sudo -i
apt update
apt -y upgrade
apt -y dist-upgrade
apt install -y postgresql-contrib tree p7zip-full sysstat catdoc antiword html2text unrtf libid3-tools ffmpeg openjdk-8-jre poppler-utils unzip
cd /opt
tar -xf ./Noodle.tar.gz
cd ./Noodle
su postgres -c 'cd ~/;psql --file /opt/Noodle/init.sql'
./configure
mv noodle.daemon /etc/init.d/noodle
update-rc.d noodle defaults
service noodle start

(see also howto get a new version of PGSQL )

sudo -i
apt-get install -y postgresql-9.3 postgresql-contrib-9.3 default-jre p7zip-full screen
cd /opt
tar -xf ./Noodle.tar.gz
cd ./Noodle
echo "host all all 127.0.0.1/32 password" >> /etc/postgresql/9.3/main/pg_hba.conf
service postgres start
su postgres -c 'cd ~/;psql --file /opt/Noodle/init.sql'
./configure
mv noodle.daemon /etc/init.d/noodle
service noodle start
update-rc.d noodle defaults

mailto has no defined limit on the number of characters but there are limits in practice (as of 2015)

Web Browsers:

  •  Apple Safari
    • 705000000
    • Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56
    • limited by 16GB RAM
  • Mozilla Firefox
    • 268435455
    • Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:41.0) Gecko/20100101 Firefox/41.0
    • limited by maximum string length
  • Google Chrome
    • 2097132
    • Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36
    • limited without explanation
  • Microsoft Internet Explorer
    • 2029
    • Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; rv:11.0) like Gecko
    • limited without explanation

Email Clients:

  • Mozilla Thunderbird
    • 2097132 works in 1 second
    • 268435455 uses 100% CPU for 2 minutes but fails to render the body and is not usable
    • version 38.3.0
  • SeaMonkey
    • 2097132 works in 5 seconds
    • 268435455 uses 100% CPU for a long time (more than 5 minutes)
    • version 2.38
  • Apple Mail
    • 500000 works in 14 seconds
    • 2097132 uses 100% CPU for a long time (more than 5 minutes)
    • version 8.2
  • Microsoft Outlook
    • trims any url to 2070 in 1 second
    • version 2013

There is a Microsoft Office bug (2019105) that will attempt WebDAV windows authentication from non WebDAV links. To work around this bug the server can specify the "Content-Disposition" header as an "attachment" (requesting the browser save the file instead of opening it). Microsoft Internet Explorer will still ask if you want to open the file but will not attempt WebDAV. When making links with ShowItemData.po use the "download" in place of the "filename" parameter. For example:

/ShowItemData.po?handle=123&download=file.ext

 

 

This code can be added to a re-writer to select no manager by default
How to make "Reports to" default to nothing or a selected user instead of the current user:

if(url.indexOf("UserDetails.po")>-1 && url.indexOf("user=")<0){
  doc.getElementById("users_MANAGER").selectedIndex=0;
}

If someone tries to brute force passwords their IP will be added to the blacklist.

  • The IP will be un-listed after 12 hours.
  • The default threshold for authentication failure rate is 20 per minute.
  • The default (BlackList.PerMinuteThreshold = 20) can be changed in the intranet.conf.
  • Hosted clients can disable blacklisting in the settings.
  • One NATed IPv4 user can get many users blacklisted due to shared IP. IPv6 or internal monitoring are the only way to prevent that without disabling blacklisting.

 

Stronger SSL Encryption can be achieved by doing the following:

  • Upgrade your operating system
  • Upgrade Java
  • Upgrade Noodle
  • Get Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for JDK/JRE 8
  • Limit Ciphers
    • multiserver.conf
      • Connection.CM_1.Ciphers[] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      • For less security but more compatibility add ,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384
  • Limit Protocols
    • multiserver.conf
      • Connection.CM_1.Protocols[] = TLSv1.2
  • Add a CAA record to your DNS.

The available ciphers and protocols are listed on http://DOMAIN.TLD/Check.po?admin=now
Test at ssllabs.

  1. Use a mobile device that is not restrictive (cm is recommended) or at least permits the Installation of Google Chrome.Push_1
  2. Install Google Chrome.Push_2
  3. Open Noodle. SSL must be used.Push_3
  4. Login.Push_4
  5. View Messages, and click subscribe.Push_5
  6. Use a desktop browser to create and fill in the push URL setting.Push_6
  7. Push subscribe with your mobile again, and now when someone sends you an instant message you will be Notified. Notifications will also show up on smart watches.Push_7

Emails can be sent in the following 5 ways:

  • Subscriptions (per user)
    • My Profile > Edit > What's New > Subscription
    • System Tools > People > [USER] > What's New > Subscription
  • Auto notifications (per folder)
    • Administration > Auto Notification
    • (supported folder application types only)
  • Workflow (per folder)
    • Workflow Tab
    • (supported folder application types only)
  • Memo manger (per site)
    • System application
  • Notification (any item or fodler)
    • any user can notify any other user of any item