cqrenet/relay
4
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-06-10 05:31:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,260 Commits 224 Branches 13 Tags
e35d6dff6b96aa593047a980d847dbaf4e642b92
Commit Graph

1260 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
holger krekel abe0cb5d08 address cliff's comments about dovecot/postfix 2025-12-17 16:21:40 +01:00
missytake 8c8c37c822 postfix: restart automatically on failure 2025-12-17 16:21:40 +01:00
missytake e7bed4d2a1 dovecot: restart automatically on failure 2025-12-17 16:21:40 +01:00
j4n df21076e9b acmetool: use a fixed name and reconcile instead of want 2025-12-17 11:57:41 +01:00
missytake 70da217442 opendkim: only display last sigerror 2025-12-17 10:39:50 +01:00
missytake 40fd62c562 opendkim: report DKIM error code in SMTP response 2025-12-17 10:39:50 +01:00
cliffmccarthy d76b33def1 feat: Remove echo from passthrough recipients 2025-12-17 10:35:47 +01:00
cliffmccarthy bab3de9768 feat: Remove echobot user from deployment 2025-12-17 10:35:47 +01:00
cliffmccarthy 49c66116bf feat: Remove echobot special cases 2025-12-17 10:35:47 +01:00
373 9bf99cc8a9 removes development notice 2025-12-16 15:06:45 +01:00
Mark Felder 1188aed061 Related: Add the Chatmail Cookbook project 2025-12-14 20:32:08 +01:00
Mark Felder e15b8ebf11 docs README update 
There is no sphinx-build to pip install
 2025-12-14 20:31:19 +01:00
missytake c84ddf69e8 add missing changelog entries 1.8.0 2025-12-12 14:18:42 +01:00
missytake 96fc3d9ff6 tests: don't let test_status_cmd test server state 2025-12-12 14:00:53 +01:00
missytake 4b5e8feb96 ci: run test_status_cmd at the end to avoid flakiness 2025-12-12 14:00:53 +01:00
Rodrigo Camacho c98853570b updated location of the documentation for custom webpage location 2025-12-11 22:50:02 +01:00
Simon Laux bad356503e Merge pull request #745 from chatmail/simon/i744 
fix: Handle case where user followed the tutorial and set the CNAME reccord for mta-sts, but no TXT record for it yet.
 2025-12-11 22:41:14 +01:00
adb dba48e88d1 Merge pull request #760 from chatmail/adb/issue-734 
add imap_compress option to chatmail.ini
 2025-12-11 08:33:41 +01:00
adbenitez 3ae8834cbe update changelog 2025-12-11 08:33:24 +01:00
adb 81391f4066 Update cmdeploy/src/cmdeploy/dovecot/dovecot.conf.j2 
Co-authored-by: missytake <missytake@systemli.org>
 2025-12-10 20:43:03 +01:00
adbenitez 55cfd00505 add imap_compress option to chatmail.ini 2025-12-09 09:32:53 +01:00
holger krekel b000213c68 remove echobot from relay deployment and make sure it's un-installed during "cmdeploy run" 2025-12-07 20:14:35 +01:00
link2xt 51d16b6bb8 Add hpk42 SSH key to staging server for debugging 2025-12-07 20:13:38 +01:00
link2xt 2beba8c455 ci: add deployment environments for all deployment workflows 
Code posting the link to comments is removed
as deployment URLs are directly visible in the UI.
 2025-12-07 15:21:44 +01:00
link2xt 33c67d22fa Add execnet dependency 2025-12-07 15:21:44 +01:00
j4n 166bf68915 Remove DKIM-Signature from incoming mail after checking (#747) 
The original https://github.com/chatmail/relay/pull/533 attempted to remove the header through postfix, but that is too early. Instead, remove the headers in the OpenDKIM `final.lua` script after the validation.
 2025-12-04 12:23:27 +01:00
Treefit abb70a6b14 Handle case where user followed the tutorial and set the CNAME reccord 
for mta-sts, but no TXT record for it yet.
 2025-11-28 09:34:44 +01:00
Maikel Frias Mosquea 96108bbaba fix: cmdeploy webdev now works as intended 
Before: cmdeploy webdev just kept running non-stop regeneration of the
files with this it truly stop unless there's an actual change.
 2025-11-25 22:26:47 +01:00
Mark Felder 8f68672e31 FreeBSD/pf example: fix small inconsistency 
harmless, but better to be consistent
 2025-11-21 10:02:44 +01:00
Mark Felder 9e6e3af534 Proxy example for FreeBSD/pf 2025-11-20 17:03:31 +01:00
missytake fa5a6a64b3 opendkim: use opendkim as selector as before 2025-11-16 19:53:54 +01:00
holger krekel 6b7c002e24 use non-underscore naming for basedeploy helpers 2025-11-16 19:53:54 +01:00
holger krekel 4b2f98788d remove unneeded __init__ files 2025-11-16 19:53:54 +01:00
holger krekel 13faa42abd shift mtail deployer to subdir 2025-11-16 19:53:54 +01:00
holger krekel 7c12136991 move out nginx deployer 2025-11-16 19:53:54 +01:00
holger krekel 3637bba5dc move dovecot deployer out to dovecot/ directory 2025-11-16 19:53:54 +01:00
holger krekel e2b157bd96 move postfix deployer to postfix directory 2025-11-16 19:53:54 +01:00
holger krekel 83abb3a3e1 factor out opendkim deployer 2025-11-16 19:53:54 +01:00
link2xt 2e3e3101b6 Add robots.txt to exclude all web crawlers 2025-11-16 10:31:14 +00:00
missytake 213d68ed02 acmetool: accept new Let's Encrypt Terms of Services (#729) 2025-11-16 09:51:39 +01:00
link2xt 68cc6676ef Update changelog 2025-11-15 10:51:04 +00:00
link2xt 14ca95d25a fix(postfix): set smtpd_tls_mandatory_protocols for port 25 
smtp_tls_mandatory_protocols does not affect port 25
because we require STARTTLS on port 25 since commit
8d7e1dad0e

