From: Rhonda D'Vine Date: Thu, 13 Jul 2023 21:30:33 +0000 (+0200) Subject: clearification X-Git-Url: https://git.deb.at/?p=debienna.git;a=commitdiff_plain;h=HEAD;hp=c8a78789b37b5ce79a849d70d86b02d86156036f clearification --- diff --git a/Kalender/2019-06-20/index.mdwn b/Kalender/2019-06-20/index.mdwn index bcb9f57..77cfa66 100644 --- a/Kalender/2019-06-20/index.mdwn +++ b/Kalender/2019-06-20/index.mdwn @@ -17,9 +17,9 @@ Baustelle) ### Themen - [Buster Release am 06.07.2019](https://lists.debian.org/debian-devel-announce/2019/06/msg00003.html) -- automatische updates warum?: Betroffene Pakete: unattended-upgrades, apt-config-auto-update; Config: /etc/apt/apt.conf.d/10periodic, /etc/apt/apt.conf.d/20auto-upgrades, /etc/apt/apt.conf.d/50unattended-upgrades -- Spectre/Meltdown/MDS: Package: spectre-meltdown-checker -- eatmydata und pbuilder +- automatische updates warum?: Betroffene Pakete: [[!debpkg unattended-upgrades]], [[!debpkg apt-config-auto-update]]; Config: /etc/apt/apt.conf.d/10periodic, /etc/apt/apt.conf.d/20auto-upgrades, /etc/apt/apt.conf.d/50unattended-upgrades +- Spectre/Meltdown/MDS: Package: [[!debpkg spectre-meltdown-checker]] +- [[!debpkg eatmydata]] und [[!debpkg pbuilder]] (3.5x speedup beim installieren der pakete!) - irgendwas mit Würmern - Schlangen - [Parrots the Universe and Everything](https://www.youtube.com/watch?v=_ZG8HBuDjgc) diff --git a/Kalender/2019-09-19/index.mdwn b/Kalender/2019-09-19/index.mdwn new file mode 100644 index 0000000..adcc871 --- /dev/null +++ b/Kalender/2019-09-19/index.mdwn @@ -0,0 +1,27 @@ +[[!meta date="2019-09-19"]] + +### Ort + +im [Metalab](http://www.metalab.at/) ab 19:00. (Hauptraum, die Bib ist noch +Baustelle) + +## Wer kommt/ist da + +- Ich +- Du +- Er +- Sie +- Es +- Du? + +### Themen + +- dovecot server per [ansible rule](https://gitea.multiname.org/ibu/ansible-mailserver-buster) deployen +- Tool zum checken der Passwort strengh [[!debpkg python3-zxcvbn]] +- NTFS Festplatten kopieren mittels **ntfsclone** aus [[!debpkg ntfs-3g]] +- Oder grundsätzlich platten clonen mittels [[!debpkg partimage]] - macht das +auch komprimiert. +- Aber achtung, UEFI kann da reinpfuschen wenn man zB eine Partition sichern +will und später zurückspielen. +- mutt tools: [[!debpkg isync]], [[!debpkg abook]] oder [[!debpkg khard]] oder +[[!debpkg maildir-utils]] diff --git a/Kalender/2019-10-17/email_journey.md b/Kalender/2019-10-17/email_journey.md new file mode 100644 index 0000000..b6fdb58 --- /dev/null +++ b/Kalender/2019-10-17/email_journey.md @@ -0,0 +1,1309 @@ +--- +title: email - towards a less terrible setup +author: al.t +... + +# **prelude - the used presentation toolchain** + +## *how to make presentations easier, faster and more awesome in general* + +### Software options + * patat (uses pandoc to convert from $WHATEVER to terminal-presentation) + + https://github.com/jaspervdj/patat + * mdp (uses a specific markdown-flavour for terminal-presentation) + + https://github.com/visit1985/mdp + * tpp (uses a own dialect, more control over presentation) + + https://github.com/cbbrowne/tpp + * hovercraft (converts reStructuredText to impress.js, needs the GUI) + + https://regebro.github.io/hovercraft/ + + +### Chosen presentation software + + + +NAME + patat - Presentations Atop The ANSI Terminal + +SYNOPSIS + patat [*options*] file + +DESCRIPTION + Controls + * Next slide: space, enter, l, →, PageDown + * Previous slide: backspace, h, ←, PageUp + * Go forward 10 slides: j, ↓ + * Go backward 10 slides: k, ↑ + * First slide: 0 + * Last slide: G + * Reload file: r + * Quit: q + + + +--- + + + +# **Content** + + +## *whoami and why that setup* + + +## *howto $WHATEVER -> maildir* + + +## *access online folders* + + +## *alpine* + + +## *mbsync (isync)* + + +## *msmtp* + + +## *(neo)mutt* + + +## *notmuch or mu (maildir-utils) or mairix* + + +## *nmh or mmh* + + +## *open issues* + + + +--- + + + +# **whoami and why that setup** + +## legacy backup data + + * used different (non-linux) os + * restrictive environments (cannot install software) + * multiple languages (use of many non-ASCII-characters) + + * used different email-clients + * webmail with saved messages + * MS Outlook + * single messages (.msg) + * message archives (.pst) + * Mozilla Thunderbird + * single messages (.eml) + * message archives (.mbox) + +## goals + +having an email-setup, which fulfills the following demands + + * not lose any data (although being old) + * convert everything in a common file format + * use the same data structure for in-use emails and archived emails + * be able to perform incremental backups + * no risk of vendor-lock-in (use only FLOSS-tools in Debian-main-repositories) + * separation between configuration and email-data + * not resource-intensive while fast + * being able to handle > 100K of messages + + * if possible: CLI/TUI-tools + +*solution: in a first step, convert legacy messages to maildir* + + + +--- + + + +# **howto $WHATEVER -> maildir** + + +## *detox* + +detox - replace problematic characters in filenames + +`$ detox -r *` + +* -r recurse to subdirectories + + +## *msgconvert (libemail-outlook-message-perl)* + +libemail-outlook-message-perl - module for reading Outlook .msg files + +`$ msgconvert *.msg` + +CAVE: msgconvert converts messages by default into .eml-files + + +## *Mozilla Thunderbird (thunderbird)* + +thunderbird: cross platform standalone mail application + +usage: +start GUI -> install add-on ImportExportTools NG +right click on folder -> ImportExportTools NG -> "Import messages from directory (including subdirectories)" -> choose directory with .eml-files +right click on folder -> ImportExportTools NG -> "Export folder with subfolders (with structure)" -> choose directory for creating .mbox-file(s) + +CAVE: thunderbird stores messages by default in the .mbox-format, so exporting is strictly speaking not needed +CAVE: ugly, better toolchain needed (currently just workaround) + + +*current status: all messages converted from .msg/.eml to .mbox-files* + + + +--- + + + +# **howto $WHATEVER -> maildir** + + +## *readpst (pst-utils)* + +pst-utils: tools for reading Microsoft Outlook PST files + +`$ readpst -8 *.pst` + +* -8 output email bodies as UTF-8 instead of the original format + +CAVE: readpst converts messages by default into .mbox-files + + + +## *mb2md* + +mb2md — Converts Mbox mailboxes to Maildir format + +`$ mb2md -s $HOME/emails/sourcedir/ -R -d $HOME/emails/destdir/` + +* -s sourcedir +* -R run recursively +* -d destdir + +CAVE: mb2md does *NOT!* use relative paths from pwd, but from $HOME! + + +## *jdupes or fdupes* + +jdupes - identify and delete or link duplicate files +fdupes - identifies duplicate files within given directories (old) + +`$ jdupes -rdN FOLDER` + +* -r recurse to subdirectories +* -d delete duplicate files +* -N don't ask (noprompt) + +CAVE: this will *DELETE!* the duplicate files, pause and think before executing this command! + + +*current status: all messages in maildir-format, deduplicated (if hashes were identical)* + + +--- + + +# *Interlude* + +## random trivia + +*The GNOME foundation got sued by a patenet troll (Rothschild Patent Imaging, LLC) for using 'technology to transfer images'.* + +sources: +* https://itsfoss.com/shotwell-lawsuit/ +* https://www.patentprogress.org/2019/09/26/mythical-troll-attacks-gnome/ +* https://www.pro-linux.de/news/1/27473/patentklage-gegen-gnome-foundation.html +* https://www.golem.de/news/shotwell-patenttroll-verklagt-gnome-foundation-wegen-fotoverwaltung-1909-144089-rss.html +* https://www.zdnet.com/article/leave-gnome-alone-this-patent-troll-is-asking-for-trouble/ +* http://techrights.org/2019/09/25/microsoft-patent-troll-intellectual-ventures-gnome/ + +According to the techrights.org-source, Rothschild Patent Imaging, LLC, is connected to Microsoft + + +--- + + + +# **access online folders (using openssl)** + + +openssl - Secure Sockets Layer toolkit + + +*connect to the mail-server* +`$ openssl s_client -connect mail.example.com:993 -crlf` + +* -crlf translates a line feed from the terminal into CR+LF as required by some servers + + +*access the account* +> 1 LOGIN MYUSERNAME MYPASSWORDINPLAINTEXT + +alternative +`$ echo 'MYUSERNAMEMYUSERNAMEMYPASSWORDINPLAINTEXT' | base64` +cave: has to be deleted, therefore this doesn't work currently as expected + +to test the encoding use +`$ echo 'StringFromAbove' | base64 -d` + +`> 1 AUTHENTICATE PLAIN StringFromAbove` + + +*list the name of all folders within the account* +`> 2 LIST "" "\*"` + + + + +*select a folder (e.g. inbox) to test if it works* +`> 3 SELECT INBOX` + + +*logout* +`> 4 LOGOUT` + +## *troubleshoot the connection to each mail server in advance* + +*take note of the configuration details for the later steps* +* user names (with or without the addition of ...@example.com?) +* used ports (hopefully 993) +* names of folder (Sent or Inbox.Sent or something else?) + + +*current status: all accounts are accessable online using openssl* + + +--- + + + +# **alpine** + + +## *general information* + + +alpine - text-based email client, friendly for novices but powerful + + +for creating debug-information use +`$ alpine -d [0-9]` +alpine does *NOT!* store any credential information in its logs + +configuration is done in-program and stored in $HOME/.pinerc + +configuration is done using shortcuts (case-insensitive) or TUI + +information available at *http://alpine.x10host.com/* +the latest release is available at *http://alpine.x10host.com/alpine/release/* +the latest development version at *https://repo.or.cz/alpine.git* + +*the current developer and maintainer of alpine, __Eduardo Chappa__ (alpine.chappa@yandex.com or chappa@vfemail.net), is __extremely helpful__!* + + +## *base configuration* + + +to add a collection list (aka folder): +*M* (main menu) - *S* (setup) - *L* (collectionLists) - *A* (add collection list) + +to add a role (aka account details): +*M* - *S* - *R* (rules) - *R* (roles) - *A* (add) + +nano ('pico') is the default editor +available commands are displayed below ('nano-style') + +exemplary imap-access: *{mail.example.com/ssl/user=MY_USER_NAME}INBOX* +exemplary Fcc (sent): *{mail.example.com/ssl/user=MY_USER_NAME}INBOX.Sent* +exemplary smtp-access: *smtp.example.com/ssl/user=MY_USER_NAME* + +multiple accounts can be created using the above mentioned scheme + + + +--- + + + +# **alpine** + + +## *address book* + +the addressbook is located in *$HOME/.addressbook* + +to convert from abook to alpine-addressbook use +`$ abook --convert --infile $HOME/.abook/addressbook --outformat pine | sed 's/,.*//' | sed 's/(//' > ~/.addressbook` +(the sed-command is needed if multiple email-addresses per name are stored) + + +## *using ~/.pine\_passfile and ~/.alpine-smime/.pwd* + + +if compiled using `$ ./configure --with-passfile=$HOME/.pine-passfile`, passwords can be stored in that file if it exists (default in debian) + +to use this feature, `$ touch ~/.pine-passfile` + +the passfile is encrypted using the *$HOME/.alpine-smime/.pwd/MasterPassword.key* + +the key is a *2048 bit RSA key* (`$ openssl rsa -text -in ~/.alpine-smime/.pwd/MasterPassword.key`) + +private email to maintainer and talking about the security of 2048 bit RSA keys he replied: +*"I am happy to change the encryption to a higher degreeof encryption. That is not a problem. I can search in openssl how to do that. Should be easy."