-
Notifications
You must be signed in to change notification settings - Fork 8
Home
For the upstream TMDA documentation, see the TMDA homepage.
This began as a fork to update TMDA (Tagged Message Delivery Agent). However, most of the changes made here have now been incorporated into the upstream Subversion source. This project continues to track upstream changes, and has a few additions (like Debian packaging).
The current version is 1.1.12-kg3 (codenamed “Haumea”). There are .deb packages available on the Downloads page.
Alternatively, you may acquire the source via cloning or by downloading tarballs on the Downloads page. There are separate tags for releases from the master branch and the debian branch. The master branch simply lacks the Debian-specific things.
Some things to be aware of when installing from a deb package if you have previously installed an old Debian build or installed manually:
- The ‘tofmipd’ user needs to be a system user (usually this means the UID will be below 1000). If you have a non-system tofmipd user you should delete that user. Package configuration will fail with an error otherwise. It should succeed once the non-system user is gone. Note that any time you delete a user you should carefully check for files belonging to that user, as a new user might get assigned the (now unused) ID and inherit those files. The
-uidor-nouseroption to ‘find’ can help with this. -
PAM authentication is used by default. Edit
/etc/default/tmda-ofmipdto change authentication (or other) options. You can specify an authentication file anywhere you want, but a default file is installed at/etc/tmda-ofmipd.auth.
- tmda-ofmipd security fix: Don’t allow SSL version 2 by default. Also don’t accept weak ciphers by default.
- tmda-ofmipd security fix: Handle unexpected disconnects by closing the channel. Previously would try repeatedly to read the socket, producing 100% CPU load until the process was killed.
- Add
--ciphersoption in tmda-ofmipd, allowing selection of the SSL ciphers to use. - Also includes initial updates to support tmda-cgi, which might work, but no guarantees.
- Use Python’s subprocess module instead of popen2, and hashlib instead of sha1. Prevents DeprecationWarnings.
- Replace TMDA’s HMAC library with the standard Python hmac library.
- Remove local copy of the standard email library.
- Minor updates to unit tests for tmda-ofmipd authentication.
- Add unit tests for cookie generation.
- Fixed a bug that failed to convert ‘,’ and ‘.’ to ‘?’ in a keyword tag.
- New manpage to document filter file format (tmda-filter-format.5).
- Fix and clean up manpages.
- Addition of Debian/Ubuntu packaging
- Manpages
- Pages for executable scripts derived from script help output
- Page for user configuration variables generated automatically
- Separate tmda-smtp package for tmda-ofmipd
- init.d script
- Configuration script in /etc/defaults
- Debug script that uses init defaults and runs in the foreground with debug output
- Uses ssl-cert package to provide SSL or TLS with no extra setup (but it’s easy to select your own key and certificate)
- Manpages
- Replace tlslite with PyOpenSSL in tmda-ofmipd.
- Designed for future upgrade to Python 2.6 SSL library
- Works with Python 2.5
- Replace authentication backend in tmda-ofmipd
- Refactored and modularized so new methods can be added easily
- All previous modes still supported (file, checkpassword, imap, imaps, pop3, apop, ldap)
- Added PAM authentication
- Removed fallback option, instead each authentication method given in the command line is tried in turn
- New script to generate user configuration variable documentation
- Extensible — new output formats are easy to add
- Existing output formats
- Valid HTML 4.01 (strict)
- UNIX manpage
- MoinMoin wiki text
- Addition of some unit tests
- Misc. cleanup
- Tabs to spaces (PEP 8-compatible)
- <> to !=
- Some typos
- Fixes for some silly code bits (e.g., ‘foo in d.keys()’ to ‘foo in d’)