- 08 Jun, 2014 3 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
adding a new script archive_conf_files.sh to dump the contents of all files modified by editconf.py so testing is easier
-
Joshua Tauberer authored
Protect private key from being world-readable
-
- 07 Jun, 2014 4 commits
-
-
Michael Kropat authored
Postfix, Dovecot, and nginx all read the key file while they're running as root — before dropping permissions — so no authorization is needed on the private key file beyond being root-readable.
-
Joshua Tauberer authored
Merges branch 'mkropat-populate-hostname-ip'
-
Joshua Tauberer authored
add comments to the new get_default_hostname etc. functions, and simplify the logic in the Vagrantfile and start.sh so that we always call into the same two functions
-
Michael Kropat authored
Default IP+hostname values were incorrect for my VPS provider. I improved the detection, which should give correct results results for almost any provider. Specific issues addressed: - icanhazip.com detection was only enabled in non-interactive mode - `hostname` is by convention a short (non-fqdn) name in Ubuntu - `hostname --fqdn` fails if provider does not pouplate `hosts` file - `hostname -i` fails if provider does not populate `hosts` file - `curl` without `--fail` will someday return crazy results when icanhazip.com returns 500 errors or similar
-
- 06 Jun, 2014 6 commits
-
-
Joshua Tauberer authored
Mask password input on stdin in tools/mail.py
-
Michael Kropat authored
-
Joshua Tauberer authored
allow dashes in emails during validation, and for aliases allow a much wider range of characters, fixes #64 * for local mail users, also disallows periods at the beginning or end of the local or domain parts * Dovecot gets confused if the string contains any unusual characters, so local mail users are restricted to a narrow regex * for mail aliases Postfix is not confused so use a regex based on RFC 2822
-
Joshua Tauberer authored
-
Joshua Tauberer authored
* use a public box (the official Ubuntu 14.04 box which contra the description does have VBox Guest Additions installed) * now that we allow SSH password logins, since Vagrant requires it, dont muck with sshd_config here * don't put the machine on the public network because that will allow anyone to log into it with Vagrant's default username/password, duh
-
Joshua Tauberer authored
move the SSH password login check out of setup because it interfers with Vagrant and into a separate script that we'll use for auditing in a later phase
-
- 05 Jun, 2014 2 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
- 04 Jun, 2014 9 commits
-
-
Joshua Tauberer authored
* adding a Vagrantfile * in a non-interactive setup like this, create the user's first email account for them * let the machine auto-detect its IP address using http://icanhazip.com/ * use our own justtesting.email domain to provision a subdomain for users so they can quickly get started
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
script to check the SSL certificate, with instructions for turning the self-signed certificate into a properly signed certificate
-
- 03 Jun, 2014 8 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
* Created a new Python/flask-based management daemon. * Moved the mail user management core code from tools/mail.py to the new daemon. * tools/mail.py is a wrapper around the daemon and can be run as a non-root user. * Adding a new initscript for the management daemon. * Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API. This also now runs the DNS update after mail users and aliases are added/removed, which sets up new domains' DNS as needed.
-
Joshua Tauberer authored
-
- 23 May, 2014 1 commit
-
-
Joshua Tauberer authored
remove permit_dnswl_client because postfix has odd behavior when an IP address is not listed: it turns all bounces into deferrals (retry) partially reverts 6d473f81
-
- 17 May, 2014 1 commit
-
-
Joshua Tauberer authored
test_mail: if EHLO test fails continue testing the rest, since user may be waiting on DNS propagation
-
- 15 May, 2014 2 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
add more postfix rules: reject_non_fqdn_sender, reject_unknown_sender_domain, reject_rhsbl_sender, and permit_dnswl_client
-
- 14 May, 2014 1 commit
-
-
Joshua Tauberer authored
-
- 12 May, 2014 1 commit
-
-
Joshua Tauberer authored
-
- 10 May, 2014 2 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
test_dns: properly test the non-primary domain of a box (for email addresses on domains besides PUBLIC_HOSTNAME)
-