* +it might also be possible to do this manually, but I haven't tried it yet + +the .pine-passfile can be *decrypted using openssl* (`$ openssl smime -decrypt -inform pem -in ~/.pine-passfile -inkey ~/.alpine-smime/.pwd/MasterPassword.key`) +data is obfuscated after encryption (this was the only security measure until some years ago, so beware of old forum posts) + + + + +--- + + +# **alpine** + + +## *issues with alpine* + + +* not as flexible as (neo)mutt +* should be used as intended (cannot be completely re-configured) +* not as sexy (less perceived users, therefore less information online) +* if the email-server is not configured correctly, problems might arise + + +## *why should anybody use alpine?* + +if you want a TUI-based email program, consider alpine! + +* very fast to set up + + `$ sudo apt-get install alpine && alpine` +* relatively easy to configure + + the configuration can be performed from within alpine + + general behaviour can be changed + + GPG-key-interaction and signatures can be used + + the editor can be changed + + additional customization (e.g. colors) can be used +* stores everything in one configuration file ($HOME/.pinerc) + + therefore easy to deploy +* the maintainer is awesome + + + +*current status: ability to use a TUI email-client for reading and sending email* + + +--- + + +# **mbsync (isync)** + +isync - IMAP and MailDir mailbox synchronizer +the binary is called *mbsync* + +alternative software - offlineimap + +## *configuration of mbsync using `$ touch $HOME/.mbsyncrc`* + + IMAPAccount TEST + Host mail.example.org + User #CAVE: SEE BELOW + PassCmd #CAVE: SEE BELOW + SSLType IMAPS # use secure IMAP + SSLVersions TLSv1.2 + CertificateFile /etc/ssl/certs/ca-certificates.crt + + CopyArrivalDate yes + + + +for *User* use the username as found by the *openssl s\_client*-command + + + +PassCmd "gpg2 --decrypt --no-tty --quiet --no-verbose --for-your-eyes-only --pinentry-mode cancel ~/.password-store/email/TEST.gpg | head -n 1" + +* --pinentry-mode cancel do not ask for passwords, just cancel + +this setup can only be used together with a gpg-agent + +this setup requires a file being stored in *$HOME/.password-store*, as this is done using *pass* + +prequisites + +* gnupg +* gpg-agent +* pass + + +--- + +# **mbsync (isync)** + +## *add information on remote and local folders* + + + # ### Remote storage ------------------- + + IMAPStore TEST-remote + Account TEST + + + # ### Local storage -------------------- + + MaildirStore TEST-local + SubFolders Verbatim + + Path ~/SOMEWHERE/TEST/ + # CAVE: The trailing "/" under 'Path' is important + + #Inbox ~/SOMEWHERE/TEST/inbox + # CAVE: the name of the 'inbox' conflicts with the channel slave name! + # use this only, of no channels are used + + + +--- + +# **mbsync (isync)** + +## *add information on the inbox-channel (remote and local folders)* + + + Channel TEST-Inbox + Master :TEST-remote:"INBOX" + Slave :TEST-local:inbox + + Create Both + # Automatically create missing mailboxes, both locally and on the server + + Expunge Both + # Automatically delete messages if deleted in other folder + + SyncState * + # Save the synchronization state files in the relevant directory + + MaxSize 100m + # Don't download any email greater than this + + Patterns * + # Will copy all the account as specified at under remote + + #Patterns "INBOX*" + #Patterns !* "INBOX*" "Sent*" + # Exclude everything except the folders mentioned + +for remote foldernames use the names as found by the *openssl s\_client*-command + + + + +--- + +# **mbsync (isync)** + +## *add information on additional channels* + + Channel TEST-Sent + Master :TEST-remote:"Sent" + Slave :TEST-local:sent + Create Both + Expunge Both + SyncState * + MaxSize 100m + Patterns * + + Channel TEST-Draft + Master :TEST-remote:"Draft" + Slave :TEST-local:draft + Create Both + Expunge Both + SyncState * + MaxSize 100m + Patterns * + + +for remote foldernames use the names as found by the *openssl s\_client*-command + + + +## *group the channels into a single entity* + + + # Get all the channels together into a group. + Group TEST + Channel TEST-Inbox + Channel TEST-Sent + Channel TEST-Draft + + + + +--- + + +# **mbsync (isync)** + + +test and debug a specific group or channel +`$ mbsync -Dmn TEST` + + +synchronize messages of all groups +`$ mbsync -a` + + +## *synchronize messages automatically (as an alternative to cron-jobs)* + + +`$ touch $HOME/.config/systemd/user/mbsync.service` + + [Unit] + Description=Manual mailbox synchronization service + + [Service] + Type=oneshot + ExecStart=/bin/sh -c '/usr/bin/torsocks /usr/bin/mbsync -aq' + ExecStartPost=ProgramToIndexMessages + + +`$ touch HOME/.config/systemd/user/mbsync.timer` + + [Unit] + Description=Manual mailbox synchronization timer + + [Timer] + OnBootSec=2m + OnUnitActiveSec=5m + Unit=mbsync.service + + [Install] + WantedBy=timers.target + +`$ systemctl start --user mbsync.timer` +`$ systemctl enable --user mbsync.timer` +`$ systemctl status --user mbsync.timer` + + +*current status: new messages get automatically synchronized to my computer* + + +--- + + +# *Interlude* + +## random trivia + +*Lennart Poettering wants to take away your home directory* + + +Let's bring the UNIX concept of Home Directories into the 21st century. The +concept of home directories on Linux/UNIX has little changed in the last 39 +years. It's time to have a closer look, and bring them up to today's