imip-agent
 ==========
 
 This software implements an agent that can interpret e-mail messages
 containing calendar information, maintain availability records for scheduling
 participants, act on behalf of resources and other entities that need to
 participate in scheduling, and support user interfaces for end-users whose
 e-mail programs do not understand calendar data.
 
 Getting Started
 ===============
 
 Eventually, this information should be incorporated into packages for various
 operating system distributions, and these instructions should be largely
 superfluous for most users.
 
 Installing the Software
 =======================
 
 The tools/install.sh script should install the software in appropriate
 locations. See the prerequisites below for other software that will be
 required.
 
 System User and Filesystem Access
 =================================
 
 The data handled by imip-agent needs to be accessible to other software,
 notably mail handling software and Web server software. Two approaches are
 described here: LMTP delivery and local SMTP delivery.
 
 LMTP Delivery
 -------------
 
 Here, imip-agent's programs run in a way that permits LMTP delivery (requiring
 suitable local privileges to communicate with the mail storage solution)
 whilst allowing the Web server to read data written by those programs.
 
 A system group needs to be created for LMTP delivery and for certain users to
 share resources:
 
   addgroup lmtp
 
 This group should be employed for LMTP delivery by systems like Cyrus and
 Dovecot. See the section on configuring mail systems for delivery for more
 information.
 
 A system user needs to be created and to belong to certain groups in order to
 deliver messages to mail stores and to publish resources on the Web:
 
   useradd -d /var/lib/imip-agent -m -U -G lmtp,www-data -r imip-agent
 
 Store details and published resources need to be accessible by the imip-agent
 and www-data users. Thus, www-data also needs to belong to the lmtp group:
 
   adduser www-data lmtp
 
 Stored and published data is then initialised using the tools/init.sh script.
 The script employs the setgid flag on the directories initialised for stored
 and published data so that new files and directories have the appropriate
 group associated with them.
 
 It should be possible to omit all arguments to the init.sh script, but it is
 also worth reading the help message:
 
   tools/init.sh --help
 
 Fixing ownership can be done using the tools/fix.sh script, in case some form
 of modification has altered the ownership or membership of the created files
 and directories.
 
 Local SMTP Delivery
 -------------------
 
 Here, imip-agent's programs run in a way that permits local SMTP delivery
 (which merely needs the ability to connect to a local network service) whilst
 allowing the Web server to read data written by those programs.
 
 A system user needs to be created and to belong to certain groups in order to
 deliver messages to mail stores and to publish resources on the Web:
 
   useradd -d /var/lib/imip-agent -m -U -G www-data -r imip-agent
 
 Again, the tools/init.sh script will initialise directories for stored and
 published data. The tools/config.sh script should be edited and the group
 redefined as follows:
 
   IMIP_AGENT_GROUP=www-data
 
 If already installed, the /etc/imip-agent/config.sh script should be edited
 instead.
 
 With local SMTP delivery, the mail system will need to be configured to route
 messages for local recipients. See the description of mail configuration for
 more information.
 
 Configuring Other Software
 ==========================
 
 The conf directory contains subdirectories for different systems:
 
   apache        Apache 2 site configuration for publishing resources
   cron          Cron command scheduling for free/busy updates
   exim          Exim 4 routing and transport configuration
   ldap          Some LDAP-related resources
   postfix       Postfix routing and transport configuration
 
 Either Exim or Postfix can be chosen as a mail system supporting the agent.
 
 Configuring Mail Systems for the Agent
 ======================================
 
 The essential aspect of mail system configuration involves mail transports and
 the integration of agent programs into the mail processing pipeline. Thus, the
 following files are of particular interest:
 
 For Exim (in conf/exim)...
 
   30_exim4-config_people                Integration of agent programs
   30_exim4-config_people_outgoing       ...
   30_exim4-config_resources             ...
 
 For Postfix (in conf/postfix)...
 
   master.cf.items                       Integration of agent programs (for
                                         inclusion in master.cf)
   transport                             Configuration of agent transports
   virtual                               Configuration of outgoing mail routing
 
 Such files need adjusting for the deployment environment so that, for example,
 the example.com domain would be replaced with a suitable value.
 
 If local SMTP delivery is being used, the 30_exim4-config_people file (in
 conf/exim) or the master.cf.items file (in conf/postfix) will need adjusting.
 
