Rev 39 | Rev 93 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
3 | magnus | 1 | prayer for Debian |
2 | ----------------- |
||
3 | |||
4 | The Debian version of Prayer is built with SSL support with session |
||
39 | magnus | 5 | cache using libdb4.6, gzip Content-Transfer-Encoding, LDAP, and System |
8 | magnus | 6 | V mutex support. The previous version, which was only uloaded to the |
7 | experimental distribution, was heavily patched to add UTF-8 and IPv6 |
||
8 | support among other things. All that has been incorporated and |
||
9 | improved by upstream in 1.1.0. The remaining patches concern changes |
||
39 | magnus | 10 | to the default configuration as detailed below, or fix bugs. You can |
11 | always find information about patches in changelog.Debian.gz. |
||
3 | magnus | 12 | |
39 | magnus | 13 | To enable Prayer, you must edit /etc/default/prayer and change |
14 | ENABLED=0 to ENABLED=1. But before you do that you should go through |
||
15 | /etc/prayer/prayer.cf and adapt it to your needs. In particular, if |
||
16 | you already run a web server on this machine you need to change |
||
17 | use_http_port (and use_https_port) to something else. |
||
18 | |||
19 | Debian-specific configuration defaults: |
||
20 | |||
21 | * Static files (templates, icons, CSS files) are installed in |
||
22 | /usr/share/prayer in accordance with policy. The prefix option |
||
23 | points there, while var_prefix, the location of pid files |
||
24 | (pid_dir), sockets (socket_dir), and the SSL session cache |
||
25 | (ssl_session_dir), is /var/run/prayer and subdirectories. Log |
||
26 | files are written to /var/log/prayer (log_dir) and /tmp is used to |
||
27 | temporarily store uploaded attachments (tmp_dir). |
||
28 | |||
29 | * Prayer by default runs as user prayer (created on install) and |
||
30 | group nogroup. The prayer user is added to the ssl-cert group on |
||
31 | installation, so that it can access keys in /etc/ssl/private. |
||
32 | |||
33 | * ssl_cert_file and ssl_privatekey_file point to the "snake oil" |
||
34 | certificate and key created by the ssl-cert package, so that you |
||
35 | only have to uncomment use_https_port to enable encryption. For a |
||
36 | production server you should of course install a real certificate. |
||
37 | |||
38 | * Support for SSL session caching is compiled in, but caching is |
||
39 | disabled by default, as it probably doesn't make that much a |
||
40 | difference on modern hardware. To enable it, uncomment the |
||
41 | ssl_session_timeout setting in prayer.cf. You should also arrange |
||
45 | magnus | 42 | for prayer-ssl-prune to be run periodically, for example by placing |
43 | a symlink to it in /etc/cron.hourly or /etc/cron.daily. |
||
39 | magnus | 44 | |
45 | * The default IMAP folders for sent mail (sent_mail_folder) and |
||
46 | drafts (postponed_folder) are "Sent" and "Drafts", respectively, |
||
47 | the default for Mozilla Thunderbird and others (although many IMAP |
||
48 | clients unfortunately use localized folder names). |
||
49 | |||
50 | * socket_split_dir is off by default to reduce complexity when |
||
51 | testing. You will probably only need it if you have lots of |
||
52 | simultaneous users and a file system without directory indexes. |
||
53 | |||
54 | Customizing templates: |
||
55 | |||
56 | To use customized templates you must set template_use_compiled to |
||
57 | FALSE in prayer.cf. Then copy the template (.t file) you wish to |
||
58 | customize from /usr/share/prayer/templates to the corresponding |
||
59 | location under /etc/prayer/templates and edit it there. Prayer will |
||
60 | still use the compiled-in versions of the remaining templates, thanks |
||
61 | to a small patch. |
||
62 | |||
3 | magnus | 63 | Quirks: |
64 | |||
65 | * If your IMAP server supports STARTTLS, then Prayer (actually the |
||
8 | magnus | 66 | libc-client IMAP client library) will use it automatically. To |
67 | disable, append "/notls" to the IMAP server name(s) specified with |
||
68 | imapd_server. To force TLS, append "/tls". Make sure that the |
||
69 | server name you specify for imapd_server in prayer.cf matches the |
||
70 | Common Name in the SSL certificate; otherwise libc-client will |
||
71 | refuse to accept it. To disable that check, use "/novalidate-cert". |
||
72 | Other switches you can append are listed in the file naming.txt.gz |
||
73 | in the documentation directory of the C-client library. |
||
3 | magnus | 74 | |
8 | magnus | 75 | * If your IMAP server is Dovecot (or any of a number of others, |
76 | probably), then you must change prefs_folder_name to something not |
||
77 | containing a dot. Unfortunately this means that the preference |
||
78 | folder will be fully visible. |
||
3 | magnus | 79 | |
39 | magnus | 80 | * Prayer doesn't handle signals gracefully yet, which means that it |
81 | will leave SysV semaphores lying around when it is stopped or |
||
82 | restarted. You can use ipcs to find them and ipcrm to delete them. |
||
3 | magnus | 83 | |
39 | magnus | 84 | * While Prayer does its best to remove potentially harmful tags from |
85 | HTML email, it doesn't try to convert it to XHTML. This means that |
||
86 | Prayer's output is conformant XHTML only when not viewing HTML |
||
87 | mail. |
||
88 | |||
89 | * Prayer deletes mail the IMAP way, which is by marking messages as |
||
90 | deleted and leaving them in their folders. Prayer always lists |
||
91 | deleted messages (with a special icon) and expunges (deletes |
||
92 | permanently) deleted messages only when explicitly requested. |
||
93 | Before that they can be undeleted at any time by "unmarking" them. |
||
94 | |||
95 | Most mail client software deletes mail by moving it to a "trash" |
||
96 | folder, which in reality means creating a copy in the trash folder |
||
97 | and marking the original deleted. Messages that are marked as |
||
98 | deleted are usually never listed, cannot be unmarked, and are often |
||
99 | automatically expunged. These two approaches are rather |
||
100 | incompatible, but some software can take either. |
||
101 | |||
45 | magnus | 102 | -- Magnus Holmgren <holmgren@debian.org>, Tue, 24 Jun 2008 00:11:04 +0200 |
39 | magnus | 103 |