[deployment-guide/comm-rel: 441/727] fixed minor issues in ABRT chapter, updated Email chapter
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 13:01:55 UTC 2010
commit 4b9348395a34b28e34685650b328d25dd0ae9146
Author: Martin Prpic <mprpic at redhat.com>
Date: Fri Aug 20 14:03:31 2010 +0200
fixed minor issues in ABRT chapter, updated Email chapter
en-US/ABRT.xml | 51 ++++++------
en-US/Email.xml | 254 +++++++++++++++++++++++++++++++------------------------
2 files changed, 171 insertions(+), 134 deletions(-)
---
diff --git a/en-US/ABRT.xml b/en-US/ABRT.xml
index 3017421..e6742a1 100644
--- a/en-US/ABRT.xml
+++ b/en-US/ABRT.xml
@@ -50,7 +50,8 @@
<command>yum list all |grep abrt</command>
</screen>
</para>
-<!-- <itemizedlist>
+<!-- mprpic: list of all plugins removed, more on plugins in the Plugins section
+ <itemizedlist>
<listitem>
<para>
<package>abrt-desktop</package> — <application>ABRT</application>'s main package. Installing this package will install <application>ABRT</application> and also pull in several addon packages. Note that this package is installed by default on &MAJOROS;.</para>
@@ -155,7 +156,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>Kerneloops</term>
<listitem>
<para>
- — checks for crashes in the kernel and consequently collects kernel crash information. It can be enabled/disabled from loading at start-up in the <filename>/etc/abrt/plugins/Kerneloops.conf</filename> file.
+ — Checks for crashes in the kernel and consequently collects kernel crash information. It can be enabled/disabled from loading at start-up in the <filename>/etc/abrt/plugins/Kerneloops.conf</filename> file.
</para>
</listitem>
</varlistentry>
@@ -163,7 +164,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>Python</term>
<listitem>
<para>
- — checks for crashes in Python programs and consequently collects the crash information. It can be enabled/disabled from loading at start-up in the <filename>/etc/abrt/plugins/Python.conf</filename> file.
+ — Checks for crashes in Python programs and consequently collects the crash information. It can be enabled/disabled from loading at start-up in the <filename>/etc/abrt/plugins/Python.conf</filename> file.
</para>
</listitem>
</varlistentry>
@@ -171,7 +172,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>CCpp</term>
<listitem>
<para>
- — checks for crashes in C and C++ programs and consequently collects the crash information. It can be enabled/disabled from loading at start-up in the <filename>/etc/abrt/plugins/CCpp.conf</filename> file.
+ — Checks for crashes in C and C++ programs and consequently collects the crash information. It can be enabled/disabled from loading at start-up in the <filename>/etc/abrt/plugins/CCpp.conf</filename> file.
</para>
</listitem>
</varlistentry>
@@ -195,7 +196,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>MailX</term>
<listitem>
<para>
- — sends a crash report via the <application>mailx</application> utility to a specified email address.
+ — Sends a crash report via the <application>mailx</application> utility to a specified email address.
</para>
</listitem>
</varlistentry>
@@ -203,7 +204,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>Report Uploader</term>
<listitem>
<para>
- — reports crashes into an anonymous <systemitem class="protocol">FTP</systemitem> site associated with a ticketing system.
+ — Reports crashes into an anonymous <systemitem class="protocol">FTP</systemitem> site associated with a ticketing system.
</para>
</listitem>
</varlistentry>
@@ -211,7 +212,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>Bugzilla</term>
<listitem>
<para>
- — reports crashes into Bugzilla in the form of Bugzilla bugs.
+ — Reports crashes into Bugzilla in the form of Bugzilla bugs.
</para>
<note>
<title>Note</title>
@@ -225,7 +226,7 @@ Starting abrt daemon: [ OK ]</screen>
<term>Logger</term>
<listitem>
<para>
- — creates a crash report and saves it to a specified local file.
+ — Creates a crash report and saves it to a specified local file.
</para>
</listitem>
</varlistentry>
@@ -273,17 +274,17 @@ Starting abrt daemon: [ OK ]</screen>
<itemizedlist>
<listitem>
<para>
- <guilabel>Subject</guilabel> — a string that appears in the <literal>Subject</literal> field of a crash report email sent by <application>mailx</application> (by default, set to <literal>"[abrt] crash report"</literal>).
+ <guilabel>Subject</guilabel> — A string that appears in the <literal>Subject</literal> field of a crash report email sent by <application>mailx</application> (by default, set to <literal>"[abrt] crash report"</literal>).
</para>
</listitem>
<listitem>
<para>
- <guilabel>Your Email</guilabel> — a string that appears in the <literal>From</literal> field of a crash report email.
+ <guilabel>Your Email</guilabel> — A string that appears in the <literal>From</literal> field of a crash report email.
</para>
</listitem>
<listitem>
<para>
- <guilabel>Recipient's Email</guilabel> — email address of the recipient of a crash report email.
+ <guilabel>Recipient's Email</guilabel> — Email address of the recipient of a crash report email.
</para>
</listitem>
</itemizedlist>
@@ -301,27 +302,27 @@ Starting abrt daemon: [ OK ]</screen>
<itemizedlist>
<listitem>
<para>
- <guilabel>Customer</guilabel> — specifies customer's identification.
+ <guilabel>Customer</guilabel> — Specifies customer's identification.
</para>
</listitem>
<listitem>
<para>
- <guilabel>Ticket</guilabel> — specifies the Ticket ID number in a specific issue tracker that collects crash reports.
+ <guilabel>Ticket</guilabel> — Specifies the Ticket ID number in a specific issue tracker that collects crash reports.
</para>
</listitem>
<listitem>
<para>
- <guilabel>URL</guilabel> — specifies the URL of the issue tracker used to collect crash reports.
+ <guilabel>URL</guilabel> — Specifies the URL of the issue tracker used to collect crash reports.
</para>
</listitem>
<listitem>
<para>
- <guilabel>Retry count</guilabel> — specifies the number of retries should an upload fail.
+ <guilabel>Retry count</guilabel> — Specifies the number of retries should an upload fail.
</para>
</listitem>
<listitem>
<para>
- <guilabel>Retry delay</guilabel> — specifies the number or seconds between two retries.
+ <guilabel>Retry delay</guilabel> — Specifies the number or seconds between two retries.
</para>
</listitem>
</itemizedlist>
@@ -342,17 +343,17 @@ Starting abrt daemon: [ OK ]</screen>
<itemizedlist>
<listitem>
<para>
- <guilabel>Bugzilla URL</guilabel> — specifies the Bugzilla URL where crash dumps are sent (by default, set to <systemitem class="domainname">https://bugzilla.redhat.com</systemitem>).
+ <guilabel>Bugzilla URL</guilabel> — Specifies the Bugzilla URL where crash dumps are sent (by default, set to <systemitem class="domainname">https://bugzilla.redhat.com</systemitem>).
</para>
</listitem>
<listitem>
<para>
- <guilabel>Login (email)</guilabel> — user login which is used to log into Bugzilla and create a bug for a reported crash.
+ <guilabel>Login (email)</guilabel> — User login which is used to log into Bugzilla and create a bug for a reported crash.
</para>
</listitem>
<listitem>
<para>
- <guilabel>Password</guilabel> — password used to log into Bugzilla.
+ <guilabel>Password</guilabel> — Password used to log into Bugzilla.
</para>
</listitem>
</itemizedlist>
@@ -370,7 +371,7 @@ Starting abrt daemon: [ OK ]</screen>
<itemizedlist>
<listitem>
<para>
- <guilabel>Logger file</guilabel> — specifies a file into which the crash reports are saved (by default, set to <filename>/var/log/abrt.log</filename>).
+ <guilabel>Logger file</guilabel> — Specifies a file into which the crash reports are saved (by default, set to <filename>/var/log/abrt.log</filename>).
</para>
</listitem>
</itemizedlist>
@@ -421,27 +422,27 @@ Starting abrt daemon: [ OK ]</screen>
<itemizedlist>
<listitem>
<para>
- <command>Backtrace = <replaceable><yes/no></replaceable></command> — enables/disables backtrace generation.
+ <command>Backtrace = <replaceable><yes/no></replaceable></command> — Enables/Disables backtrace generation.
</para>
</listitem>
<listitem>
<para>
- <command>BacktraceRemotes = <replaceable><yes/no></replaceable></command> — for more information about this parameter, refer to <xref linkend="configuring-centralized-crash-collection"/>.
+ <command>BacktraceRemotes = <replaceable><yes/no></replaceable></command> — For more information about this parameter, refer to <xref linkend="configuring-centralized-crash-collection"/>.
</para>
</listitem>
<listitem>
<para>
- <command>InstallDebugInfo = <replaceable><yes/no></replaceable></command> — enables/disables the installation of <command>debuginfo</command> packages (useful if your network is not available or it is firewalled).
+ <command>InstallDebugInfo = <replaceable><yes/no></replaceable></command> — Enables/Disables the installation of <command>debuginfo</command> packages (useful if your network is not available or it is firewalled).
</para>
</listitem>
<listitem>
<para>
- <command>ReadonlyLocalDebugInfoDirs = /path1:/path2:...</command> — specifies the paths of local repositories (available, for example, through a network mount) that contain pre-downloaded <command>debuginfo</command> packages.
+ <command>ReadonlyLocalDebugInfoDirs = /path1:/path2:...</command> — Specifies the paths of local repositories (available, for example, through a network mount) that contain pre-downloaded <command>debuginfo</command> packages.
