Differences

This shows you the differences between two versions of the page.

--- config_echomail_nodes [2019/03/16 17:24] – added enryption key details avon
+++ config_echomail_nodes [2019/03/16 17:55] – added ssl/tls for echomail nodes avon
@@ Line 257: / Line 257: @@
 === Security Level ===
-Placeholder text - this feature under development 1.12 A38
+You can set ACS rules for this EchoMail node. Refer to discussion info in the Echomail Node Security section below.
 === Access Flags ===
-Placeholder text - this feature under development 1.12 A38
+You can set access flags for this EchoMail Node. Refer to discussion info in the Echomail Node Security section below.
+=== Echomail Node Security ====
+The beginnings of Echomail node security is here!  The easiest way to think about how this system works is to relate an Echomail node to the way security works for a user in your BBS.  Each node will have a security   level, access flags, and can be a member of many Echomail groups (up to 65000 echomail groups can be defined).
+Different functions throughout the echomail system will eventually have "Echo ACS" strings which work just like the [[access_control|user ACS strings that we're familiar with]].  For example, you might have "Hatch File EACS" in a file base where you could say that you wanted only echomail nodes within a particular group to be able to hatch files, or a particular security level or access flag(s), or even by static echomail node ID.  For example:
+     Hatch File EACS: g2|s255|fH|u10
+The above would say that any echomail node that is a member of Echomail group 2, OR any node that has a security level of 255 OR any Echomail node that has flag H can hatch files to that file base.  The Echomail node with the ID of #10 can also hatch.
+This is a very powerful system for managing an Echomail network, and EACS strings will be added to various functions in the future as seen fit.
 ==== Page 3 of 6 - Groups ====
-   Echo Group 01  │ None                                      1:General
+   Echo Group 01  │ fsxNet                                    1:General
    Echo Group 02  │ None                                      2:Security
    Echo Group 03  │ None                                      3:GROUPS
@@ Line 282: / Line 294: @@
-Placeholder text - this feature under development 1.12 A38
+Define which EchoMail groups this EchoMail node is a member of.
 ==== Page 4 of 6 - BinkP====
    BINKP Hostname │ agency.bbs.nz:24556                       1:General
    IP Type        │ IPV4                                      2:Security
-   Password       │ *******                                   3:Groups
+   Password       │ *****                                     3:Groups
    Time Out       │ 30                                        4:BINKP
    Block Size     │ 16384                                     5:FTP
    CRAM-MD5       │ Yes                                       6:Dir Toss
+   Use SSL/TLS    │ No
    Hide AKAs      │ Yes
-                  │
                   │
                   │
@@ Line 302: / Line 314: @@
                   │
                   │                                          Page 4 of 6
-A Binkp session has the following options you should set:
+A Binkp section has the following options you should look at and in most cases set up:
 === BINKP Hostname ===
@@ Line 311: / Line 324: @@
 === IP Type ===
-Do you wish to use IPV4 or IPV6 when using Fidopoll to connect to this system?
+Do you wish to use IPV4 or IPV6 when using Fidopoll to connect to this system? Or do you wish to set a preferred connection type and then a fallback type? e.g. IPV6 + IPV4 or IPV4 + IPV6
 === Password ===
@@ Line 317: / Line 330: @@
 Set the session password your Mystic BBS will send to this EchoMail Node when you poll it using Fidopoll or it connects to your Mystic BinkP server and attempts to send your system Echomail, Netmail and/or other files.
-This password is case sensitive. Be warned some non-Mystic systems have issues with this. Best advice keep everything UPPERCASE to avoid hassles.
+This password is case sensitive. Be warned some non-Mystic systems have issues with this. Best advice keep everything UPPERCASE and limited to no more than 8 characters to avoid hassles.
 === Timeout ===
@@ Line 330: / Line 343: @@
 Use MD5 hashing when connecting as a client? This hides session passwords so they are not sent in plain text. It's a good idea to use this.
+=== Use SSL/TLS ===
+Mystic BINKP server and FIDOPOLL now support opportunistic SSL (TLS v1.2+) using a proprietary extension of the BINKP protocol. This means that it will only work with other Mystic BBS clients and servers, but the author plans to document the extension and send it to the authors of other mailers in hopes that it can be standardized.
+EchoMail Nodes now have three settings which can be used when polling for new mail:
+      No     : FIDOPOLL will not use SSL extension at all
+      Yes    : FIDOPOLL WILL use SSL if the server supports it
+      Forced : FIDOPOLL will refuse to exchange mail with a server
+               unless it supports SSL
+This setting is experimental at present so your mileage may vary. If you're having issues connecting to other systems it's best to set this to 'No' for now.
 === Hide AKAs ===