standards, +regarding encryption, storage, authentication, user records, and more. In this +talk we'll talk about "systemd-homed", a new component for systemd, that +reworks how we do home directories on Linux, adds strong encryption that makes +sense, supports automatic enumeration and hot-plugged home directories and +more. (asg2019) + + +sources: +https://www.theregister.co.uk/2019/09/25/systemd\_inventor\_home\_directories/ +https://cfp.all-systems-go.io/ASG2019/talk/VSQRXA/ +https://cdn.media.ccc.de/events/all\_systems\_go/2019/h264-hd/asg2019-164-eng-Reinventing\_Home\_Directories\_hd.mp4 + + + +--- + + +# **msmtp** + +msmtp - light SMTP client with support for server profiles + +*configuration of msmtp using `$ touch $HOME/.msmtprc`* + +## *general options for all accounts* + + # Set default values for all following accounts. + defaults + + # Port 465 is designed for required ("implicit") TLS-encryption. + # Mail submission port 587 is used for STARTTLS, + # port 25 is used for unencrypted communication. + # The protocol is smtp (smtps is not an option available, the alternative is lmtp) + protocol smtp + port 465 + + # Keep a logfile for later evaluation + #logfile ~/.mail/msmtp.log + + + # Enable or disable automatic envelope-from addresses. The default is off. + # The domain part can be set with the maildomain command. + # cave: the user-part will be as the login-name on the computer! + # not usable for emails to be send non-locally! + #auto_from off + +if you want to send messages via tor, use the following + + # Use tor as a proxy (needs tor and tls on) + proxy_host 127.0.0.1 + proxy_port 9050 + +prequisites + +* tor with SocksPort bound to 9050 (defined in $HOME/.torrc) + +--- + +# **msmtp** + +## *options concerning tls for all accounts* + + # Always use TLS + tls on + + # STARTTLS turns a previously unencrypted session into an encrypted one + # This is by far not as secure as using an encrypted session from the beginning! + # Therefore TLS is turned on while STARTTLS is turned off. + # Recommendation: if you don't need STARTTLS, then TURN IT OFF! + tls_starttls off + + # Set a list of trusted CAs for TLS. You can use a system-wide default file, + # as in this example, or download the root certificate of your CA and use that. + # If accounts without tls_trust_file are used, this command should be in each accout! + #tls_trust_file /etc/ssl/certs/ca-certificates.crt + + # Additionally, you should use the tls_crl_file command to check for + # revoked certificates, but unfortunately getting revocation lists + # and keeping them up to date is not straightforward. + #tls_crl_file ~/.tls-crls + + + + +--- + + +# **msmtp** + +## *account-specific options* + + + account TEST + host smtp.example.com + from username@example.com + auth on + user #CAVE: SEE BELOW + + passwordeval #CAVE: SEE BELOW + + #port 587 # if needed + + #tls_starttls on # if needed + tls_fingerprint #CAVE: SEE BELOW + tls_trust_file /etc/ssl/certs/ca-certificates.crt + + + +for *User* use the username as found by the *openssl s\_client*-command + + + +use *pass* or *gpg* for decrypting the password +passwordeval "pass show TEST | head -1" +passwordeval "gpg2 --decrypt --no-tty --quiet --no-verbose --for-your-eyes-only $HOME/SOMEWHERE/TEST.gpg | head -1" + +find tsl\_fingerprint using the following command + `$ openssl s_client -connect SMTP_SERVER:587 -starttls smtp /dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2` + `$ openssl s_client -connect SMTP_SERVER:465 /dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2` + change accordingly, if *starttls* is used + +output: e.g. 01:23:45:67:89:AB:CD:EF:BA:DC:0F:FE:E0:DD:F0:0D:DE:AD:BE:EF + + +## *test accounts* + +`$ echo "Subject Test" | msmtp some_other_account@example.com -a TEST` + + +--- + + + +# **neomutt** + +neomutt - text-based mailreader supporting MIME, GPG, PGP and threading + + +## *account configuration* + + set realname = "some name" + set from = "myusername@example.com" + + unmy_hdr * + my_hdr From: some name + + set signature = "~/SOMEWHERE/signature.txt" + + + set pgp_default_key = "DEADBEEF" + set pgp_sign_as = "BADC0FFE" + # use long keys or fingerprints if possible + + + # access server + + set mail_check = 60 + + set spoolfile = "imaps://myusername@example.com@example.com:993/INBOX" + set record = "imaps://myusername@example.com@example.com:993/Sent" + set postponed = "imaps://myusername@example.com@example.com:993/Drafts" + + # disabeled online trash folder, so that only local trash folder will be used + #set trash = "imaps://myusername@example.com@example.com:993/Trash" + + # When using only one folder, everything can be addressed relatively + #set spoolfile = "+INBOX" + #set record = "+Sent" + #set postponed = "+Drafts" + #set trash = "+Trash" + + # mailbox definitions are either performed here or in a separate sidebar + #mailboxes =INBOX =Sent =Trash =Drafts =Junk + + +--- + + +# **neomutt** + +## *debugging neomutt* + +`$ neomutt -d [1-5]` + +**CAVE: neomutt INCLUDES the CREDENTIALS in the DEBUG-LOG!