</para>
</listitem>
<listitem>
<para>
- <command>DebugInfoCacheMB = <constant>4000</constant></command> — specifies the maximum size of the cached <command>debuginfo</command> packages in the <filename>/var/cache/abrt-di</filename> directory.
+ <command>DebugInfoCacheMB = <constant>4000</constant></command> — Specifies the maximum size of the cached <command>debuginfo</command> packages in the <filename>/var/cache/abrt-di</filename> directory.
</para>
</listitem>
</itemizedlist>
diff --git a/en-US/Email.xml b/en-US/Email.xml
index 98f9154..efd684d 100644
--- a/en-US/Email.xml
+++ b/en-US/Email.xml
@@ -58,27 +58,37 @@
<tertiary>POP</tertiary>
</indexterm>
<!-- mhlavink: do we realy need paths to executables? -->
- <para>The default POP server under &MAJOROS; is <filename>/usr/bin/dovecot</filename> and is provided by the <package>dovecot</package> package. When using a POP server, email messages are downloaded by email client applications. By default, most POP email clients are automatically configured to delete the message on the email server after it has been successfully transferred, however this setting usually can be changed.</para>
- <para>POP is fully compatible with important Internet messaging standards, such as <firstterm>Multipurpose Internet Mail Extensions</firstterm> (<firstterm>MIME</firstterm>), which allow for email attachments.</para>
- <para>POP works best for users who have one system on which to read email. It also works well for users who do not have a persistent connection to the Internet or the network containing the mail server. Unfortunately for those with slow network connections, POP requires client programs upon authentication to download the entire content of each message. This can take a long time if any messages have large attachments.</para>
- <para>The most current version of the standard POP protocol is POP3.</para>
- <para>There are, however, a variety of lesser-used POP protocol variants:</para>
+ <para>The default POP server under &MAJOROS; is <application>Dovecot</application> and is provided by the <package>dovecot</package> package.
+ </para>
+ <note>
+ <title>Note: Installing the <package>dovecot</package> package</title>
+ <para>In order to use <application>Dovecot</application>, first ensure the <command>dovecot</command> package is installed on your system by running, as root:
+ </para>
+ <screen>~]# <command>yum install dovecot</command>
+ </screen>
+ <para>For more information on installing packages with Yum, refer to <xref linkend="sec-Installing"/>.</para>
+ </note>
+ <para>
+ When using a <systemitem class="protocol">POP</systemitem> server, email messages are downloaded by email client applications. By default, most <systemitem class="protocol">POP</systemitem> email clients are automatically configured to delete the message on the email server after it has been successfully transferred, however this setting usually can be changed.</para>
+ <para><systemitem class="protocol">POP</systemitem> is fully compatible with important Internet messaging standards, such as <firstterm>Multipurpose Internet Mail Extensions</firstterm> (<firstterm>MIME</firstterm>), which allow for email attachments.</para>
+ <para><systemitem class="protocol">POP</systemitem> works best for users who have one system on which to read email. It also works well for users who do not have a persistent connection to the Internet or the network containing the mail server. Unfortunately for those with slow network connections, <systemitem class="protocol">POP</systemitem> requires client programs upon authentication to download the entire content of each message. This can take a long time if any messages have large attachments.</para>
+ <para>The most current version of the standard <systemitem class="protocol">POP</systemitem> protocol is <systemitem class="protocol">POP3</systemitem>.</para>
+ <para>There are, however, a variety of lesser-used <systemitem class="protocol">POP</systemitem> protocol variants:</para>
<itemizedlist>
<listitem>
<para>
- <emphasis>APOP</emphasis> — POP3 with MDS authentication. An encoded hash of the user's password is sent from the email client to the server rather then sending an unencrypted password.</para>
+ <emphasis>APOP</emphasis> — <systemitem class="protocol">POP3</systemitem> with <systemitem class="service">MDS</systemitem> (Monash Directory Service) authentication. An encoded hash of the user's password is sent from the email client to the server rather then sending an unencrypted password.</para>
</listitem>
<listitem>
<para>
- <emphasis>KPOP</emphasis> — POP3 with Kerberos authentication.</para>
+ <emphasis>KPOP</emphasis> — <systemitem class="protocol">POP3</systemitem> with Kerberos authentication.</para>
</listitem>
<listitem>
<para>
- <emphasis>RPOP</emphasis> — POP3 with RPOP authentication. This uses a per-user ID, similar to a password, to authenticate POP requests. However, this ID is not encrypted, so RPOP is no more secure than standard POP.</para>
+ <emphasis>RPOP</emphasis> — <systemitem class="protocol">POP3</systemitem> with <systemitem class="server">RPOP</systemitem> authentication. This uses a per-user ID, similar to a password, to authenticate POP requests. However, this ID is not encrypted, so <systemitem class="protocol">RPOP</systemitem> is no more secure than standard <systemitem class="protocol">POP</systemitem>.</para>
</listitem>
</itemizedlist>
- <para>For added security, it is possible to use <firstterm>Secure Socket Layer</firstterm> (<firstterm>SSL</firstterm>) encryption for client authentication and data transfer sessions. This can be enabled by using the <command>ipop3s</command> service or by using the <command>/usr/sbin/stunnel</command> program. Refer to <xref
- linkend="s2-email-security"/> for more information.</para>
+ <para>For added security, it is possible to use <firstterm>Secure Socket Layer</firstterm> (<firstterm>SSL</firstterm>) encryption for client authentication and data transfer sessions. This can be enabled by using the <command>pop3s</command> service, or by using the <command>/usr/sbin/stunnel</command> application. For more information on securing email communication, refer to <xref linkend="s2-email-security"/>.</para>
</section>
<section
id="s3-email-protocols-imap">
@@ -89,11 +99,12 @@
<secondary>protocols</secondary>
<tertiary>IMAP</tertiary>
</indexterm>
- <para>The default IMAP server under &MAJOROS; is <filename>/usr/bin/dovecot</filename> and is provided by the <package>dovecot</package> package. When using an IMAP mail server, email messages remain on the server where users can read or delete them. IMAP also allows client applications to create, rename, or delete mail directories on the server to organize and store email.</para>
- <para>IMAP is particularly useful for those who access their email using multiple machines. The protocol is also convenient for users connecting to the mail server via a slow connection, because only the email header information is downloaded for messages until opened, saving bandwidth. The user also has the ability to delete messages without viewing or downloading them.</para>
- <para>For convenience, IMAP client applications are capable of caching copies of messages locally, so the user can browse previously read messages when not directly connected to the IMAP server.</para>
- <para>IMAP, like POP, is fully compatible with important Internet messaging standards, such as MIME, which allow for email attachments.</para>
- <para>For added security, it is possible to use <firstterm>SSL</firstterm> encryption for client authentication and data transfer sessions. This can be enabled by using the <command>imaps</command> service, or by using the <command>/usr/sbin/stunnel</command> program. For more information, refer to <xref linkend="s2-email-security"/>.</para>
+ <para>The default <systemitem class="protocol">IMAP</systemitem> server under &MAJOROS; is <application>Dovecot</application> and is provided by the <package>dovecot</package> package. Refer to <xref linkend="s3-email-protocols-pop"/> for information on how to install <application>Dovecot</application>.</para>
+ <para>When using an <systemitem class="protocol">IMAP</systemitem> mail server, email messages remain on the server where users can read or delete them. <systemitem class="protocol">IMAP</systemitem> also allows client applications to create, rename, or delete mail directories on the server to organize and store email.</para>
+ <para><systemitem class="protocol">IMAP</systemitem> is particularly useful for users who access their email using multiple machines. The protocol is also convenient for users connecting to the mail server via a slow connection, because only the email header information is downloaded for messages until opened, saving bandwidth. The user also has the ability to delete messages without viewing or downloading them.</para>
+ <para>For convenience, <systemitem class="protocol">IMAP</systemitem> client applications are capable of caching copies of messages locally, so the user can browse previously read messages when not directly connected to the <systemitem class="protocol">IMAP</systemitem> server.</para>
+ <para><systemitem class="protocol">IMAP</systemitem>, like <systemitem class="protocol">POP</systemitem>, is fully compatible with important Internet messaging standards, such as MIME, which allow for email attachments.</para>
+ <para>For added security, it is possible to use <systemitem class="protocol">SSL</systemitem> encryption for client authentication and data transfer sessions. This can be enabled by using the <command>imaps</command> service, or by using the <command>/usr/sbin/stunnel</command> program. For more information on securing email communication, refer to <xref linkend="s2-email-security"/>.</para>
<para>Other free, as well as commercial, IMAP clients and servers are available, many of which extend the IMAP protocol and provide additional functionality.</para>
</section>
<section
@@ -105,17 +116,20 @@
<secondary>protocols</secondary>
<tertiary>Dovecot</tertiary>
</indexterm>
- <para>The <command>imap-login</command> and <command>pop3-login</command> processes which implement the IMAP and POP3 protocols are spawned by the master <command>dovecot</command> daemon included in the <package>dovecot</package> package. The use of IMAP and POP is configured through <filename>dovecot.conf</filename>; by default <command>dovecot</command> runs IMAP and POP3 together with their secure versions using SSL. To configure <command>dovecot</command> to use POP:</para>
+ <para>The <command>imap-login</command> and <command>pop3-login</command> processes which implement the <systemitem class="protocol">IMAP</systemitem> and <systemitem class="protocol">POP3</systemitem> protocols are spawned by the master <systemitem class="daemon">dovecot</systemitem> daemon included in the <package>dovecot</package> package. The use of <systemitem class="protocol">IMAP</systemitem> and <systemitem class="protocol">POP</systemitem> is configured through the <filename>/etc/dovecot/dovecot.conf</filename> configuration file; by default <command>dovecot</command> runs <systemitem class="protocol">IMAP</systemitem> and <systemitem class="protocol">POP3</systemitem> together with their secure versions using <systemitem class="protocol">SSL</systemitem>. To configure <command>dovecot</command> to use <systemitem class="protocol">POP</systemitem>, complete the following steps:</para>
<orderedlist
continuation="restarts"
inheritnum="ignore">
<listitem>
- <para>Edit <filename>/etc/dovecot/dovecot.conf</filename> to make sure protocols variable contains pop3. For example:</para>
+ <para>Edit the <filename>/etc/dovecot/dovecot.conf</filename> configuration file to make sure the <literal>protocols</literal> variable is uncommented (remove the hash sign (<command>#</command>) at the beginning of the line) and contains the <literal>pop3</literal> argument. For example:</para>
<screen>protocols = imap imaps pop3 pop3s
</screen>
+ <para>
+ When the <literal>protocols</literal> variable is left commented out, <command>dovecot</command> will use the default values specified for this variable.