We don't have any smtpd ports with opportunistic TLS.
Submission ports require TLSv1.3 and starting with this commit
MX port will require TLSv1.2 instead of TLSv1.

I have not managed to connect using TLSv1.1
even without this fix to reproduce the problem,
but I have checked that setting
`-o smtpd_tls_mandatory_protocols=>=TLSv1.3`
does not allow to connect using TLSv1.2 anymore using
`openssl s_client -connect example.org:25 -starttls smtp -tls1_2`.

`smtpd_tls_protocols` setting is removed
because it does not affect anything except the internal ports
and its `git blame` points to the wrong commit.
 2025-11-15 10:51:04 +00:00
link2xt 3524b055db fix(postfix): set smtp_tls_mandatory_protocols to require TLSv1.2 for outgoing connections 
According to
<https://www.postfix.org/postconf.5.html#smtp_tls_security_level>
for outgoing connections with smtp_tls_security_level
`encrypt` and higher (such as `verify` that we currently use)
the setting `smtp_tls_mandatory_protocols`
is used instead of `smtp_tls_protocols`.
According to `postconf -d`
(and `postconf` because the default is not changed)
current setting value is `smtp_tls_mandatory_protocols = >=TLSv1`.
But we only want to connect outside with TLS 1.2 and TLS 1.3.

`smtp_tls_protocols` which was already set to `>= TLSv1.2`
in commit 0155f32df6
only affected outgoing connections with the `may` level
exception set for nauta.cu domain via `smtp_tls_policy_maps`
which does not support STARTTLS at all.
 2025-11-15 10:51:04 +00:00
holger krekel 7b16f1330d Update doc/source/overview.rst 
Co-authored-by: missytake <missytake@systemli.org>
 2025-11-13 21:03:54 +01:00
holger krekel 7a907b138c fix heading 2025-11-13 21:03:54 +01:00
holger krekel 0ff0159a89 update mermaid overview graph 2025-11-13 21:03:54 +01:00
holger krekel 81d2bf89c7 move all cleanup of historic artifacts into LegacyRemoveDeployer 2025-11-13 21:03:30 +01:00
missytake 514a911529 docs: document which services are involved in delivering an internal msg (#678) 
* doc: add diagram for internal message

* doc: apostrophe for clarity
 2025-11-13 21:02:19 +01:00
holger krekel fc7240a1ad simplify importing of resource files (avoid importlib.resources.files boilerplate) 2025-11-13 18:59:03 +01:00
holger krekel bdcccd858c add a comment about absolute imports 2025-11-13 18:59:03 +01:00