** + + +## *use passwords within neomutt* + + set smtp_url = "smtp://myusername@example.com@example.com:587" + #set smtp_pass = "`pass TEST`" + + set folder = "imaps://myusername@example.com@example.com:993" + #set imap_pass = "`pass TEST`" + + source "pass MUTT_TEST |" #CAVE: SEE BELOW + +*source a password-file from within neomutt* + +use a pipe ("|") after the file to read so that the content of the file gets executed + +content of the password-file + + set imap_pass="MYSUPERSECRETPASSWORD" + set smtp_pass="MYSUPERSECRETPASSWORD" + +in addition add the following option to the .muttrc to disable the colon (':') +`bind generic,alias,attach,browser,editor,index,compose,pager,pgp,postpone ':' noop` +otherwise entering `:set ? imap_pass` or `:set ? smtp_pass` will reveal your password! + + +--- + +# **neomutt** + + +## *account-specific sidebar-options* + +use the sidebar for faster navigation between different accounts + + unmailboxes * + + virtual-mailboxes " ----- " "=separator" + virtual-mailboxes " search" "~/SOMEWHERE/search" + virtual-mailboxes " inbox " "imaps://myusername@example.com@example.com:993/INBOX" + virtual-mailboxes " sent " "imaps://myusername@example.com@example.com:993/Sent" + virtual-mailboxes " drafts" "imaps://myusername@example.com@example.com:993/Drafts" + virtual-mailboxes " trash " "imaps://myusername@example.com@example.com:993/Trash" + virtual-mailboxes " junk " "imaps://myusername@example.com@example.com:993/Junk" + + +if a `folder` is set, an abbreviated form can be used + + virtual-mailboxes " something" "+INBOX" + + +--- + +# **neomutt** + +## *general options concerning the sidebar* + + + # Should the Sidebar be shown? + set sidebar_visible = yes + + # How wide should the Sidebar be in screen columns? + set sidebar_width = 35 + #set sidebar_indicator=green + + # Should the mailbox paths be abbreviated? + set sidebar_short_path = yes + + # When abbreviating mailbox path names, use any of these characters as path + # separators. Only the part after the last separators will be shown. + # For file folders '/' is good. For IMAP folders, often '.' is useful. + set sidebar_delim_chars = '/.' + + # Make the Sidebar only display mailboxes that contain new, or flagged, mail. + set sidebar_new_mail_only = no + + # When searching for mailboxes containing new mail, should the search wrap + # around when it reaches the end of the list? + set sidebar_next_new_wrap = no + + # The character to use as the divider between the Sidebar and the other NeoMutt panels. + set sidebar_divider_char = ' | ' + + # Enable extended mailbox mode to calculate total, new, and flagged + # message counts for each mailbox. + set mail_check_stats + + + bind index,pager B sidebar-toggle-visible + + bind index,pager \Ck sidebar-prev + bind index,pager \Cj sidebar-next + bind index,pager \Cl sidebar-open + + +--- + +# **neomutt** + +## *design of the sidebar* + + # Sort the mailboxes in the Sidebar using this method: + # count – total number of messages + # flagged – number of flagged messages + # new – number of new messages + # path – mailbox path + # unsorted– do not sort the mailboxes + set sidebar_sort_method = 'unsorted' + + + # Display the Sidebar mailboxes using this format string. + # additional informatino on https://neomutt.org/guide/reference.html#sidebar-format + # + # %B Name of the mailbox + # %S Size of mailbox (total number of messages) + # %F Number of Flagged messages in the mailbox + # %N Number of New messages in the mailbox + # %n If there's new mail, display “ N”, otherwise nothing + # %! “ !”: one flagged message; + “ !!”: two flagged messages; + “ n!”: n flagged messages (for n > 2). Otherwise prints nothing. + # %d Number of deleted messages + # %L Number of messages after limiting + # %t Number of tagged messages + # %>X Right justify the rest of the string and pad with “ X” + # %|X Pad to the end of the line with “ X” + # %*X Soft-fill with character “ X”as pad + + # %?F? [%F]? If flagged emails [%F], otherwise nothing + # %* Pad with spaces + + set sidebar_format = "%B %?n?[N]&? %* [%?N?%N/?%S]" + + +--- + +# **neomutt** + +## *gpg-integration* + + setenv PINENTRY_USER_DATA curses + # In case of problems, change ~/.gnupg/ to include the line + # pinentry-program /usr/bin/pinentry-curses + # instead of + # pinentry-program /usr/bin/pinentry-tty + + + # automatically enable PGP encryption/signing for messages (default = yes) + set crypt_autopgp = yes + + # attempt to cryptographically sign outgoing messages (default = no) + set crypt_autosign = no + + # attempt to PGP encrypt outgoing messages (default = no) + set crypt_autoencrypt = no + + # enable S/MIME encryption/signing for messages (default = yes) + set crypt_autosmime = yes + + + # automatically PGP or OpenSSL sign replies to messages which are signed + # (default = yes) + set crypt_replysign = yes + + # automatically PGP or OpenSSL encrypt replies to messages which are encrypted + # (default = no) + set crypt_replyencrypt = yes + + # automatically PGP or OpenSSL sign replies to messages which are encrypted + # (default = no) + set crypt_replysignencrypted = yes + + + # attempt to verify PGP or S/MIME signatures (default = yes) + set crypt_verify_sig = yes + + +--- + +# **neomutt** + +## *gpg-integration* + + # include a time stamp in the lines surrounding PGP or S/MIME output, so spoofing + # such lines is more difficult. If you are using colors to mark these lines + # and rely on these, you may unset this setting. (default = yes) + set crypt_timestamp = yes + + # display non-usable keys on the PGP key selection menu. This includes keys which + # have been revoked, have expired, or have been marked as "disabled" by the user. + set pgp_show_unusable = yes + + # number of seconds after which a cached passphrase will expire if not used. + # is limited by the .gnupg/gpg-agent.conf - option 'max-cache-ttl' + set pgp_timeout = 600 + + # check the status file descriptor output of + # $pgp_decrypt_command + # and + # $pgp_decode_command + # for GnuPG status codes indicating successful decryption. (default = yes) + set pgp_check_gpg_decrypt_status_fd = yes + + # PGP signature is only considered verified if the output from + # $pgp_verify_command + # contains the text. (default = ) + set pgp_good_sign = "^gpg: Good signature from" + + # Save a copy of outgoing email, encrypted to yourself + set pgp_self_encrypt = yes + + #set pgp_default_key = "PGP-KEY" + #set pgp_sign_as = "PGP-SIGNING-KEY" + + # Save a copy of outgoing email, encrypted to yourself + set smime_self_encrypt = yes + set smime_is_default = no + + #set smime_default_key = "SMIME-KEY" + #set smime_sign_as = "SMIME-SIGNING-KEY" + + +--- + +# **neomutt** + +## *gpg-integration* + + + set pgp_sign_command ="gpg \ + --batch \ + --quiet \ + --no-verbose \ + --textmode \ + --armor \ + --output - \ + --detach-sign \ + --passphrase-fd 0 \ + %?a?