+ </para>
</listitem>
<listitem>
- <para>Make that change operational for the current session by running the command:</para>
+ <para>Make that change operational for the current session by running the following command:</para>
<screen>/sbin/service dovecot restart
</screen>
</listitem>
@@ -126,22 +140,22 @@
<note>
<title>Note</title>
<para>
- Please note that <command>dovecot</command> only reports that it started the IMAP server, but also starts the POP3 server.
+ Please note that <command>dovecot</command> only reports that it started the <systemitem class="protocol">IMAP</systemitem> server, but also starts the <systemitem class="protocol">POP3</systemitem> server.
</para>
</note>
</listitem>
</orderedlist>
- <para>Unlike SMTP, both of these protocols require connecting clients to authenticate using a username and password. By default, passwords for both protocols are passed over the network unencrypted.</para>
- <para>To configure SSL on dovecot:
+ <para>Unlike <systemitem class="protocol">SMTP</systemitem>, both <systemitem class="protocol">IMAP</systemitem> and <systemitem class="protocol">POP3</systemitem> require connecting clients to authenticate using a username and password. By default, passwords for both protocols are passed over the network unencrypted.</para>
+ <para>To configure <systemitem class="protocol">SSL</systemitem> on <command>dovecot</command>:
<itemizedlist>
<listitem>
- <para>Edit the <command>dovecot</command> configuration file <filename>/etc/pki/dovecot/dovecot-openssl.conf</filename> as you prefer. However in a typical installation, this file does not require modification.</para>
+ <para>Edit the <filename>/etc/pki/dovecot/dovecot-openssl.conf</filename> configuration file as you prefer. However, in a typical installation, this file does not require modification.</para>
</listitem>
<listitem>
<para>Rename, move or delete the files <filename>/etc/pki/dovecot/certs/dovecot.pem</filename> and <filename>/etc/pki/dovecot/private/dovecot.pem</filename>.</para>
</listitem>
<listitem>
- <para>Execute the <filename>/usr/libexec/dovecot/mkcert.sh</filename> script which creates the dovecot self signed certificates. The certificates are copied in the <filename>/etc/pki/dovecot/certs</filename> and <filename>/etc/pki/dovecot/private</filename> directories. To implement the changes, restart <command>dovecot</command> (<command>/sbin/service dovecot restart</command>).</para>
+ <para>Execute the <filename>/usr/libexec/dovecot/mkcert.sh</filename> script which creates the <command>dovecot</command> self signed certificates. These certificates are copied in the <filename>/etc/pki/dovecot/certs</filename> and <filename>/etc/pki/dovecot/private</filename> directories. To implement the changes, restart <command>dovecot</command> (<command>/sbin/service dovecot restart</command>).</para>
</listitem>
</itemizedlist>
More details on <command>dovecot</command> can be found online at <ulink
@@ -177,10 +191,10 @@
<primary>MTA</primary>
<see>Mail Transport Agent</see>
</indexterm>
- <para>A <firstterm>Mail Transport Agent</firstterm> (<firstterm>MTA</firstterm>) transports email messages between hosts using SMTP. A message may involve several MTAs as it moves to its intended destination.</para>
+ <para>A <firstterm>Mail Transport Agent</firstterm> (<firstterm>MTA</firstterm>) transports email messages between hosts using <systemitem class="protocol">SMTP</systemitem>. A message may involve several MTAs as it moves to its intended destination.</para>
<para>While the delivery of messages between machines may seem rather straightforward, the entire process of deciding if a particular MTA can or should accept a message for delivery is quite complicated. In addition, due to problems from spam, use of a particular MTA is usually restricted by the MTA's configuration or the access configuration for the network on which the MTA resides.</para>
<para>Many modern email client programs can act as an MTA when sending email. However, this action should not be confused with the role of a true MTA. The sole reason email client programs are capable of sending email like an MTA is because the host running the application does not have its own MTA. This is particularly true for email client programs on non-UNIX-based operating systems. However, these client programs only send outbound messages to an MTA they are authorized to use and do not directly deliver the message to the intended recipient's email server.</para>
- <para>Since &MAJOROS; installs two MTAs—Postfix and Sendmail—email client programs are often not required to act as an MTA. &MAJOROS; also includes a special purpose MTA called Fetchmail.</para>
+ <para>Since &MAJOROS; offers two MTAs—<firstterm>Postfix</firstterm> and <firstterm>Sendmail</firstterm>—email client programs are often not required to act as an MTA. &MAJOROS; also includes a special purpose MTA called <firstterm>Fetchmail</firstterm>.</para>
<para>For more information on Postfix, Sendmail, and Fetchmail, refer to <xref
linkend="s1-email-mta"/>.</para>
</section>
@@ -225,14 +239,14 @@
<primary>MUA</primary>
<see>Mail User Agent</see>
</indexterm>
- <para>A <firstterm>Mail User Agent</firstterm> (<firstterm>MUA</firstterm>) is synonymous with an email client application. An MUA is a program that, at the very least, allows a user to read and compose email messages. Many MUAs are capable of retrieving messages via the POP or IMAP protocols, setting up mailboxes to store messages, and sending outbound messages to an MTA.</para>
+ <para>A <firstterm>Mail User Agent</firstterm> (<firstterm>MUA</firstterm>) is synonymous with an email client application. An MUA is a program that, at the very least, allows a user to read and compose email messages. Many MUAs are capable of retrieving messages via the <systemitem class="protocol">POP</systemitem> or <systemitem class="protocol">IMAP</systemitem> protocols, setting up mailboxes to store messages, and sending outbound messages to an MTA.</para>
<para>MUAs may be graphical, such as <application>Evolution</application>, or have simple text-based interfaces, such as <application>pine</application>.</para>
</section>
</section>
<section
id="s1-email-mta">
<title>Mail Transport Agents</title>
- <para>&MAJOROS; includes two primary MTAs: Postfix and Sendmail. Postfix is configured as the default MTA, although it is easy to switch the default MTA to Sendmail. To switch the default MTA to Sendmail, you can either uninstall Postfix or use the <command>alternatives --config mta</command> command to switch to Sendmail. You can also use the <command>chkconfig</command> command to enable/disable the desired service.
+ <para>&MAJOROS; offers two primary MTAs: Postfix and Sendmail. Postfix is configured as the default MTA, although it is easy to switch the default MTA to Sendmail. To switch the default MTA to Sendmail, you can either uninstall Postfix or use the <command>alternatives --config mta</command> command to switch to Sendmail. You can also use the <command>chkconfig <replaceable><service></replaceable> <replaceable><on/off></replaceable> </command> command to enable/disable the desired service.
</para>
<section
id="s2-email-mta-postfix">
@@ -272,10 +286,6 @@
</listitem>
<listitem>
<para>
- <filename>aliases</filename> — A configurable list required by the mail protocol.</para>
- </listitem>
- <listitem>
- <para>
<filename>main.cf</filename> — The global Postfix configuration file. The majority of configuration options are specified in this file.</para>
</listitem>
<listitem>
@@ -287,15 +297,17 @@
<filename>transport</filename> — Maps email addresses to relay hosts.</para>
</listitem>
</itemizedlist>
+ <para>
+ The <filename>aliases</filename> file can be found in the <filename>/etc/</filename> directory. This file is shared between Postfix and Sendmail. It is a configurable list required by the mail protocol that describes user ID aliases.
+ </para>
<important>
<title>Important</title>
<para>The default <filename>/etc/postfix/main.cf</filename> file does not allow Postfix to accept network connections from a host other than the local computer. For instructions on configuring Postfix as a server for other clients, refer to <xref
linkend="s3-email-mta-postfix-conf"/>.</para>
</important>
- <para>When changing some options within files in the <filename>/etc/postfix/</filename> directory, it may be necessary to restart the <command>postfix</command> service for the changes to take effect. The easiest way to do this is to type the following command:</para>
- <screen>
-<command>/sbin/service postfix restart</command>
- </screen>
+ <para>
+ Restart the <systemitem class="service">postfix</systemitem> service after changing any options in the configuration files under the <filename>/etc/postfix</filename> directory in order for those changes to take effect (<command>/sbin/service postfix restart</command>).
