,8 @@ void cmd_conf(char *argbuf) cprintf("%d\n", config.c_smtps_port); cprintf("%d\n", config.c_enable_fulltext); cprintf("%d\n", config.c_auto_cull); + cprintf("%d\n", config.c_instant_expunge); + cprintf("%d\n", config.c_allow_spoofing); cprintf("000\n"); } @@ -408,6 +410,12 @@ void cmd_conf(char *argbuf) case 43: config.c_auto_cull = atoi(buf); break; + case 44: + config.c_instant_expunge = atoi(buf); + break; + case 45: + config.c_allow_spoofing = atoi(buf); + break; } ++a; } diff --git a/citadel/docs/citadel.html b/citadel/docs/citadel.html index 616bf26ea..1c3fbedf7 100644 --- a/citadel/docs/citadel.html +++ b/citadel/docs/citadel.html @@ -1642,7 +1642,7 @@ database logs affect your ability to reliably backup your Citadel system.

The next set of options affect how Citadel behaves on a network.

-
Server IP address (0.0.0.0 for 'any') [0.0.0.0]:
POP3 server port (-1 to disable) [110]:
POP3S server port (-1 to disable) [995]:
IMAP server port (-1 to disable) [143]:
IMAPS server port (-1 to disable) [993]:
SMTP MTA server port (-1 to disable) [25]:
SMTP MSA server port (-1 to disable) [587]:
SMTPS server port (-1 to disable) [465]:
Correct forged From: lines during authenticated SMTP [Yes]:
+
Server IP address (0.0.0.0 for 'any') [0.0.0.0]:
POP3 server port (-1 to disable) [110]:
POP3S server port (-1 to disable) [995]:
IMAP server port (-1 to disable) [143]:
IMAPS server port (-1 to disable) [993]:
SMTP MTA server port (-1 to disable) [25]:
SMTP MSA server port (-1 to disable) [587]:
SMTPS server port (-1 to disable) [465]:
Correct forged From: lines during authenticated SMTP [Yes]:
Allow unauthenticated SMTP clients to spoof my domains [No]: No
Instantly expunge deleted IMAP messages [No]: Yes

"Server IP address" refers to the IP address on your server to which Citadel's protocol services should be bound.  Normally you will leave this @@ -1711,7 +1711,27 @@ sense dictates that this is a good idea. Nevertheless, if you want to suppress this behavior, answer 'No' at the prompt (the default is 'Yes') and the headers -will never be altered.
+will never be altered.

+

"Instant expunge" affects what happens when IMAP users delete +messages. As you may already know, messages are not truly deleted +when an IMAP client sends a delete command; they are only marked for +deletion. The IMAP client must also send an "expunge" command +to actually delete the message. The Citadel server automatically expunges +messages when the client logs out or selects a different folder, but if you +select the Instant Expunge option, an expunge operation will automatically +follow any delete operation (and the client will be notified, preventing any +mailbox state problems). This is a good option to select, for example, if you +have users who leave their IMAP client software open all the time and are +wondering why their deleted messages show up again when they log in from a +different location (such as WebCit).

+

"Allow spoofing" refers to the security level applied to +non-authenticated SMTP clients. Normally, when another host connects to +Citadel via SMTP to deliver mail, Citadel will reject any attempt to send +mail whose sender (From) address matches one of your host's own domains. This +forces your legitimate users to authenticate properly, and prevents foreign +hosts (such as spammers) from forging mail from your domains. If, however, +this behavior is creating a problem for you, you can select this option to +bypass this particular security check.