--local-user %a? %f" + + set pgp_encrypt_only_command = "/usr/lib/neomutt/pgpewrap \ + gpg \ + --batch \ + --quiet \ + --no-verbose \ + --textmode \ + --armor \ + --output - \ + --encrypt -- \ + --recipient %r -- %f" + + set pgp_encrypt_sign_command = "/usr/lib/neomutt/pgpewrap \ + gpg \ + --batch \ + --quiet \ + --no-verbose \ + --textmode \ + --armor \ + --output - \ + --encrypt \ + --sign \ + --passphrase-fd 0 \ + %?a?--local-user %a? -- \ + --recipient %r -- %f" + +CAVE: either put /usr/lib/neomutt in $PATH or explicitly use /usr/lib/neomutt/pgpewrap + +CAVE: more complicated config = more risk, that something is incorrectly configured! + +--- + +# *Interlude* + +## random trivia + +codecrypt - post-quantum encryption and signing tool +*CAVE: software has not undergone a cryptographic audit* + + # This is a GnuPG-like Unix program for encryption and signing + # that only uses quantum-resistant algorithms: + # McEliece cryptosystem (compact QC-MDPC variant) for encryption. + # Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures. + + + # ccr basic command usage + + # Generate a strong(er) asymmetric encryption key + $ ccr -g ENC-256 -N SOME_NAME + + # Export specified public key for sharing with contacts + $ ccr -F SOME_NAME -ap > SOME_NAME.pub + + # Export specified private key. The -F parameter chooses the key to be used + # To enumerate all keys in the keyring run ccr -k for public ones and ccr -K for private + $ ccr -F SOME_NAME -aP > SOME_NAME_UNENCRYPTED + + # Back-up keys: It is easier to backup the ccr folder in the home directory, + # changing its name from/to .ccr upon restore. + # Enable hidden file view with alt + . to see it. + + + # ccr key management + + # Import a public key. + $ ccr -ai < [contactkey] + + # Import a private key. + $ ccr -aI < [myprivatekey] + + # Encrypt a plaintext message file only to an already imported contact key. + # Note this will be inaccessible to you. Save a plaintext copy for archival purposes. + $ ccr -aer SOME_NAME -R secret > secret.ccr + + # Decrypt a ciphertext message creating plaintext output. + $ ccr -adR secret.ccr > secret.new + + + +--- + + +# **neomutt** + +## *attachments* + + unalternative_order * + alternative_order multipart/mixed multipart/related text/plain text/enriched text/html + # define order how to view messages; multipart/* is needed for attachment forwarding + + auto_view text/html + # automatically convert text/html into plain text + + bind attach view-mailcap + # view attachments using 'v', then open in mailcap using 'm' + + mime_lookup application/octet-stream + + # Ask if the user wishes to abort sending if $abort_noattach_regex + # is found in the body, but no attachments have been added + # It can be set to: + # "yes" : always abort + # "ask-yes" : ask whether to abort + # "no" : send the mail + set abort_noattach = ask-yes + + # Search for the following regular expression in the body of the email + # English: attach, attached, attachment, attachments + set abort_noattach_regex = "\\" + # Deutsch: + set abort_noattach_regex = "\\<(Anhang|anhängen|angehängt|anhang|anhänge|hängt an)\\>" + + set attach_format = " %u%D%I %t%2n %T%d%\* [%.15m/%.10M, %.8e%?C?, %.6C?, %.4s] " + + set mailcap_path = "~/.mutt/config/mutt_mailcap" + # define link to filetypes-file + + +--- + + +# **neomutt** + +## *attachments* + +this should be put into a separate file for mailcap + + + # html-emails and other email-formats + text/html; w3m -cols 80 -dump -T text/html '%s'; copiousoutput + application/rtf; unrtf '%s' | html2text; copiousoutput + + + # pdf-files + application/pdf; pdftotext '%s' - ; print=zathura '%s'; copiousoutput + + + # office-documents + application/vnd.openxmlformats-officedocument.wordprocessingml.document; docx2txt '%s' - | less; copiousoutput + application/msword; antiword '%s'; copiousoutput + + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet; vd '%s'; needsterminal + application/vnd.ms-excel; vd '%s'; needsterminal + + application/vnd.ms-powerpoint; catppt '%s' | less; copiousoutput + + # images + image/*; catimg '%s'; print=sxiv '%s'; needsterminal + + +--- + +# **neomutt** + +## *additional options* + + + set ispell = "aspell -e -c" + # use aspell as spellchecker + + set thorough_search = yes + + + macro index,pager \ea "abook \ + --add-email" "Add this sender to abook" + + bind editor complete-query + + +additional options depending of the indexing-utility used + + + set query_command = "( abook --mutt-query '%s' ; \ + mu cfind --format=mutt-ab '%s' | sed -n '1!p' )" + +--- + + +# **mu (maildir-utils) or notmuch or mairix** + +first create an index database + +`$ notmuch setup` +`$ mu index --maildir=/SOMEFOLDER` + +for mairix the configuration file has to be created manually (using $HOME/.mairixrc) + + +create symbolic links to a specific folder to be opened in neomutt + + + # searching messages + macro generic,index,pager,browser "mu \ + find --clearlinks \ + --format=links \ + --linksdir=~/SOMEWHERE/" "mu find" + + macro generic,index,pager,browser "notmuch-mutt \ + --output-dir ~/SOMEWHERE \ + --prompt search" "notmuch search" + + macro generic,index,pager,browser "mairix " "mairix" + + + # querying messages + macro generic,index,pager,browser "~/SOMEWHERE" "search folder" + + + +--- + + +# **nmh or mmh** + +mmh - set of electronic mail handling programs (legacy code removed from nmh) +nmh - 'new' mail handler (although older than mmh) + + +## *setup* + + +currently work in progress (issue - using multiple accounts with sendmail) + + +--- + +# **open issues** + +## *converting .eml-files directly into mbox or maildir using cli-tools* + +## *how to deal with broken emails (how to prevent and how to fix them)* + +## *download messages using isync via a tor-proxy* + +solution: use tsocks/torsocks + +## *sending messages from different accounts using sendmail* + +## *tagging messages using mu* + +## *how to handle passwords, while being both obfuscated (within a file) and secure* + +possible solution: use tomb and pass + +## *searching gpg-encrypted messages* + +## *searching tar-archived message folders* + +## *open other emails while writing without a second 'mutt -R'-window* + +possible solution: postpone messages + +## *increase viewing space for attachments when sending messages* + +solution: set attach_format = " %u%D%I %t%2n %T%d%\* [%.15m/%.10M, %.8e%?C?, %.6C?, %.4s] " + + + +## *slow, when changing to different offline folder* + +## *mutt sometimes hanging (not able to ^C or ^G)* + +## *mutt sometimes sending empty messages (when hanging)* + +## *accessing a maildir-folder over ssh with mutt being installed locally* + +## *switching between user credentials when accessing local folders* + +possible solution: folder-hooks + +## *generate a local spam-filter* + diff --git a/Kalender/2019-10-17/index.mdwn b/Kalender/2019-10-17/index.mdwn new file mode 100644 index 0000000..ce68ea9 --- /dev/null +++ b/Kalender/2019-10-17/index.mdwn @@ -0,0 +1,15 @@ +[[!meta date="2019-10-17"]] + +### Ort + +im [Metalab](http://www.metalab.at/) ab 19:00. (Hauptraum, die Bib ist noch +Baustelle) + +## Wer kommt/ist da + +- Ich +- Du? + +### Themen + +- [E-Mail Journey](/Kalender/2019-10-17/email_journey/) Vortrag (mutt und anderes) diff --git a/Kalender/2019-11-21/index.mdwn b/Kalender/2019-11-21/index.mdwn new file mode 100644 index 0000000..7ece3d2 --- /dev/null +++ b/Kalender/2019-11-21/index.mdwn @@ -0,0 +1,21 @@ +[[!meta date="2019-11-21"]] + +### Ort + +im [Metalab](http://www.metalab.at/) ab 19:00. (Hauptraum, die Bib ist noch +Baustelle) + +## Wer kommt/ist da + +- reox +- Ich +- Du? + +### Themen + +- [Alte Debian Distribution gefunden](https://twitter.com/Wurzelmann/status/1195652749226135552) + + +### Fragen + +- Schlechte performance wenn jedi-vim verwendet wird? diff --git a/Kalender/2019-12-19/index.mdwn b/Kalender/2019-12-19/index.mdwn new file mode 100644 index 0000000..58fc568 --- /dev/null +++ b/Kalender/2019-12-19/index.mdwn @@ -0,0 +1,23 @@ +[[!meta date="2019-12-19"]] + +### Ort + +im [Metalab](http://www.metalab.at/) ab 19:00. (Hauptraum, die Bib ist noch +Baustelle) + +## Wer kommt/ist da + +- Ich +- Ich +- Ich +- Ich +- Du? + +### Themen + +- How [vkdt](https://github.com/hanatos/vkdt) does not compile in Debian +- How to use [gpg-agent](https://manpages.debian.org/jessie/gnupg-agent/gpg-agent.1.en.html) as ssh-agent: `enable-ssh-support` in `~/.gnupg/gpg-agent.conf` +- Packaging software for Debian [Manuals](https://www.debian.org/doc/devel-manuals) + +### Fragen + diff --git a/Kalender/2020-01-16/index.mdwn b/Kalender/2020-01-16/index.mdwn new file mode 100644 index 0000000..2b3d074 --- /dev/null +++ b/Kalender/2020-01-16/index.mdwn @@ -0,0 +1,17 @@ +[[!meta date="2020-01-16"]] + +### Ort + +im [Metalab](http://www.metalab.at/) ab 19:00. (Hauptraum, die Bib ist noch +Baustelle) + +## Wer kommt/ist da + +- Du? + +### Themen + +- Vorschläge? + +### Fragen + diff --git a/Kalender/2020-02-20/index.mdwn b/Kalender/2020-02-20/index.mdwn new file mode 100644 index 0000000..9221b3f --- /dev/null +++ b/Kalender/2020-02-20/index.mdwn @@ -0,0 +1,33 @@ +[[!meta date="2020-02-20"]] + +### Ort + +im [Metalab](http://www.metalab.at/) ab 19:00. (Hauptraum, die Bib ist noch +Baustelle) + +## Wer kommt/ist da + +- Adi +- Alex +- Reox +- Du? + +### Vorträge + +* Adi: 'ffmpeg does more than simply converting videos' +* Alex: 'reading and writing like a grown-up (with a focus on vim)' + + +### Fragen + +- Deine Frage hier + +### Pakettipps + +- [[!debpkg ranger]] Console File Manager with VI Key Bindings +- [[!debpkg devscripts]] und das tool annotate-output um logfiles zu generieren +- [[!debpkg libtext-lorem-perl]] lorem ipsum dolor sit +- `sponge` ermöglicht es aus einem stream zu lesen und später in die selbe datei +zu schreiben + + diff --git a/Kalender/2020-04-16/index.mdwn b/Kalender/2020-04-16/index.mdwn new file mode 100644 index 0000000..16c2fd9 --- /dev/null +++ b/Kalender/2020-04-16/index.mdwn @@ -0,0 +1,46 @@ +[[!meta date="2020-04-16"]] + +### Ort + +Online Meeting über jitsi ab 19:00: [Metalab Jitsi, Raum Debienna](https://meet.metalab.at/Debienna) + +Es gibt Berichte, dass Firefox nicht gut funktioniert. Es wird empfohlen +Chromium/Chrome zu verwenden. Alternativ geht auch Android gut. + +## Wer kommt/ist da + +- Ich +- + 5 andere in jitsi! +- Du? + +### Diskussion + +[[!debpkg vmdb2]] und [[!debpkg debos]] zum automatischen aufsetzen von Debian VMs + +- man kann die [debian docker rootfs tars](https://docker.debian.net) verwenden, wenn