Rev 39 | Rev 93 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
prayer for Debian-----------------The Debian version of Prayer is built with SSL support with sessioncache using libdb4.6, gzip Content-Transfer-Encoding, LDAP, and SystemV mutex support. The previous version, which was only uloaded to theexperimental distribution, was heavily patched to add UTF-8 and IPv6support among other things. All that has been incorporated andimproved by upstream in 1.1.0. The remaining patches concern changesto the default configuration as detailed below, or fix bugs. You canalways find information about patches in changelog.Debian.gz.To enable Prayer, you must edit /etc/default/prayer and changeENABLED=0 to ENABLED=1. But before you do that you should go through/etc/prayer/prayer.cf and adapt it to your needs. In particular, ifyou already run a web server on this machine you need to changeuse_http_port (and use_https_port) to something else.Debian-specific configuration defaults:* Static files (templates, icons, CSS files) are installed in/usr/share/prayer in accordance with policy. The prefix optionpoints there, while var_prefix, the location of pid files(pid_dir), sockets (socket_dir), and the SSL session cache(ssl_session_dir), is /var/run/prayer and subdirectories. Logfiles are written to /var/log/prayer (log_dir) and /tmp is used totemporarily store uploaded attachments (tmp_dir).* Prayer by default runs as user prayer (created on install) andgroup nogroup. The prayer user is added to the ssl-cert group oninstallation, so that it can access keys in /etc/ssl/private.* ssl_cert_file and ssl_privatekey_file point to the "snake oil"certificate and key created by the ssl-cert package, so that youonly have to uncomment use_https_port to enable encryption. For aproduction server you should of course install a real certificate.* Support for SSL session caching is compiled in, but caching isdisabled by default, as it probably doesn't make that much adifference on modern hardware. To enable it, uncomment thessl_session_timeout setting in prayer.cf. You should also arrangefor prayer-ssl-prune to be run periodically, for example by placinga symlink to it in /etc/cron.hourly or /etc/cron.daily.* The default IMAP folders for sent mail (sent_mail_folder) anddrafts (postponed_folder) are "Sent" and "Drafts", respectively,the default for Mozilla Thunderbird and others (although many IMAPclients unfortunately use localized folder names).* socket_split_dir is off by default to reduce complexity whentesting. You will probably only need it if you have lots ofsimultaneous users and a file system without directory indexes.Customizing templates:To use customized templates you must set template_use_compiled toFALSE in prayer.cf. Then copy the template (.t file) you wish tocustomize from /usr/share/prayer/templates to the correspondinglocation under /etc/prayer/templates and edit it there. Prayer willstill use the compiled-in versions of the remaining templates, thanksto a small patch.Quirks:* If your IMAP server supports STARTTLS, then Prayer (actually thelibc-client IMAP client library) will use it automatically. Todisable, append "/notls" to the IMAP server name(s) specified withimapd_server. To force TLS, append "/tls". Make sure that theserver name you specify for imapd_server in prayer.cf matches theCommon Name in the SSL certificate; otherwise libc-client willrefuse to accept it. To disable that check, use "/novalidate-cert".Other switches you can append are listed in the file naming.txt.gzin the documentation directory of the C-client library.* If your IMAP server is Dovecot (or any of a number of others,probably), then you must change prefs_folder_name to something notcontaining a dot. Unfortunately this means that the preferencefolder will be fully visible.* Prayer doesn't handle signals gracefully yet, which means that itwill leave SysV semaphores lying around when it is stopped orrestarted. You can use ipcs to find them and ipcrm to delete them.* While Prayer does its best to remove potentially harmful tags fromHTML email, it doesn't try to convert it to XHTML. This means thatPrayer's output is conformant XHTML only when not viewing HTMLmail.* Prayer deletes mail the IMAP way, which is by marking messages asdeleted and leaving them in their folders. Prayer always listsdeleted messages (with a special icon) and expunges (deletespermanently) deleted messages only when explicitly requested.Before that they can be undeleted at any time by "unmarking" them.Most mail client software deletes mail by moving it to a "trash"folder, which in reality means creating a copy in the trash folderand marking the original deleted. Messages that are marked asdeleted are usually never listed, cannot be unmarked, and are oftenautomatically expunged. These two approaches are ratherincompatible, but some software can take either.-- Magnus Holmgren <holmgren@debian.org>, Tue, 24 Jun 2008 00:11:04 +0200