+ </para>
</section>
<section
id="s3-email-mta-postfix-conf">
@@ -306,7 +318,7 @@
<para>Edit the <filename>/etc/postfix/main.cf</filename> file with a text editor, such as <command>vi</command>.</para>
</listitem>
<listitem>
- <para>Uncomment the <command>mydomain</command> line by removing the hash mark (<command>#</command>), and replace <replaceable>domain.tld</replaceable> with the domain the mail server is servicing, such as <command>example.com</command>.</para>
+ <para>Uncomment the <command>mydomain</command> line by removing the hash sign (<command>#</command>), and replace <replaceable>domain.tld</replaceable> with the domain the mail server is servicing, such as <command>example.com</command>.</para>
</listitem>
<listitem>
<para>Uncomment the <command>myorigin = $mydomain</command> line.</para>
@@ -332,7 +344,7 @@
</listitem>
</itemizedlist>
<para>Once these steps are complete, the host accepts outside emails for delivery.</para>
- <para>Postfix has a large assortment of configuration options. One of the best ways to learn how to configure Postfix is to read the comments within <filename>/etc/postfix/main.cf</filename>. Additional resources including information about LDAP and SpamAssassin integration are available online at <ulink
+ <para>Postfix has a large assortment of configuration options. One of the best ways to learn how to configure Postfix is to read the comments within the <filename>/etc/postfix/main.cf</filename> configuration file. Additional resources including information about <systemitem class="protocol">LDAP</systemitem> and SpamAssassin integration are available online at <ulink
url="http://www.postfix.org/">http://www.postfix.org/</ulink>.</para>
</section>
</section>
@@ -348,7 +360,7 @@
significance="normal">
<primary>Sendmail</primary>
</indexterm>
- <para>Sendmail's core purpose, like other MTAs, is to safely transfer email among hosts, usually using the SMTP protocol. However, Sendmail is highly configurable, allowing control over almost every aspect of how email is handled, including the protocol used. Many system administrators elect to use Sendmail as their MTA due to its power and scalability.</para>
+ <para>Sendmail's core purpose, like other MTAs, is to safely transfer email among hosts, usually using the <systemitem class="protocol">SMTP</systemitem> protocol. However, Sendmail is highly configurable, allowing control over almost every aspect of how email is handled, including the protocol used. Many system administrators elect to use Sendmail as their MTA due to its power and scalability.</para>
<section
id="s3-email-mta-sendmail-purpose">
<title>Purpose and Limitations</title>
@@ -362,7 +374,7 @@
<primary>Sendmail</primary>
<secondary>limitations</secondary>
</indexterm>
- <para>It is important to be aware of what Sendmail is and what it can do, as opposed to what it is not. In these days of monolithic applications that fulfill multiple roles, Sendmail may seem like the only application needed to run an email server within an organization. Technically, this is true, as Sendmail can spool mail to each users' directory and deliver outbound mail for users. However, most users actually require much more than simple email delivery. Users usually want to interact with their email using an MUA, that uses POP or IMAP, to download their messages to their local machine. Or, they may prefer a Web interface to gain access to their mailbox. These other applications can work in conjunction with Sendmail, but they actually exist for different reasons and can operate separately from one another.</para>
+ <para>It is important to be aware of what Sendmail is and what it can do, as opposed to what it is not. In these days of monolithic applications that fulfill multiple roles, Sendmail may seem like the only application needed to run an email server within an organization. Technically, this is true, as Sendmail can spool mail to each users' directory and deliver outbound mail for users. However, most users actually require much more than simple email delivery. Users usually want to interact with their email using an MUA, that uses <systemitem class="protocol">POP</systemitem> or <systemitem class="protocol">IMAP</systemitem>, to download their messages to their local machine. Or, they may prefer a Web interface to gain access to their mailbox. These other applications can work in conjunction with Sendmail, but they actually exist for different reasons and can operate separately from one another.</para>
<para>It is beyond the scope of this section to go into all that Sendmail should or could be configured to do. With literally hundreds of different options and rule sets, entire volumes have been dedicated to helping explain everything that can be done and how to fix things that go wrong. Refer to the <xref
linkend="s1-email-additional-resources"/> for a list of Sendmail resources.</para>
<para>This section reviews the files installed with Sendmail by default and reviews basic configuration changes, including how to stop unwanted email (spam) and how to extend Sendmail with the <firstterm>Lightweight Directory Access Protocol (LDAP)</firstterm>.</para>
@@ -375,14 +387,24 @@
<primary>Sendmail</primary>
<secondary>default installation</secondary>
</indexterm>
+ <para>In order to use Sendmail, first ensure the <package>sendmail</package> package is installed on your system by running, as root:</para>
+ <screen>~]# <command>yum install sendmail</command></screen>
+ <para>
+ In order to configure Sendmail, ensure the <package>sendmail-cf</package> package is installed on your system by running, as root:
+ </para>
+ <screen>~]# <command>yum install sendmail-cf</command></screen>
+ <para>For more information on installing packages with Yum, refer to <xref linkend="sec-Installing"/>.</para>
+ <para>
+ Before using Sendmail, the default MTA has to be switched from Postfix. For more information how to switch the default MTA refer to <xref linkend="s1-email-mta"/>.
+ </para>
<para>The Sendmail executable is <filename>/usr/sbin/sendmail</filename>.</para>
<para>Sendmail's lengthy and detailed configuration file is <filename>/etc/mail/sendmail.cf</filename>. Avoid editing the <filename>sendmail.cf</filename> file directly. To make configuration changes to Sendmail, edit the <filename>/etc/mail/sendmail.mc</filename> file, back up the original <filename>/etc/mail/sendmail.cf</filename>, and use the following alternatives to generate a new configuration file:</para>
<itemizedlist>
<listitem>
- <para>Use the included makefile in <filename>/etc/mail</filename> (<command>make all -C /etc/mail</command>) to create a new <filename>/etc/mail/sendmail.cf</filename> configuration file. All other generated files in <filename>/etc/mail</filename> (db files) will be regenerated if needed. The old makemap commands are still usable. The make command will automatically be used by <command>service sendmail start | restart | reload</command>.</para>
+ <para>Use the included makefile in <filename>/etc/mail</filename> (<command>make all -C /etc/mail</command>) to create a new <filename>/etc/mail/sendmail.cf</filename> configuration file. All other generated files in <filename>/etc/mail</filename> (db files) will be regenerated if needed. The old makemap commands are still usable. The make command will automatically be used by <command>/sbin/service sendmail start | restart | reload</command>.</para>
</listitem>
<listitem>
- <para>Alternatively you may use the <command>m4</command> macro processor to create a new <filename>/etc/mail/sendmail.cf</filename>. The <command>m4</command> macro processor is not installed by default. Before using it to create <filename>/etc/mail/sendmail.cf</filename>, install the <package>m4</package> package as the root user:</para>
+ <para>Alternatively you may use the <command>m4</command> macro processor to create a new <filename>/etc/mail/sendmail.cf</filename>. The <command>m4</command> macro processor is not installed by default. Before using it to create <filename>/etc/mail/sendmail.cf</filename>, install the <package>m4</package> package as root:</para>
<screen>yum install m4</screen>
</listitem>
</itemizedlist>
@@ -411,28 +433,23 @@
<filename>virtusertable</filename> — Specifies a domain-specific form of aliasing, allowing multiple virtual domains to be hosted on one machine.</para>
</listitem>
</itemizedlist>
- <para>Several of the configuration files in <filename>/etc/mail/</filename>, such as <filename>access</filename>, <filename>domaintable</filename>, <filename>mailertable</filename> and <filename>virtusertable</filename>, must actually store their information in database files before Sendmail can use any configuration changes. Restarting the <application>sendmail</application> service will cause the configuration changes to take effect:</para>
+ <para>Several of the configuration files in <filename>/etc/mail/</filename>, such as <filename>access</filename>, <filename>domaintable</filename>, <filename>mailertable</filename> and <filename>virtusertable</filename>, must actually store their information in database files before Sendmail can use any configuration changes. To include any changes made to these configurations in their database files, run the following command as root:</para>
<screen>
- <command>service sendmail restart</command>
+<command>makemap hash /etc/mail/<replaceable><name></replaceable> < /etc/mail/<replaceable><name></replaceable></command>
+ </screen>
+ <para>where <replaceable><name></replaceable> represents the name of the configuration file to be updated.