man das will. Die sind +halt wirklich minimal +- debos scheint nicht für LVM targets zu funktionieren +- vmdb2 hat ein paar bugs, zB kann man derzeit nur sinnvoll msdos partionen +verwenden und nicht gpt + + +[debian.social](https://wiki.debian.org/Teams/DebianSocial) + +- es gibt ein Debian [peertube](peertube.debian.social) mit allen Debconf videos! +- eine [Pleroma](pleroma.debian.social) Instanz gibt es jetzt auch - das ist sowas ähnliches wie Mastodon +- [Pixelfed](pixelfed.debian.social), sowas wie Instagram +- [WriteFreely](writefreely.debian.social) +- [jitsi](jitsi.debian.social) + +Es gibt auch noch das [Fediverse Team](https://wiki.debian.org/FediverseTeam) +das versucht die ganzen Dinge zu paketieren. + + + +### Fragen + +- ... + +### Pakettipps + +- [[!debpkg between]] ein spiel wo wir nicht genau wissen was es tut :D diff --git a/Kalender/2020-11-18/index.mdwn b/Kalender/2020-11-18/index.mdwn new file mode 100644 index 0000000..1e46b81 --- /dev/null +++ b/Kalender/2020-11-18/index.mdwn @@ -0,0 +1,39 @@ +[[!meta date="2020-11-18"]] + +### Ort + +Online Meeting über jitsi ab 19:00: [Metalab Jitsi, Raum Debienna](https://meet.metalab.at/Debienna) + +--> Wurde kurzfristig mit der Python User Group Zusammen gelegt: [Metalab Jitsi, Raum PyUGAT](https://meet.metalab.at/pyugat) + +## Wer kommt/ist da + +- Ich +- Du? + +### Diskussion + +Heute in der Python Edition: + +- python3 als standard setzen mittels [[!debpkg python-is-python3]] + Achtung: ab bullseye wird /usr/bin/python gelöscht und kein script sollte + darauf verweisen! +- [[!debpkg pipx]] als wrapper für venvs: Damit kann man elegant scripte +installieren und in ein eigenes venv packen. Funktioniert auch mit verschiedenen +python versionen. Leider kann die Version in Debian noch nicht von git repos +installieren (`pipx install git+https://github.com/...`), dazu muss man die +version aus git installieren. Pipx geht leider nur für scripte und ist nicht für +libraries geeignet. +- [pyenv](https://github.com/pyenv/pyenv) um seine python environments noch +besser zu trennen und zu verwalten + + +### Fragen + +- Wie werte ich DMARC xml reports aus? +- Verwendet jemand [[!debpkg graphite-carbon]]/[[!debpkg graphite-web]] + [[!debpkg collectd]]? +- ... + +### Pakettipps + +- [[!debpkg spf-tools-python]] zum überprüfen von SPF rules diff --git a/Kalender/2021-10-21/index.mdwn b/Kalender/2021-10-21/index.mdwn new file mode 100644 index 0000000..2785d75 --- /dev/null +++ b/Kalender/2021-10-21/index.mdwn @@ -0,0 +1,20 @@ +[[!meta date="2021-10-21"]] + +### Ort + +im Metalab, 19:00 +bitte auf [Metalab Regeln](https://metalab.at/wiki/COVID-19/en) achten + +## Wer kommt/ist da + +- Ich +- Du? + +### Diskussion + +- Long time not here + +### Fragen + +- ... + diff --git a/Kalender/2022-11-10/index.mdwn b/Kalender/2022-11-10/index.mdwn new file mode 100644 index 0000000..7bfdcf8 --- /dev/null +++ b/Kalender/2022-11-10/index.mdwn @@ -0,0 +1,19 @@ +[[!meta date="2022-11-10"]] + +### Ort + +im Metalab, 19:00 +bitte auf [Metalab Regeln](https://metalab.at/wiki/COVID-19/en) achten + +## Wer kommt/ist da + +- Du? + +### Diskussion + +- Vorschläge? + +### Fragen + +- ... + diff --git a/Kalender/2022-12-08/index.mdwn b/Kalender/2022-12-08/index.mdwn new file mode 100644 index 0000000..9f85e14 --- /dev/null +++ b/Kalender/2022-12-08/index.mdwn @@ -0,0 +1,19 @@ +[[!meta date="2022-12-08"]] + +### Ort + +im Metalab, 19:00 +bitte auf [Metalab Regeln](https://metalab.at/wiki/COVID-19/en) achten + +## Wer kommt/ist da + +- Du? + +### Diskussion + +- Vorschläge? + +### Fragen + +- ... + diff --git a/StartSeite/L1/index.mdwn b/StartSeite/L1/index.mdwn index f5fa6a5..0d443ed 100644 --- a/StartSeite/L1/index.mdwn +++ b/StartSeite/L1/index.mdwn @@ -1,10 +1,10 @@ ## Koordination zum Debienna Treff! -Das Debienna-Wiki ist derzeit aus technischen Gründen nur lesbar. +Das Debienna-Wiki ist derzeit aus technischen Gründen nur lesbar. Übers Web, that is. Per git over ssh gibt es Zugriff, wenn Leute danach fragen. * [[DebiennaTreff|DebiennaTreff]] der Wiener Debian-Szene * Jeden dritten Donnerstag ab 19:00 im [Metalab](/DebiennaTreffOrt/Metalab) (Bibliothek). - Bitte den [[Kalender]] und/oder die [[Mailingliste|https://lists.debienna.at/wws/info/debienna]] für Ankündigungen verwenden. + Bitte den [[Kalender]] und/oder die [[Mailingliste|https://lists.metalab.at/mailman/listinfo/debienna]] für Ankündigungen verwenden. * Oft gibts ab 20:00 einen interessanten Vortrag. [[DebiennaTreffThema|DebiennaTreffThema]] * Davor, danach und zwischendurch Diskussionen, diff --git a/StartSeite/L2/index.mdwn b/StartSeite/L2/index.mdwn index 8e5a273..42a9ad4 100644 --- a/StartSeite/L2/index.mdwn +++ b/StartSeite/L2/index.mdwn @@ -6,7 +6,7 @@ Tragt euch ein! Am besten mit einem Bild. * [[FAQ]] für jene die zum ersten mal hier sind. * Mailingliste: Ankündigungen und Diskussionen -[[Subscribe|https://lists.debienna.at/wws/info/debienna]] oder via [[gmane.org|http://dir.gmane.org/gmane.org.user-groups.debian.austria]] +[[Subscribe|https://lists.metalab.at/mailman/listinfo/debienna]] * [[JabberKonferenz]]: `debienna@chat.deb.at` * [[IrcChannel]]: `#debian.or.at`, Server `irc.debian.org` (im [[OFTC-Netz|http://www.oftc.net/]]) diff --git a/StartSeite/L3/index.mdwn b/StartSeite/L3/index.mdwn index c9a1114..3a16d54 100644 --- a/StartSeite/L3/index.mdwn +++ b/StartSeite/L3/index.mdwn @@ -4,4 +4,4 @@ * [[Offizielle Debian Homepage|http://www.debian.org/]] * [[(internationales) Debian Wiki|http://wiki.debian.org]] -* weitere links auf der [[Links]] page \ No newline at end of file +* weitere links auf der [[Links]] page