 If LMTP is being used, instances of LMTP_SOCKET in the example configuration
 files will need to be replaced with a suitable filesystem path. Where the lmtp
 system group is employed, it may be replaced with a different group. See
 below for a discussion of LMTP and mail delivery.
 
 Configuring Mail Systems for Mail Recipients
 ============================================
 
 The software should operate independently of the way mail recipients are
 identified in any given mail system, and thus does not dictate things such as
 routing or account querying. However, example configuration files are provided
 that demonstrate the use of various techniques to identify mail recipients.
 
 Naturally, these recipient identification configuration examples can be
 disregarded in favour of other ways of defining mail recipients, subject to
 the needs of any given environment.
 
 Using LDAP with Exim
 --------------------
 
 For Exim (in conf/exim/ldap)...
 
   010_exim4-config_ldap_people_outgoing     Defines recipients and outgoing
                                             mail routing
   020_exim4-config_ldap_people              ...
   020_exim4-config_ldap_resources           ...
   020_exim4-config_ldap_people_outgoing_recipients
 
 Using LDAP with Postfix
 -----------------------
 
 For Postfix (in conf/postfix/ldap)...
 
   main.cf.example                           Defines recipients and outgoing
                                             mail routing (for inclusion in
                                             main.cf)
 
   virtual_alias_maps_people.cf              Defines recipients and outgoing
   virtual_alias_maps_people_outgoing.cf     mail routing
   virtual_alias_maps_resources.cf           ...
 
 Using Lists of Identities
 -------------------------
 
 Since the use of LDAP can be somewhat challenging and also excessive in some
 situations, examples of maintaining recipient information using a simpler
 approach are provided.
 
 In this simpler environment, recipient details must be manually edited in the
 virtual identity files, but this permits a very transparent way of
 administering the system.
 
 Using Lists with Exim
 ---------------------
 
 For Exim (in conf/exim/simple)...
 
   010_exim4-config_people_outgoing          Defines recipients and outgoing
                                             mail routing
   020_exim4-config_people                   ...
   020_exim4-config_resources                ...
   020_exim4-config_people_outgoing_recipients
 
   virtual_people                            Defines recipient identities
   virtual_people_outgoing_recipients        belonging to known domains
   virtual_resources                         ...
 
   virtual_domains                           Defines recipient domains
 
 To add support for delivery to local mailboxes, the following additional file
 is provided as an example:
 
   virtual_people_local                      Defines recipients and local users
 
 And to route bounced messages back to the generic calendar address, an
 addition to the /etc/aliases file is provided:
 
   aliases.example                           Routes calendar to root
 
 Using Lists with Postfix
 ------------------------
 
 For Postfix (in conf/postfix/simple)...
 
   main.cf.example                           Defines recipients and outgoing
                                             mail routing (for inclusion in
                                             main.cf)
 
   virtual_alias_maps                        Defines recipients and outgoing
   virtual_alias_maps_people_outgoing        mail routing
 
 To add support for delivery to local mailboxes, the following alternative to
 virtual_alias_maps is provided as an example:
 
   virtual_alias_maps_local                  Defines recipients and local users
 
 LDAP Representations for Mail Recipients
 ----------------------------------------
 
 Relevant LDAP resources for structuring recipient information include the
 following:
 
   RFC 4524                                  Defines the mail attribute
   http://tools.ietf.org/html/rfc4524
 
   RFC 2798                                  Defines the inetOrgPerson object
   http://tools.ietf.org/html/rfc2798        class
 
   RFC 2739                                  Defines the calEntry object class
   https://tools.ietf.org/html/rfc2739       supporting calFBURL
 
 An additional draft RFC describes the mailRecipient object class:
 
   https://tools.ietf.org/html/draft-lachman-ldap-mail-routing-03
 
 Resource schemas for LDAP are not effectively standardised for the purposes of
 this software. A useful object class, inetResource, was defined for the
 iPlanet Calendar Server:
 
   http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqrf/index.html#anocg
   http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqr8/index.html
 
 Although Kolab maintains notions of resources, they are tied up with the
 notion of a shared folder and the kolabSharedFolder object class, although the
 mailRecipient object class is employed by resources in Kolab.
 