+ You may also restart the <systemitem class="service">sendmail</systemitem> service for the changes to take effect by running:</para>
+ <screen>
+<command>/sbin/service sendmail restart</command>
</screen>
- <!-- mlichvar: only necessary to restart the sendmail service
- To include any changes made to these configurations in their database files, run the following command:</para>
- <para>
- <command>makemap hash /etc/mail/<replaceable><name></replaceable> < /etc/mail/<replaceable><name></replaceable>
- </command>
- </para>
- <para>where <replaceable><name></replaceable> is replaced with the name of the configuration file to convert.</para>-->
<para>For example, to have all emails addressed to the <filename>example.com</filename> domain delivered to <email>bob at other-example.com</email>, add the following line to the <filename>virtusertable</filename> file:</para>
<screen>
<command>@example.com bob at other-example.com</command>
</screen>
<para>To finalize the change, the <filename>virtusertable.db</filename> file must be updated:</para>
<screen>
- <command>service sendmail restart</command>
+<command>makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable</command>
</screen>
- <!--using the following command as root:</para>
- <screen>makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable
-</screen>-->
<para>Sendmail will create an updated <filename>virtusertable.db</filename> file containing the new configuration.</para>
</section>
<section
@@ -453,9 +470,9 @@
<title>Caution</title>
<para>Before changing the <filename>sendmail.cf</filename> file, it is a good idea to create a backup copy.</para>
</warning>
- <para>To add the desired functionality to Sendmail, edit the <filename>/etc/mail/sendmail.mc</filename> file as the root user. Once you are finished, restart the <application>Sendmail</application> service and, if the <package>m4</package> package is installed, the m4 macro processor will automatically generate a new <filename>sendmail.cf</filename> configuration file:</para>
+ <para>To add the desired functionality to Sendmail, edit the <filename>/etc/mail/sendmail.mc</filename> file as root. Once you are finished, restart the <systemitem class="service">sendmail</systemitem> service and, if the <package>m4</package> package is installed, the <command>m4</command> macro processor will automatically generate a new <filename>sendmail.cf</filename> configuration file:</para>
<screen>
- <command>service sendmail restart</command>
+ <command>/sbin/service sendmail restart</command>
</screen>
<!--mlichvar: also happens automatically
When finished, use the <command>m4</command> macro processor to generate a new <filename>sendmail.cf</filename> by executing the following command:</para>
@@ -471,11 +488,11 @@
<title>Important</title>
<para>The default <filename>sendmail.cf</filename> file does not allow Sendmail to accept network connections from any host other than the local computer. To configure Sendmail as a server for other clients, edit the <filename>/etc/mail/sendmail.mc</filename> file, and either change the address specified in the <command>Addr=</command> option of the <command>DAEMON_OPTIONS</command> directive from <command>127.0.0.1</command> to the IP address of an active network device or comment out the <command>DAEMON_OPTIONS</command> directive all together by placing <command>dnl</command> at the beginning of the line. When finished, regenerate <filename>/etc/mail/sendmail.cf</filename> by restarting the service</para>
<screen>
-<command>service sendmail restart</command>
+<command>/sbin/service sendmail restart</command>
</screen>
</important>
- <para>The default configuration which ships with &MAJOROS; works for most SMTP-only sites. However, it does not work for UUCP (UNIX to UNIX Copy) sites. If using UUCP mail transfers, the <filename>/etc/mail/sendmail.mc</filename> file must be reconfigured and a new <filename>/etc/mail/sendmail.cf</filename> must be generated.</para>
- <para>Consult the <filename>/usr/share/sendmail-cf/README</filename> file before editing any files in the directories under the <filename>/usr/share/sendmail-cf</filename> directory, as they can affect the future configuration of <filename>/etc/mail/sendmail.cf</filename> files.</para>
+ <para>The default configuration which ships with &MAJOROS; works for most <systemitem class="protocol">SMTP</systemitem>-only sites. However, it does not work for <firstterm>UUCP</firstterm> (<firstterm>UNIX to UNIX Copy</firstterm>) sites. If using UUCP mail transfers, the <filename>/etc/mail/sendmail.mc</filename> file must be reconfigured and a new <filename>/etc/mail/sendmail.cf</filename> file must be generated.</para>
+ <para>Consult the <filename>/usr/share/sendmail-cf/README</filename> file before editing any files in the directories under the <filename>/usr/share/sendmail-cf</filename> directory, as they can affect the future configuration of the <filename>/etc/mail/sendmail.cf</filename> file.</para>
</section>
<section
id="s3-email-sendmail-changes-masquerading">
@@ -502,7 +519,7 @@ MASQUERADE_AS(`bigcorp.com.')dnl
MASQUERADE_DOMAIN(`bigcorp.com.')dnl
MASQUERADE_AS(bigcorp.com)dnl
</screen>
- <para>After generating a new <filename>sendmail.cf</filename> using <command>m4</command>, this configuration makes all mail from inside the network appear as if it were sent from <computeroutput>bigcorp.com</computeroutput>.</para>
+ <para>After generating a new <filename>sendmail.cf</filename> using the <command>m4</command> macro processor, this configuration makes all mail from inside the network appear as if it were sent from <computeroutput>bigcorp.com</computeroutput>.</para>
</section>
<section
id="s3-email-sendmail-stopping-spam">
@@ -513,22 +530,22 @@ MASQUERADE_AS(bigcorp.com)dnl
<secondary>spam</secondary>
</indexterm>
<para>Email spam can be defined as unnecessary and unwanted email received by a user who never requested the communication. It is a disruptive, costly, and widespread abuse of Internet communication standards.</para>
- <para>Sendmail makes it relatively easy to block new spamming techniques being employed to send junk email. It even blocks many of the more usual spamming methods by default. Main anti-spam features available in sendmail are <firstterm>header checks, relaying denial (default from version 8.9), access database and sender information checks.</firstterm>
+ <para>Sendmail makes it relatively easy to block new spamming techniques being employed to send junk email. It even blocks many of the more usual spamming methods by default. Main anti-spam features available in sendmail are <firstterm>header checks</firstterm>, <firstterm>relaying denial</firstterm> (default from version 8.9), <firstterm>access database and sender information checks</firstterm>.
</para>
- <para>For example, forwarding of SMTP messages, also called relaying, has been disabled by default since Sendmail version 8.9. Before this change occurred, Sendmail directed the mail host (<filename>x.edu</filename>) to accept messages from one party (<filename>y.com</filename>) and sent them to a different party (<filename>z.net</filename>). Now, however, Sendmail must be configured to permit any domain to relay mail through the server. To configure relay domains, edit the <filename>/etc/mail/relay-domains</filename> file and restart Sendmail.</para>
+ <para>For example, forwarding of <systemitem class="protocol">SMTP</systemitem> messages, also called relaying, has been disabled by default since Sendmail version 8.9. Before this change occurred, Sendmail directed the mail host (<filename>x.edu</filename>) to accept messages from one party (<filename>y.com</filename>) and sent them to a different party (<filename>z.net</filename>). Now, however, Sendmail must be configured to permit any domain to relay mail through the server. To configure relay domains, edit the <filename>/etc/mail/relay-domains</filename> file and restart Sendmail (<command>/sbin/service sendmail restart</command>).</para>
<para>However, many times users are bombarded with spam from other servers throughout the Internet. In these instances, Sendmail's access control features available through the <filename>/etc/mail/access</filename> file can be used to prevent connections from unwanted hosts. The following example illustrates how this file can be used to both block and specifically allow access to the Sendmail server:</para>
<screen>
<command>badspammer.com ERROR:550 "Go away and do not spam us anymore" tux.badspammer.com OK 10.0 RELAY</command>
</screen>
<para>This example shows that any email sent from <filename>badspammer.com</filename> is blocked with a 550 RFC-821 compliant error code, with a message sent back to the spammer. Email sent from the <filename>tux.badspammer.com</filename> sub-domain, is accepted. The last line shows that any email sent from the 10.0.*.* network can be relayed through the mail server.</para>
- <para>Because <filename>/etc/mail/access.db</filename> is a database, use <command>makemap</command> to activate any changes. Do this using the following command as root:</para>
+ <para>Because the <filename>/etc/mail/access.db</filename> file is a database, use the <command>makemap</command> command to update any changes. Do this using the following command as root:</para>
<screen>
<command>makemap hash /etc/mail/access < /etc/mail/access</command>
</screen>
- <para>Message header analysis allows you to reject mail based on header contents. SMTP servers store information about an emails journey in the message header. As the message travels from one MTA to another, each puts in a "Received" header above all the other Received headers. It is however important to note that this information may be altered by spammers.</para>
+ <para>Message header analysis allows you to reject mail based on header contents. <systemitem class="protocol">SMTP</systemitem> servers store information about an email's journey in the message header. As the message travels from one MTA to another, each puts in a <literal>Received</literal> header above all the other <literal>Received</literal> headers. It is important to note that this information may be altered by spammers.</para>
<para>The above examples only represent a small part of what Sendmail can do in terms of allowing or blocking access. Refer to the <filename>/usr/share/sendmail-cf/README</filename> for more information and examples.</para>
<para>Since Sendmail calls the Procmail MDA when delivering mail, it is also possible to use a spam filtering program, such as SpamAssassin, to identify and file spam for users. Refer to <xref
- linkend="s3-email-mda-spam"/> for more about using SpamAssassin.</para>
+ linkend="s3-email-mda-spam"/> for more information about using SpamAssassin.</para>
</section>
<section
id="s3-email-mta-sendmail-ldap">
@@ -538,20 +555,20 @@ MASQUERADE_AS(bigcorp.com)dnl
<primary>Sendmail</primary>
<secondary>LDAP and</secondary>
</indexterm>
- <para>Using the <firstterm>Lightweight Directory Access Protocol (LDAP)</firstterm> is a very quick and powerful way to find specific information about a particular user from a much larger group. For example, an LDAP server can be used to look up a particular email address from a common corporate directory by the user's last name. In this kind of implementation, LDAP is largely separate from Sendmail, with LDAP storing the hierarchical user information and Sendmail only being given the result of LDAP queries in pre-addressed email messages.</para>
