Product SiteDocumentation Site

Kolab Groupware 2.4

Architecture and Design

Edition 0

Christian Mollekopf

Kolab Systems Software Engineer

Jeroen van Meeuwen

Kolab Systems Systems Architect

Legal Notice

Copyright © 2011 Kolab Systems AG This material may only be distributed subject to the terms and conditions set forth in the GNU Free Documentation License (GFDL), V1.2 or later (the latest version is presently available at http://www.gnu.org/licenses/fdl.txt).
Abstract
This document is the reference to version 3.0 of the Kolab Groupware Solution architecture and design considerations, specifications and implementation details.
Preface
1. Document Conventions
1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings
2. Feedback
2.1. Reporting Bugs in Kolab
2.2. Mailing Lists
2.3. IRC
3. About Kolab Groupware
3.1. Free Software Components
3.2. Supported Platforms and System Requirements
3.3. Kolab Product Series
1. Groupware Overview
2. Kolab Server Overview
2.1. Functional Requirements of the Authentication & Authorization Database
2.2. Functional Requirements of the (Web) Administration
2.3. Functional Requirements of the Mail Exchanger
2.4. Functional Requirements of the IMAP Server
2.5. Functional Requirements for the (Web) Client
3. Kolab SMTP Access Policy
3.1. What the Kolab SMTP Access Policy is
3.2. What the Kolab SMTP Access Policy is not
3.3. When?
3.4. Kolab SMTP Access Policy in Action During Submission
4. Email
4.1. Content-filtering
4.1.1. Recipient Checking
4.1.2. Anti-Spam
4.1.3. Anti-Virus
4.1.4. White- and Blacklisting
4.1.5. Greylisting
4.1.6. Real-time DNS Blacklisting
4.1.7. Sender Address Verification
4.1.8. SPF Record Enforcement
4.2. Recipient Checking
4.3. Integration & Interoperability
4.3.1. Pretty Good Privacy & S/MIME
4.3.2. Email Routing
4.3.3. Shared Folders
4.3.4. Distribution Groups
4.3.5. See Also
5. Calendaring
6. Kolab Daemon
7. Kolab Content Filters
7.1. The Wallace Content Filter
7.1.1. Message Flow and Processing in Wallace
7.1.2. Module Spool Directories
7.1.3. Module API Requirements
7.1.4. Wallace Module Interfaces
7.1.5. List of Wallace Modules
7.1.6. Configuring the Wallace Content Filter
7.1.7. Security Enhanced Linux Considerations
8. Kolab Objects
8.1. Object Types
9. Authentication & Authorization
9.1. The User Supplied Login
9.2. LDAP
9.2.1. Username & Password Authentication
9.2.2. Kerberos Authentication
9.2.3. SSL Certificate Authentication
9.2.4. Kolab & LDAP
9.3. PAM
9.3.1. Username & Password Authentication
9.3.2. One-Time Passwords
9.3.3. Kerberos Authentication
9.3.4. SSL Certificate Authentication
9.3.5. Kolab & PAM
9.4. SASL Database
9.4.1. Username & Password Authentication
9.4.2. Kerberos Authentication
9.4.3. SSL Certificate Authentication
9.4.4. Kolab & SASL Database
9.5. SQL
9.5.1. SQL Technologies
9.5.2. Username & Password Authentication
9.5.3. Kerberos Authentication
9.5.4. SSL Certificate Authentication
9.5.5. Kolab & SQL
9.6. Password Supplements & Security
9.6.1. Simple Authentication Security Layer
9.6.2. "No plain text over the wire"
9.7. Authorization Through Groups
10. Integration & Interoperability
10.1. Authentication & Authorization
10.2. Auditing
10.3. Calendaring
10.4. Email
10.4.1. Content-filtering and 3rd Party Appliances
10.5. Recipient Checking
10.6. SSL Certificate Infrastructure
11. Configuration Management
11.1. Configuration Management Objects
11.2. Kolab Configuration File
11.2.1. [kolab]
11.2.2. [ldap]
11.2.3. A Base DN for Every Type
11.2.4. Use of Bind Credentials
12. Archiving & Discovery
12.1. Methodologies for Archiving
12.1.1. Blind Carbon Copy
12.1.2. Save to Archive
12.1.3. IMAP Server Replica Client
12.1.4. Backup with Delayed Delete and Expunge
12.2. Methodologies for Discovery
12.2.1. Analysis of the Telemetry Log
12.2.2. IMAP Server Replica Client
13. Akonadi for Integration and Caching
13.1. Server-Side Akonadi Architecture Overview
13.2. Procedural Descriptions
13.3. Notes from Design Sessions
13.3.1. Authentication to Akonadi Control Server
13.3.2. AMQP Capabilities for libakonadi
13.3.3. AMQP Capabilities for Akonadi
13.3.4. libakonadi Direct IMAP Connections
14. Free/Busy
15. Smart Clients
15.1. First-time Login
15.2. Consecutive Operations
15.3. Default Groupware Folders
15.4. Access Control, Shared Folders and User Interaction
15.4.1. More Advanced Display
16. Mobile Device Synchronization
16.1. SyncML
16.2. ActiveSync
17. Administration Panel
17.1. Configuration
17.2. Deployment
17.3. Web Administration Panel API
17.3.1. HTTP Method Convention
17.3.2. Service and Method Naming Convention
17.3.3. Standard Response Layout
17.3.4. Service Handlers
17.3.5. The domain Service
17.3.6. The domains Service
17.3.7. The form_value Service
17.3.8. The group Service
17.3.9. The system Service
17.3.10. The user Service
17.3.11. The user_types Service
17.3.12. The users Service
18. Enforcing Entitlements
18.1. Software Repositories Behind Lock and Key
18.2. Entitlements Files
18.3. Issuing Entitlement Files
18.4. Implementing Enforcement
19. Migration
A. Terminology
B. Feature FAQ
B.1. What Kolab Groupware Is (Not)
B.2. Detailed Questions
Index