From 09ca4fea45f2548d429a59a742593ebb5ebcbfab Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 6 Sep 2012 23:14:55 +0200 Subject: Post meeting changes. --- todo.org | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'todo.org') diff --git a/todo.org b/todo.org index e5ea03c..8c76a52 100644 --- a/todo.org +++ b/todo.org @@ -28,7 +28,7 @@ CLOSED: [2012-06-14 Thu 19:44] Information on this can be found in admin log-file ** TODO Fix so that we can use better value for RC imap auth type Currently, we have $rcmail_config['imap_auth_type'] = 'plain'; -** TODO Determine how we should handle RC identities +** CANCELED Determine how we should handle RC identities e.g. $rcmail_config['identities_level'] = 0; is not ideal there should be some sort of verification before emailing, such that a user e.g. cannot email from our webmail using admin@fripost.org - Look into the details of how RoundCube handles identities @@ -45,19 +45,19 @@ CLOSED: [2012-08-20 Mon 01:25] - Experiment header forging to masquerade the sender's IP. ** TODO How to publish our SSL certificates? MonkeySphere? http://web.monkeysphere.info/ ** TODO Make proper certificates on the smarthosts too? -** TODO lists.fripost.org and www.fripost.org should be added to the SN list for fripost.org's SSL certificate. -** TODO Add a CNAME `ldap.fripost.org' -> `mistral.fripost.org'. - -* New propositions, waiting for approval -** When upgrading to Dovecot v2.x (wait for the next Debian stable - wheezy): +** TODO lists.fripost.org, www.fripost.org and git.fripost.org should be added to the SN list for fripost.org's SSL certificate. +** DONE Add a CNAME `ldap.fripost.org' -> `mistral.fripost.org'. +** TODO When upgrading to Dovecot v2.x (wait for the next Debian stable - wheezy): replace the LDA by the new LMTP service. http://wiki2.dovecot.org/LMTP . -** When upgrading to Dovecot v2.x (wait for the next Debian stable - wheezy): +** TODO When upgrading to Dovecot v2.x (wait for the next Debian stable - wheezy): convert the maiboxes from maildir to Dovecot's high performance mdbox format http://wiki2.dovecot.org/MailboxFormat/dbox . -** Do not deliver any content via HTTP (redirect everything to https://). -** Set up an Asterisk server? -** Should we log every single change made to the LDAP directory? +** TODO Do not deliver any content via HTTP (redirect everything to https://). +** TODO Should we log every single change made to the LDAP directory? http://www.openldap.org/doc/admin24/overlays.html#Audit%20Logging +for 3 days + +* New propositions, waiting for approval ** Shouldn't we obfuscate our logs (e.g., successuful IMAP/SASL authentication)? * Deferred projects @@ -77,12 +77,12 @@ Wait for the next Debian stable (wheezy)? *** Hardware is needed ** Distributed storage for backups - Tahoe FS/LAFS. -** Implement quotas +** DONE Implement quotas Can probably wait until December 23, 2012. ** Write a policy for our PGP-keys [[http://www.haven-project.org/][Haven Project]] -** Evaluate cfengine +** Evaluate cfengine vs. chef vs. puppet ** DONE fripost-adduser should not allow user to be added if there is an alias by that name CLOSED: [2012-06-14 Thu 19:56] - State "DONE" from "" [2012-06-14 Thu 19:56] @@ -90,6 +90,7 @@ CLOSED: [2012-06-14 Thu 19:56] * Maybe ** Create a mail gateway to change settings +** Set up an Asterisk server (VoIP) ** Evaluate SSH-tunnels vs VPN ** Evaluating changing Apache to nginx -- cgit v1.2.3