- <para>However, Sendmail supports a much greater integration with LDAP, where it uses LDAP to replace separately maintained files, such as <filename>aliases</filename> and <filename>virtusertables</filename>, on different mail servers that work together to support a medium- to enterprise-level organization. In short, LDAP abstracts the mail routing level from Sendmail and its separate configuration files to a powerful LDAP cluster that can be leveraged by many different applications.</para>
- <para>The current version of Sendmail contains support for LDAP. To extend the Sendmail server using LDAP, first get an LDAP server, such as <application>OpenLDAP</application>, running and properly configured. Then edit the <filename>/etc/mail/sendmail.mc</filename> to include the following:</para>
+ <para>Using <systemitem class="protocol">LDAP</systemitem> is a very quick and powerful way to find specific information about a particular user from a much larger group. For example, an <systemitem class="protocol">LDAP</systemitem> server can be used to look up a particular email address from a common corporate directory by the user's last name. In this kind of implementation, <systemitem class="protocol">LDAP</systemitem> is largely separate from Sendmail, with <systemitem class="protocol">LDAP</systemitem> storing the hierarchical user information and Sendmail only being given the result of <systemitem class="protocol">LDAP</systemitem> queries in pre-addressed email messages.</para>
+ <para>However, Sendmail supports a much greater integration with <systemitem class="protocol">LDAP</systemitem>, where it uses <systemitem class="protocol">LDAP</systemitem> to replace separately maintained files, such as <filename>/etc/aliases</filename> and <filename>/etc/mail/virtusertables</filename>, on different mail servers that work together to support a medium- to enterprise-level organization. In short, <systemitem class="protocol">LDAP</systemitem> abstracts the mail routing level from Sendmail and its separate configuration files to a powerful <systemitem class="protocol">LDAP</systemitem> cluster that can be leveraged by many different applications.</para>
+ <para>The current version of Sendmail contains support for <systemitem class="protocol">LDAP</systemitem>. To extend the Sendmail server using <systemitem class="protocol">LDAP</systemitem>, first get an <systemitem class="protocol">LDAP</systemitem> server, such as <application>OpenLDAP</application>, running and properly configured. Then edit the <filename>/etc/mail/sendmail.mc</filename> to include the following:</para>
<screen>LDAPROUTE_DOMAIN('<replaceable>yourdomain.com</replaceable>')dnl
FEATURE('ldap_routing')dnl
</screen>
<note>
<title>Note</title>
- <para>This is only for a very basic configuration of Sendmail with LDAP. The configuration can differ greatly from this depending on the implementation of LDAP, especially when configuring several Sendmail machines to use a common LDAP server.</para>
- <para>Consult <filename>/usr/share/sendmail-cf/README</filename> for detailed LDAP routing configuration instructions and examples.</para>
+ <para>This is only for a very basic configuration of Sendmail with <systemitem class="protocol">LDAP</systemitem>. The configuration can differ greatly from this depending on the implementation of <systemitem class="protocol">LDAP</systemitem>, especially when configuring several Sendmail machines to use a common <systemitem class="protocol">LDAP</systemitem> server.</para>
+ <para>Consult <filename>/usr/share/sendmail-cf/README</filename> for detailed <systemitem class="protocol">LDAP</systemitem> routing configuration instructions and examples.</para>
</note>
<para>Next, recreate the <filename>/etc/mail/sendmail.cf</filename> file by running <command>m4</command> and again restarting Sendmail. Refer to <xref
linkend="s3-email-mta-sendmail-changes"/> for instructions.</para>
- <para>For more information on LDAP, refer to <xref
+ <para>For more information on <systemitem class="protocol">LDAP</systemitem>, refer to <xref
linkend="ch-Lightweight_Directory_Access_Protocol_LDAP"/>.</para>
</section>
</section>
@@ -567,9 +584,15 @@ FEATURE('ldap_routing')dnl
significance="normal">
<primary>Fetchmail</primary>
</indexterm>
- <para>Fetchmail is an MTA which retrieves email from remote servers and delivers it to the local MTA. Many users appreciate the ability to separate the process of downloading their messages located on a remote server from the process of reading and organizing their email in an MUA. Designed with the needs of dial-up users in mind, Fetchmail connects and quickly downloads all of the email messages to the mail spool file using any number of protocols, including POP3 and IMAP. It can even forward email messages to an SMTP server, if necessary.</para>
- <para>Fetchmail is configured for each user through the use of a <filename>.fetchmailrc</filename> file in the user's home directory.</para>
- <para>Using preferences in the <filename>.fetchmailrc</filename> file, Fetchmail checks for email on a remote server and downloads it. It then delivers it to port 25 on the local machine, using the local MTA to place the email in the correct user's spool file. If Procmail is available, it is launched to filter the email and place it in a mailbox so that it can be read by an MUA.</para>
+ <para>Fetchmail is an MTA which retrieves email from remote servers and delivers it to the local MTA. Many users appreciate the ability to separate the process of downloading their messages located on a remote server from the process of reading and organizing their email in an MUA. Designed with the needs of dial-up users in mind, Fetchmail connects and quickly downloads all of the email messages to the mail spool file using any number of protocols, including <systemitem class="protocol">POP3</systemitem> and <systemitem class="protocol">IMAP</systemitem>. It can even forward email messages to an <systemitem class="protocol">SMTP</systemitem> server, if necessary.</para>
+ <note>
+ <title>Note: Installing the <package>fetchmail</package> package</title>
+ <para>In order to use <application>Fetchmail</application>, first ensure the <package>fetchmail</package> package is installed on your system by running, as root:</para>
+ <screen>~]# <command>yum install fetchmail</command></screen>
+ <para>For more information on installing packages with Yum, refer to <xref linkend="sec-Installing"/>.</para>
+ </note>
+ <para>Fetchmail is configured for each user through the use of a <filename>.fetchmailrc</filename> file in the user's home directory. If it does not already exist, create the <filename>.fetchmailrc</filename> file in your home directory</para>
+ <para>Using preferences in the <filename>.fetchmailrc</filename> file, Fetchmail checks for email on a remote server and downloads it. It then delivers it to port <constant>25</constant> on the local machine, using the local MTA to place the email in the correct user's spool file. If Procmail is available, it is launched to filter the email and place it in a mailbox so that it can be read by an MUA.</para>
<section
id="s3-email-mda-fetchmail-configuration">
<title>Fetchmail Configuration Options</title>
@@ -607,17 +630,17 @@ FEATURE('ldap_routing')dnl
set bouncemail
poll pop.domain.com proto pop3
- user 'user1' there with password 'secret' is user1 here
+ user 'user1' there with password 'secret' is user1 here
poll mail.domain2.com
user 'user5' there with password 'secret2' is user1 here
user 'user7' there with password 'secret3' is user1 here</screen>
- <para>In this example, the global options specify that the user is sent email as a last resort (<command>postmaster</command> option) and all email errors are sent to the postmaster instead of the sender (<command>bouncemail</command> option). The <command>set</command> action tells Fetchmail that this line contains a global option. Then, two email servers are specified, one set to check using POP3, the other for trying various protocols to find one that works. Two users are checked using the second server option, but all email found for any user is sent to <command>user1</command>'s mail spool. This allows multiple mailboxes to be checked on multiple servers, while appearing in a single MUA inbox. Each user's specific information begins with the <command>user</command> action.</para>
+ <para>In this example, the global options specify that the user is sent email as a last resort (<command>postmaster</command> option) and all email errors are sent to the postmaster instead of the sender (<command>bouncemail</command> option). The <command>set</command> action tells Fetchmail that this line contains a global option. Then, two email servers are specified, one set to check using <systemitem class="protocol">POP3</systemitem>, the other for trying various protocols to find one that works. Two users are checked using the second server option, but all email found for any user is sent to <command>user1</command>'s mail spool. This allows multiple mailboxes to be checked on multiple servers, while appearing in a single MUA inbox. Each user's specific information begins with the <command>user</command> action.</para>
<note>
<title>Note</title>
<para>Users are not required to place their password in the <filename>.fetchmailrc</filename> file. Omitting the <command>with password '<password>'</command> section causes Fetchmail to ask for a password when it is launched.</para>
</note>
- <para>Fetchmail has numerous global, server, and local options. Many of these options are rarely used or only apply to very specific situations. The <filename>fetchmail</filename> man page explains each option in detail, but the most common ones are listed here.</para>
+ <para>Fetchmail has numerous global, server, and local options. Many of these options are rarely used or only apply to very specific situations. The <filename>fetchmail</filename> man page explains each option in detail, but the most common ones are listed in the following three sections.</para>
</section>
<section
id="s3-email-mda-fetchmail-configuration-global">
@@ -630,7 +653,7 @@ poll mail.domain2.com
</indexterm>
<indexterm
significance="normal">
- <primary>
+ <primary>ch-email
<filename>.fetchmailrc</filename>
</primary>
<secondary>global options</secondary>
@@ -891,7 +914,7 @@ poll mail.domain2.com
significance="normal">
<primary>postfix</primary>
</indexterm>
- <para>&MAJOROSVER; provides two MTAs: Sendmail and Postfix. If both are installed, <command>postfix</command> is the default MTA.</para>
+ <para>&MAJOROSVER; provides two MTAs: Postfix and Sendmail. If both are installed, Postfix is the default MTA.</para>
<!--silas: system-switch-mail is deprecated (use alternatives)-->
<!--<para>The <application>Mail Transport Agent Switcher</application> allows for the selection of either <command>sendmail</command>, or <command>postfix</command> as the default MTA for the system.</para>
<para>You should install the <package>system-switch-mail</package> package to use the text-based version of the <application>Mail Transport Agent Switcher</application> program. If you want to use the graphical version, install the <package>system-switch-mail-gnome</package> package.</para>
