- 09 Jun, 2014 1 commit
-
-
Joshua Tauberer authored
-
- 08 Jun, 2014 8 commits
-
-
Joshua Tauberer authored
Support dual-stack IPv4/IPv6 mail servers
-
Michael Kropat authored
Testing showed that it may take a few seconds for the default values to populate. If the help text is shown, “Enter the public IP address…,” but no prompt is shown, the user may get confused and try to enter the IP address before mailinabox has had a chance to figure out and display a suitable default value.
-
Joshua Tauberer authored
This re-implements part of PR #69 by @mkropat, who wrote: By default, Postfix adds a Received header — on all mail that you send — that lists the IP of the device you sent the mail from. This feature is great if you're a mail provider and you need to debug why one user is having sending issues. This feature is not so great if you run your own mail server and you don't want every recipient of every email you send to know the device and IP you sent the email from. To limit this filtering to outgoing mail only, we apply the filters just to the submission port. See these guides [1] [2] for more context. [1] http://askubuntu.com/a/78168/11259 [2] http://www.void.gr/kargig/blog/2013/11/24/anonymize-headers-in-postfix/
-
Michael Kropat authored
Addresses #3 Added support by adding parallel code wherever `$PUBLIC_IP` was used. Providing an IPv6 address is completely optional. Playing around on my IPv6-enabled mail server revealed that — before this change — mailinabox might try to use an IPv6 address as the value for `$PUBLIC_IP`, which wouldn't work out well.
-
Joshua Tauberer authored
* using it to enable the Postfix submission service * per @mkropat's suggestion in #69, set an option to distinguish submission from regular smpd in syslog by giving submission a new name (doing this here to test that editconf is working right on master.cf)
-
Joshua Tauberer authored
-
Joshua Tauberer authored
adding a new script archive_conf_files.sh to dump the contents of all files modified by editconf.py so testing is easier
-
Joshua Tauberer authored
Protect private key from being world-readable
-
- 07 Jun, 2014 4 commits
-
-
Michael Kropat authored
Postfix, Dovecot, and nginx all read the key file while they're running as root — before dropping permissions — so no authorization is needed on the private key file beyond being root-readable.
-
Joshua Tauberer authored
Merges branch 'mkropat-populate-hostname-ip'
-
Joshua Tauberer authored
add comments to the new get_default_hostname etc. functions, and simplify the logic in the Vagrantfile and start.sh so that we always call into the same two functions
-
Michael Kropat authored
Default IP+hostname values were incorrect for my VPS provider. I improved the detection, which should give correct results results for almost any provider. Specific issues addressed: - icanhazip.com detection was only enabled in non-interactive mode - `hostname` is by convention a short (non-fqdn) name in Ubuntu - `hostname --fqdn` fails if provider does not pouplate `hosts` file - `hostname -i` fails if provider does not populate `hosts` file - `curl` without `--fail` will someday return crazy results when icanhazip.com returns 500 errors or similar
-
- 06 Jun, 2014 6 commits
-
-
Joshua Tauberer authored
Mask password input on stdin in tools/mail.py
-
Michael Kropat authored
-
Joshua Tauberer authored
allow dashes in emails during validation, and for aliases allow a much wider range of characters, fixes #64 * for local mail users, also disallows periods at the beginning or end of the local or domain parts * Dovecot gets confused if the string contains any unusual characters, so local mail users are restricted to a narrow regex * for mail aliases Postfix is not confused so use a regex based on RFC 2822
-
Joshua Tauberer authored
-
Joshua Tauberer authored
* use a public box (the official Ubuntu 14.04 box which contra the description does have VBox Guest Additions installed) * now that we allow SSH password logins, since Vagrant requires it, dont muck with sshd_config here * don't put the machine on the public network because that will allow anyone to log into it with Vagrant's default username/password, duh
-
Joshua Tauberer authored
move the SSH password login check out of setup because it interfers with Vagrant and into a separate script that we'll use for auditing in a later phase
-
- 05 Jun, 2014 2 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
- 04 Jun, 2014 9 commits
-
-
Joshua Tauberer authored
* adding a Vagrantfile * in a non-interactive setup like this, create the user's first email account for them * let the machine auto-detect its IP address using http://icanhazip.com/ * use our own justtesting.email domain to provision a subdomain for users so they can quickly get started
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
script to check the SSL certificate, with instructions for turning the self-signed certificate into a properly signed certificate
-
- 03 Jun, 2014 8 commits
-
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
-
Joshua Tauberer authored
* Created a new Python/flask-based management daemon. * Moved the mail user management core code from tools/mail.py to the new daemon. * tools/mail.py is a wrapper around the daemon and can be run as a non-root user. * Adding a new initscript for the management daemon. * Moving dns_update.sh to the management daemon, called via curl'ing the daemon's API. This also now runs the DNS update after mail users and aliases are added/removed, which sets up new domains' DNS as needed.
-
Joshua Tauberer authored
-
- 23 May, 2014 1 commit
-
-
Joshua Tauberer authored
remove permit_dnswl_client because postfix has odd behavior when an IP address is not listed: it turns all bounces into deferrals (retry) partially reverts 6d473f81
-
- 17 May, 2014 1 commit
-
-
Joshua Tauberer authored
test_mail: if EHLO test fails continue testing the rest, since user may be waiting on DNS propagation
-