 Configuring Mail Systems for Mail Delivery
 ==========================================
 
 The agent software assumes that delivery of mail to recipients may be
 performed either using local SMTP or by using LMTP to a suitable mailbox
 provider.
 
 If employing local SMTP, the burden of routing messages to suitable storage
 becomes a configuration problem within the mail system itself, but given that
 routing to local system users is typically supported "out of the box", this
 can provide a usable solution with minimal effort.
 
 Where the mail system must instead route messages to mailbox providers
 employing LMTP, some more effort is required. For Exim, some sample
 configuration files are provided in conf/exim/lmtp to route messages for local
 users to LMTP endpoints.
 
 By using LMTP from the agent software, the issue of configuring the mail
 system to integrate with storage solutions is avoided, but then those
 solutions must expose their LMTP interface appropriately.
 
 Configuring Mail Storage Providers for LMTP
 -------------------------------------------
 
 Although this topic is largely beyond the scope of this document, systems such
 as Cyrus and Dovecot can be configured to provide a Unix domain socket
 offering support for LMTP connections.
 
 For Cyrus, the following bug report is pertinent:
 
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494746
 
 A permanent change in permissions on the Cyrus LMTP socket is therefore
 required to make delivery available to the lmtp group:
 
   dpkg-statoverride --force --update --add \
     cyrus lmtp 750 /var/run/cyrus/socket
 
 Configuring Cron for Free/Busy Updates
 ======================================
 
 The periods occupied by recurring events are not expanded beyond a certain
 window of time by imip-agent. As a consequence, free/busy collections need to
 be progressively expanded over time to include periods occupied by such events
 that were not previously recorded in those collections.
 
 The conf/cron/cron.daily/imip-agent file contains commands that update
 free/busy collections for all known users, and this should be copied to the
 appropriate destination. For example:
 
 cp conf/cron/cron.daily/imip-agent /etc/cron.daily/
 
 Where frequency-specific directories are not supported by cron on a system, a
 crontab entry of the appropriate format is required instead.
 
 Configuring Web Servers for Free/Busy Publishing
 ================================================
 
 Each user may request the publishing of their free/busy information by
 configuring certain settings. The conf/apache/imip-agent.conf file provides a
 configuration file for deployment with the Apache Web server software that
 exposes a directory for Web publishing containing the published free/busy
 information.
 
 Access to free/busy information may not be moderated, but Web server
 directives can be introduced to impose access controls. Mail programs that
 wish to consult the free/busy information may have problems in dealing with
 authentication mechanisms, however, and it may be regarded as acceptable in
 certain environments to expose such information publicly or with
 network-specific access constraints.
 
 Configuring Web Servers for the Calendar Management Interface
 =============================================================
 
 A calendar management interface is provided to allow users to view and
 interact with their calendars through the Web. The
 conf/apache/imip-manager.conf file provides a configuration file for
 deployment with the Apache Web server software that enables this interface.
 
 The management interface is deployed as a CGI program, meaning that a suitable
 module must be enabled in the Apache configuration. On Debian, this is done as
 follows:
 
 a2enmod cgi
 
 Since such access to calendars should only be performed by identified
 users, access controls are suggested in the configuration file. Modules
 providing additional authentication support may need to be enabled. For
 example, on Debian, the LDAP authentication/authorisation support is enabled
 as follows:
 
 a2enmod authnz_ldap
 
 Prerequisites
 =============
 
 Depending on the mail transport agent (MTA) chosen, the following packages are
 required for this software to work on Debian systems:
 
   Exim:    exim4-daemon-heavy
   Postfix: postfix postfix-ldap
 
 The software itself requires the following packages:
 
   Python:  python
   pytz:    python-tz
 
 To update free/busy details periodically, the following software is
 recommended:
 
   Cron:    cron
 
 The management Web interface requires the following packages:
 
   Apache:  apache2
   Babel:   python-babel
 
 Although not necessarily within the scope of the deployment of this software,
 the following mail storage solutions would be used to receive and hold
 messages:
 
   Cyrus:   cyrus-imapd
   Dovecot: dovecot-imapd dovecot-ldap dovecot-lmtpd
 
 Some test programs need additional programs provided by other packages:
 
   envsubst: gettext-base