@@ -931,7 +954,7 @@ poll mail.domain2.com
id="s1-email-mda">
<title>Mail Delivery Agents</title>
<para>&MAJOROS; includes two primary MDAs, Procmail and <command>mail</command>. Both of the applications are considered LDAs and both move email from the MTA's spool file into the user's mailbox. However, Procmail provides a robust filtering system.</para>
- <para>This section details only Procmail. For information on the <command>mail</command> command, consult its man page.</para>
+ <para>This section details only Procmail. For information on the <command>mail</command> command, consult its man page (<command>man mail</command>).</para>
<indexterm
significance="normal">
<primary>email</primary>
@@ -942,10 +965,10 @@ poll mail.domain2.com
<primary>Procmail</primary>
</indexterm>
<para>Procmail delivers and filters email as it is placed in the mail spool file of the localhost. It is powerful, gentle on system resources, and widely used. Procmail can play a critical role in delivering email to be read by email client applications.</para>
- <para>Procmail can be invoked in several different ways. Whenever an MTA places an email into the mail spool file, Procmail is launched. Procmail then filters and files the email for the MUA and quits. Alternatively, the MUA can be configured to execute Procmail any time a message is received so that messages are moved into their correct mailboxes. By default, the presence of <filename>/etc/procmailrc</filename> or of a <filename>.procmailrc</filename> file (also called an <firstterm>rc</firstterm> file) in the user's home directory invokes Procmail whenever an MTA receives a new message.</para>
- <para>Whether Procmail acts upon an email message depends upon whether the message matches a specified set of conditions or <firstterm>recipes</firstterm> in the <filename>rc</filename> file. If a message matches a recipe, then the email is placed in a specified file, is deleted, or is otherwise processed.</para>
- <para>When Procmail starts, it reads the email message and separates the body from the header information. Next, Procmail looks for <filename>/etc/procmailrc</filename> and <filename>rc</filename> files in the <filename>/etc/procmailrcs</filename> directory for default, system-wide, Procmail environmental variables and recipes. Procmail then searches for a <filename>.procmailrc</filename> file in the user's home directory. Many users also create additional <filename>rc</filename> files for Procmail that are referred to within the <filename>.procmailrc</filename> file in their home directory.</para>
+ <para>Procmail can be invoked in several different ways. Whenever an MTA places an email into the mail spool file, Procmail is launched. Procmail then filters and files the email for the MUA and quits. Alternatively, the MUA can be configured to execute Procmail any time a message is received so that messages are moved into their correct mailboxes. By default, the presence of <filename>/etc/procmailrc</filename> or of a <filename>~/.procmailrc</filename> file (also called an <firstterm>rc</firstterm> file) in the user's home directory invokes Procmail whenever an MTA receives a new message. </para>
<para>By default, no system-wide <filename>rc</filename> files exist in the <filename>/etc/</filename> directory and no <filename>.procmailrc</filename> files exist in any user's home directory. Therefore, to use Procmail, each user must construct a <filename>.procmailrc</filename> file with specific environment variables and rules.</para>
+ <para>Whether Procmail acts upon an email message depends upon whether the message matches a specified set of conditions or <firstterm>recipes</firstterm> in the <filename>rc</filename> file. If a message matches a recipe, then the email is placed in a specified file, is deleted, or is otherwise processed.</para>
+ <para>When Procmail starts, it reads the email message and separates the body from the header information. Next, Procmail looks for a <filename>/etc/procmailrc</filename> file and <filename>rc</filename> files in the <filename>/etc/procmailrcs</filename> directory for default, system-wide, Procmail environmental variables and recipes. Procmail then searches for a <filename>.procmailrc</filename> file in the user's home directory. Many users also create additional <filename>rc</filename> files for Procmail that are referred to within the <filename>.procmailrc</filename> file in their home directory.</para>
<section
id="s2-email-procmail-configuration">
<title>Procmail Configuration</title>
@@ -961,9 +984,10 @@ poll mail.domain2.com
</primary>
</indexterm>
<para>The Procmail configuration file contains important environmental variables. These variables specify things such as which messages to sort and what to do with the messages that do not match any recipes.</para>
- <para>These environmental variables usually appear at the beginning of <filename>.procmailrc</filename> in the following format:</para>
+ <para>These environmental variables usually appear at the beginning of the <filename>~/.procmailrc</filename> file in the following format:</para>
<screen>
- <replaceable><env-variable></replaceable>="<replaceable><value></replaceable>"</screen>
+<replaceable><env-variable></replaceable>="<replaceable><value></replaceable>"
+ </screen>
<para>In this example, <command><replaceable><env-variable></replaceable>
</command> is the name of the variable and <command><replaceable><value></replaceable>
</command> defines the variable.</para>
@@ -976,18 +1000,18 @@ poll mail.domain2.com
</listitem>
<listitem>
<para>
- <command>INCLUDERC</command> — Specifies additional <filename>rc</filename> files containing more recipes for messages to be checked against. This breaks up the Procmail recipe lists into individual files that fulfill different roles, such as blocking spam and managing email lists, that can then be turned off or on by using comment characters in the user's <filename>.procmailrc</filename> file.</para>
+ <command>INCLUDERC</command> — Specifies additional <filename>rc</filename> files containing more recipes for messages to be checked against. This breaks up the Procmail recipe lists into individual files that fulfill different roles, such as blocking spam and managing email lists, that can then be turned off or on by using comment characters in the user's <filename>~/.procmailrc</filename> file.</para>
<para>For example, lines in a user's <filename>.procmailrc</filename> file may look like this:</para>
<screen>MAILDIR=$HOME/Msgs INCLUDERC=$MAILDIR/lists.rc INCLUDERC=$MAILDIR/spam.rc</screen>
- <para>If the user wants to turn off Procmail filtering of their email lists but leave spam control in place, they would comment out the first <command>INCLUDERC</command> line with a hash mark character (<command>#</command>).</para>
+ <para>To turn off Procmail filtering of email lists but leaving spam control in place, comment out the first <command>INCLUDERC</command> line with a hash sign (<command>#</command>).</para>
</listitem>
<listitem>
<para>
- <command>LOCKSLEEP</command> — Sets the amount of time, in seconds, between attempts by Procmail to use a particular lockfile. The default is eight seconds.</para>
+ <command>LOCKSLEEP</command> — Sets the amount of time, in seconds, between attempts by Procmail to use a particular lockfile. The default is <constant>8</constant> seconds.</para>
</listitem>
<listitem>
<para>
- <command>LOCKTIMEOUT</command> — Sets the amount of time, in seconds, that must pass after a lockfile was last modified before Procmail assumes that the lockfile is old and can be deleted. The default is 1024 seconds.</para>
+ <command>LOCKTIMEOUT</command> — Sets the amount of time, in seconds, that must pass after a lockfile was last modified before Procmail assumes that the lockfile is old and can be deleted. The default is <constant>1024</constant> seconds.</para>
</listitem>
<listitem>
<para>
@@ -1039,9 +1063,8 @@ poll mail.domain2.com
<para>The first two characters in a Procmail recipe are a colon and a zero. Various flags can be placed after the zero to control how Procmail processes the recipe. A colon after the <command><replaceable><flags></replaceable>
</command> section specifies that a lockfile is created for this message. If a lockfile is created, the name can be specified by replacing <command><replaceable><lockfile-name></replaceable>
</command>.</para>
- <para>A recipe can contain several conditions to match against the message. If it has no conditions, every message matches the recipe. Regular expressions are placed in some conditions to facilitate message matching. If multiple conditions are used, they must all match for the action to be performed. Conditions are checked based on the flags set in the recipe's first line. Optional special characters placed after the <command>*</command> character can further control the condition.</para>
- <para>The <command><replaceable><action-to-perform></replaceable>
- </command> specifies the action taken when the message matches one of the conditions. There can only be one action per recipe. In many cases, the name of a mailbox is used here to direct matching messages into that file, effectively sorting the email. Special action characters may also be used before the action is specified. Refer to <xref
+ <para>A recipe can contain several conditions to match against the message. If it has no conditions, every message matches the recipe. Regular expressions are placed in some conditions to facilitate message matching. If multiple conditions are used, they must all match for the action to be performed. Conditions are checked based on the flags set in the recipe's first line. Optional special characters placed after the asterisk character (<command>*</command>) can further control the condition.</para>
+ <para>The <command><replaceable><action-to-perform></replaceable></command> argument specifies the action taken when the message matches one of the conditions. There can only be one action per recipe. In many cases, the name of a mailbox is used here to direct matching messages into that file, effectively sorting the email. Special action characters may also be used before the action is specified. Refer to <xref
linkend="s3-email-procmail-recipes-special"/> for more information.</para>
<section
id="s2-email-procmail-recipes-delivering">
@@ -1111,7 +1134,7 @@ poll mail.domain2.com
</listitem>
<listitem>
<para>
- <command>H</command> — Parses the header of the message and looks for matching conditions. This occurs by default.</para>
+ <command>H</command> — Parses the header of the message and looks for matching conditions. This is the default behavior.</para>
</listitem>
<listitem>
<para>
@@ -1156,7 +1179,7 @@ poll mail.domain2.com
<tertiary>special actions</tertiary>
</indexterm>
<para>Special characters used before Procmail recipe conditions and actions change the way they are interpreted.</para>
- <para>The following characters may be used after the <command>*</command> character at the beginning of a recipe's condition line:</para>
+ <para>The following characters may be used after the asterisk character (<command>*</command>) at the beginning of a recipe's condition line:</para>
<itemizedlist>
<listitem>
<para>
@@ -1218,8 +1241,8 @@ poll mail.domain2.com
