From 4585b123f563e2934545e3b5a5cd3fb1a0edaa66 Mon Sep 17 00:00:00 2001 From: rhatto Date: Thu, 12 Oct 2006 19:22:33 +0000 Subject: now all admin commands can be accessed via firma --help command --- README | 64 ++++++++++++++++++++++++++++++++++++---------------------------- 1 file changed, 36 insertions(+), 28 deletions(-) (limited to 'README') diff --git a/README b/README index d203601..e6d6a7d 100755 --- a/README +++ b/README @@ -134,14 +134,14 @@ Setup Firma installation is quite simple: - 1 - create a folder to store lists; by default firma use /usr/local/etc/lists + 1 - Create a folder to store lists; by default firma use /usr/local/etc/lists but you can use anything, just edit firma and change FIRMA_LIST_PATH variable. - 2 - copy firma script to whatever you like, e.g. /usr/local/bin and check that + 2 - Copy firma script to whatever you like, e.g. /usr/local/bin and check that it has no write permission - 3 - create a list-wide config file (default is /usr/local/etc/firma.conf) with + 3 - Create a list-wide config file (default is /usr/local/etc/firma.conf) with the common definitions for all lists, GPG_BINARY= path to the GnuPG binary @@ -149,17 +149,17 @@ Setup MAIL_AGENT_ARGS= command-line arguments to be passed to the command above LISTS_DIR= path to the mailing lists directory - all those variables can be overwritten at each list's own config file; - firma.conf should be chmoded as 600, chowned nobody.nobdy or whatever - user your MTA runs. If you run postfix, the user is specified by the - main.cf parameter "default_privs". + All those variables can be overwritten at each list's own config file; + firma.conf should be chmoded as 600, chowned nobody.nobdy or whatever + user your MTA runs. If you run postfix, the user is specified by the + main.cf parameter "default_privs". - we suggest you to use + We suggest you to use MAIL_AGENT=/usr/sbin/sendmail MAIL_AGENT_ARGS=-t - as optional parameters, you can also set + As optional parameters, you can also set USER= user that runs firma (usually the same as your MTA user); defaults to "nobody"; you can also specify this parameter @@ -191,23 +191,27 @@ Setup KEYSERVER= default keyserver to import/export keys (defaults to keyserver.noreply.org) - 4 - then create your lists with the command + For a list of all config parameters, type + + firma --help config + + 4 - Then create your lists with the command firma -c your-list - this will ask some questions and create a gpg keyring and a config file - with the following variables: + Then firma will ask some questions and create a gpg keyring and a config + file with the following variables: LIST_ADDRESS= list's email address LIST_ADMIN= list's administrators email addresses (space separated) LIST_HOMEDIR= list's GnuPG homedir, where the list's keyrings are located PASSPHRASE= passphrase for the list's private keyring - then a gpg keypair and a config file are automatically generated; + Then a gpg keypair and a config file are automatically generated; the owner of the config file and keyring should be nobody.nobody (or the user your MTA run as) and its permissions must be 600. - after it you can add some optional parameters on this list config file: + After that you can add some optional parameters on this list config file: SUBJECT_PREFIX= prefix to be included in the subject of list messages @@ -231,7 +235,11 @@ Setup this doesnt affect the way email administration works, when signature is mandatory - 5 - create an alias to the list at your MTA; on sendmail or postfix, + For a list of all config parameters, type + + firma --help config + + 5 - Create an alias to the list at your MTA; on sendmail or postfix, add this to your aliases file: your-list: "| /usr/local/bin/firma -p your-list" @@ -244,7 +252,7 @@ Setup alternatively, you can use a virtual mailbox table if you want to easily host a lot of encrypted mailing lists. - 6 - admin tasks are performed through aliases like your-list-request@yourmachine + 6 - Admin tasks are performed through aliases like your-list-request@yourmachine or via command-line: firma -a your-list @@ -267,14 +275,14 @@ Setup uses the given address for message delivery instead of the primary address of a subscribed key - 7 - to subscribe and unsubscribe manually the users and the list admins on, use + 7 - To subscribe and unsubscribe manually the users and the list admins on, use a command line like gpg --homedir [path-to-your-list-keyring] --import < file and be sure that after this command the list keyring is owned by nobody.nobody. - 8 - send encrypted AND signed messages to your-list@yourmachine and look + 8 - Send encrypted AND signed messages to your-list@yourmachine and look what happens :) Tips @@ -290,32 +298,32 @@ Design and features Firma is simple but its simplicity doesn't reflect in lack of design. - - uses a gpg keyring to store both the keys and the subscribers options + - Uses a gpg keyring to store both the keys and the subscribers options - - command line is simple to avoid admin tasks resting in some .bash_history + - Command line is simple to avoid admin tasks resting in some .bash_history - - non-pgp blocks in a message are discarded since we don't want to deal with + - Non-pgp blocks in a message are discarded since we don't want to deal with unencrypted content - - all unwanted email headers are striped as a privacy measure for who sends + - All unwanted email headers are striped as a privacy measure for who sends the message - - firma doesn't use any disk write when processing a message; no temp files + - Firma doesn't use any disk write when processing a message; no temp files that may rest in the system; everything goes in memory (but take care, sometimes it will use the swap and then is best to make it encrypted) - - by default it doesn't archive messages in the server + - By default it doesn't archive messages in the server - - by default it removes the Subject header and put it inside the encrypted + - By default it removes the Subject header and put it inside the encrypted message, as Subject are outside the PGP/MIME context - - messages appear to be sent To: Undisclosed Recipients + - Messages appear to be sent To: Undisclosed Recipients Major features are: - - keyring support + - Keyring support - - administration through email or command-line + - Administration through email or command-line 8 - Caveats -- cgit v1.2.3