Connect this Citadel to an LDAP directory [No]: No

diff --git a/citadel/imap_store.c b/citadel/imap_store.c index 0c40e430d..49784cc13 100644 --- a/citadel/imap_store.c +++ b/citadel/imap_store.c @@ -163,14 +163,13 @@ void imap_do_store(int num_items, char **itemlist) { } } -#ifdef INSTANT_EXPUNGE /* - * The following two commands implement "instant expunge" - * which is experimental. + * The following two commands implement "instant expunge" if enabled. */ - imap_do_expunge(); - imap_rescan_msgids(); -#endif /* INSTANT_EXPUNGE */ + if (config.c_instant_expunge) { + imap_do_expunge(); + imap_rescan_msgids(); + } } diff --git a/citadel/routines2.c b/citadel/routines2.c index 024809535..731586bef 100644 --- a/citadel/routines2.c +++ b/citadel/routines2.c @@ -644,7 +644,7 @@ void read_bio(CtdlIPC *ipc) void do_system_configuration(CtdlIPC *ipc) { -#define NUM_CONFIGS 44 +#define NUM_CONFIGS 46 char buf[SIZ]; char sc[NUM_CONFIGS][256]; @@ -753,6 +753,12 @@ void do_system_configuration(CtdlIPC *ipc) a); a = (a ? 0 : 1); snprintf(sc[25], sizeof sc[25], "%d", a); + snprintf(sc[45], sizeof sc[45], "%d", (boolprompt( + "Allow unauthenticated SMTP clients to spoof my domains", + atoi(&sc[45][0])))); + snprintf(sc[44], sizeof sc[44], "%d", (boolprompt( + "Instantly expunge deleted IMAP messages", + atoi(&sc[44][0])))); /* LDAP settings */ if (ipc->ServInfo.supports_ldap) { diff --git a/citadel/serv_smtp.c b/citadel/serv_smtp.c index 91e8ed50a..bb996538a 100644 --- a/citadel/serv_smtp.c +++ b/citadel/serv_smtp.c @@ -562,9 +562,9 @@ void smtp_mail(char *argbuf) { } /* Otherwise, make sure outsiders aren't trying to forge mail from - * this system. + * this system (unless, of course, c_allow_spoofing is enabled) */ - else { + else if (config.c_allow_spoofing == 0) { process_rfc822_addr(SMTP->from, user, node, name); if (CtdlHostAlias(node) != hostalias_nomatch) { cprintf("550 5.1.8 " diff --git a/citadel/serv_vandelay.c b/citadel/serv_vandelay.c index 30c30a0ee..5f4de4aca 100644 --- a/citadel/serv_vandelay.c +++ b/citadel/serv_vandelay.c @@ -310,6 +310,8 @@ void artv_do_export(void) { cprintf("%s\n", config.c_baseroom); cprintf("%s\n", config.c_aideroom); cprintf("%d\n", config.c_auto_cull); + cprintf("%d\n", config.c_instant_expunge); + cprintf("%d\n", config.c_allow_spoofing); /* Export the control file */ get_control(); @@ -385,6 +387,8 @@ void artv_import_config(void) { client_getln(config.c_baseroom, sizeof config.c_baseroom); client_getln(config.c_aideroom, sizeof config.c_aideroom); client_getln(buf, sizeof buf); config.c_auto_cull = atoi(buf); + client_getln(buf, sizeof buf); config.c_instant_expunge = atoi(buf); + client_getln(buf, sizeof buf); config.c_allow_spoofing = atoi(buf); config.c_enable_fulltext = 0; /* always disable */ put_config(); lprintf(CTDL_INFO, "Imported config file\n"); diff --git a/citadel/techdoc/protocol.txt b/citadel/techdoc/protocol.txt index 01c417ee6..525a7eeea 100644 --- a/citadel/techdoc/protocol.txt +++ b/citadel/techdoc/protocol.txt @@ -1833,6 +1833,9 @@ fails for any reason, ERROR is returned. 41. Port number for POP3S (SSL-encrypted POP3) 42. Port number for SMTPS (SSL-encrypted SMTP) 43. Flag (0 or 1) - enable full text search index + 44. Flag (0 or 1) - automatically cull database log files + 45. Flag (0 or 1) - enable IMAP "instant expunge" of deleted messages + 46. Flag (0 or 1) - allow unauthenticated SMTP clients to spoof my domains CONF also accepts two additional commands: GETSYS and PUTSYS followed by an arbitrary MIME type (such as application/x-citadel-internet-config) which