<para>A better solution is to point the recipe's action to a special mailbox, which can be checked from time to time to look for false positives. Once satisfied that no messages are accidentally being matched, delete the mailbox and direct the action to send the messages to <filename>/dev/null</filename>.</para>
</warning>
<para>The following recipe grabs email sent from a particular mailing list and places it in a specified folder.</para>
- <screen>:0: * ^(From|CC|To).*tux-lug tuxlug</screen>
- <para>Any messages sent from the <computeroutput>tux-lug at domain.com</computeroutput> mailing list are placed in the <filename>tuxlug</filename> mailbox automatically for the MUA. Note that the condition in this example matches the message if it has the mailing list's email address on the <computeroutput>From</computeroutput>, <computeroutput>CC</computeroutput>, or <computeroutput>To</computeroutput> lines.</para>
+ <screen>:0: * ^(From|Cc|To).*tux-lug tuxlug</screen>
+ <para>Any messages sent from the <computeroutput>tux-lug at domain.com</computeroutput> mailing list are placed in the <filename>tuxlug</filename> mailbox automatically for the MUA. Note that the condition in this example matches the message if it has the mailing list's email address on the <computeroutput>From</computeroutput>, <computeroutput>Cc</computeroutput>, or <computeroutput>To</computeroutput> lines.</para>
<para>Consult the many Procmail online resources available in <xref
linkend="s1-email-additional-resources"/> for more detailed and powerful recipes.</para>
</section>
@@ -1246,6 +1269,12 @@ poll mail.domain2.com
<para>Because it is called by Sendmail, Postfix, and Fetchmail upon receiving new emails, Procmail can be used as a powerful tool for combating spam.</para>
<para>This is particularly true when Procmail is used in conjunction with SpamAssassin. When used together, these two applications can quickly identify spam emails, and sort or destroy them.</para>
<para>SpamAssassin uses header analysis, text analysis, blacklists, a spam-tracking database, and self-learning Bayesian spam analysis to quickly and accurately identify and tag spam.</para>
+ <note>
+ <title>Note: Installing the <package>spamassassin</package> package</title>
+ <para>In order to use <application>SpamAssassin</application>, first ensure the <package>spamassassin</package> package is installed on your system by running, as root:</para>
+ <screen>~]# <command>yum install spamassassin</command></screen>
+ <para>For more information on installing packages with Yum, refer to <xref linkend="sec-Installing"/>.</para>
+ </note>
<para>The easiest way for a local user to use SpamAssassin is to place the following line near the top of the <filename>~/.procmailrc</filename> file:</para>
<screen>
<command>INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc</command>
@@ -1258,8 +1287,8 @@ poll mail.domain2.com
<command>:0 Hw * ^X-Spam-Status: Yes spam</command>
</screen>
<para>This rule files all email tagged in the header as spam into a mailbox called <filename>spam</filename>.</para>
- <para>Since SpamAssassin is a Perl script, it may be necessary on busy servers to use the binary SpamAssassin daemon (<command>spamd</command>) and client application (<command>spamc</command>). Configuring SpamAssassin this way, however, requires root access to the host.</para>
- <para>To start the <command>spamd</command> daemon, type the following command as root:</para>
+ <para>Since SpamAssassin is a Perl script, it may be necessary on busy servers to use the binary SpamAssassin daemon (<systemitem class="daemon">spamd</systemitem>) and the client application (<application>spamc</application>). Configuring SpamAssassin this way, however, requires root access to the host.</para>
+ <para>To start the <systemitem class="daemon">spamd</systemitem> daemon, type the following command as root:</para>
<screen>
<command>/sbin/service spamassassin start</command>
</screen>
@@ -1274,8 +1303,8 @@ poll mail.domain2.com
<section
id="s1-email-mua">
<title>Mail User Agents</title>
- <para>There are scores of mail programs available under &MAJOROS;. There are full-featured, graphical email client programs, such as <application>Evolution</application>, as well as text-based email programs such as <command>mutt</command>.</para>
- <para>The remainder of this section focuses on securing communication between the client and server.</para>
+ <para>&MAJOROS; offers a variety of email programs, both, graphical email client programs, such as <application>Evolution</application>, and text-based email programs such as <command>mutt</command>.</para>
+ <para>The remainder of this section focuses on securing communication between a client and a server.</para>
<section
id="s2-email-security">
<title>Securing Communication</title>
@@ -1285,7 +1314,7 @@ poll mail.domain2.com
<primary>email</primary>
<secondary>security</secondary>
</indexterm>
- <para>Like any other service that flows over a network unencrypted, important email information, such as usernames, passwords, and entire messages, may be intercepted and viewed by users on the network. Additionally, since the standard POP and IMAP protocols pass authentication information unencrypted, it is possible for an attacker to gain access to user accounts by collecting usernames and passwords as they are passed over the network.</para>
+ <para>Like any other service that flows over a network unencrypted, important email information, such as usernames, passwords, and entire messages, may be intercepted and viewed by users on the network. Additionally, since the standard <systemitem class="protocol">POP</systemitem> and <systemitem class="protocol">IMAP</systemitem> protocols pass authentication information unencrypted, it is possible for an attacker to gain access to user accounts by collecting usernames and passwords as they are passed over the network.</para>
<section
id="s3-email-security-clients">
<title>Secure Email Clients</title>
@@ -1295,8 +1324,8 @@ poll mail.domain2.com
<secondary>security</secondary>
<tertiary>clients</tertiary>
</indexterm>
- <para>Most Linux MUAs designed to check email on remote servers support SSL encryption. To use SSL when retrieving email, it must be enabled on both the email client and server.</para>
- <para>SSL is easy to enable on the client-side, often done with the click of a button in the MUA's configuration window or via an option in the MUA's configuration file. Secure IMAP and POP have known port numbers (993 and 995, respectively) that the MUA uses to authenticate and download messages.</para>
+ <para>Most Linux MUAs designed to check email on remote servers support SSL encryption. To use SSL when retrieving email, it must be enabled on both the email client and the server.</para>
+ <para>SSL is easy to enable on the client-side, often done with the click of a button in the MUA's configuration window or via an option in the MUA's configuration file. Secure <systemitem class="protocol">IMAP</systemitem> and <systemitem class="protocol">POP</systemitem> have known port numbers (993 and 995, respectively) that the MUA uses to authenticate and download messages.</para>
</section>
<section
id="s3-email-security-servers">
@@ -1314,19 +1343,19 @@ poll mail.domain2.com
</primary>
</indexterm>
<para>Offering SSL encryption to IMAP and POP users on the email server is a simple matter.</para>
- <para>First, create an SSL certificate. This can be done two ways: by applying to a <firstterm>Certificate Authority</firstterm> (<firstterm>CA</firstterm>) for an SSL certificate or by creating a self-signed certificate.</para>
+ <para>First, create an SSL certificate. This can be done in two ways: by applying to a <firstterm>Certificate Authority</firstterm> (<firstterm>CA</firstterm>) for an SSL certificate or by creating a self-signed certificate.</para>
<warning>
<title>Caution</title>
<para>Self-signed certificates should be used for testing purposes only. Any server used in a production environment should use an SSL certificate granted by a CA.</para>
</warning>
- <para>To create a self-signed SSL certificate for IMAP, change to the <filename>/etc/pki/tls/certs/</filename> directory and type the following commands as root:</para>
+ <para>To create a self-signed SSL certificate for <systemitem class="protocol">IMAP</systemitem>, change to the <filename>/etc/pki/tls/certs/</filename> directory and type the following commands as root:</para>
<screen>
-<command>rm -f cyrus-imapd.pem make cyrus-imapd.pem</command>
+<command>rm -f cyrus-imapd.pem; make cyrus-imapd.pem</command>
</screen>
<para>Answer all of the questions to complete the process.</para>
- <para>To create a self-signed SSL certificate for POP, change to the <filename>/etc/pki/tls/certs/</filename> directory, and type the following commands as root:</para>
+ <para>To create a self-signed SSL certificate for <systemitem class="protocol">POP</systemitem>, change to the <filename>/etc/pki/tls/certs/</filename> directory, and type the following commands as root:</para>
<screen>
-<command>rm -f ipop3d.pem make ipop3d.pem</command>
+<command>rm -f ipop3d.pem; make ipop3d.pem</command>
</screen>
<para>Again, answer all of the questions to complete the process.</para>
<important>
@@ -1336,6 +1365,13 @@ poll mail.domain2.com
<para>Once finished, execute the <command>/sbin/service xinetd restart</command> command to restart the <command>xinetd</command> daemon which controls <command>imapd</command> and <command>ipop3d</command>.</para>
<para>Alternatively, the <command>stunnel</command> command can be used as an SSL encryption wrapper around the standard, non-secure daemons, <command>imapd</command> or <command>pop3d</command>.</para>
<para>The <command>stunnel</command> program uses external OpenSSL libraries included with &MAJOROS; to provide strong cryptography and protect the connections. It is best to apply to a CA to obtain an SSL certificate, but it is also possible to create a self-signed certificate.</para>
+ <note>
+ <title>Note: Installing the <package>stunnel</package> package</title>
+ <para>In order to use <command>stunnel</command>, first ensure the <package>stunnel</package> package is installed on your system by running, as root:</para>
+ <screen>~]# <command>yum install stunnel</command></screen>
+ <para>For more information on installing packages with Yum, refer to <xref linkend="sec-Installing"/>.</para>
+ </note>
+
<para>To create a self-signed SSL certificate, change to the <filename>/etc/pki/tls/certs/</filename> directory, and type the following command:</para>
<screen>
<command>make stunnel.pem</command>
@@ -1345,7 +1381,7 @@ poll mail.domain2.com
<screen>
<command>/usr/sbin/stunnel -d 993 -l /usr/sbin/imapd imapd</command>
</screen>
- <para>Once this command is issued, it is possible to open an IMAP email client and connect to the email server using SSL encryption.</para>
+ <para>Once this command is issued, it is possible to open an <systemitem class="protocol">IMAP</systemitem> email client and connect to the email server using SSL encryption.</para>
<para>To start the <command>pop3d</command> using the <command>stunnel</command> command, type the following command:</para>
<screen>
<command>/usr/sbin/stunnel -d 995 -l /usr/sbin/pop3d pop3d</command>
More information about the docs-commits
mailing list