www: point link to e2ee FAQ from staging to production

2026-05-14 18:04:38 +00:00 · 2023-11-16 09:47:16 +01:00
18 changed files with 99 additions and 286 deletions
--- a/chatmaild/pyproject.toml
+++ b/chatmaild/pyproject.toml
@@ -6,21 +6,15 @@ build-backend = "setuptools.build_meta"
 name = "chatmaild"
 version = "0.1"
 dependencies = [
-  "aiosmtpd",
+  "aiosmtpd"
  "flask",
  "gunicorn",
 ]
 [project.scripts]
 doveauth = "chatmaild.doveauth:main"
 doveauth-http = "chatmaild.web:main"
 filtermail = "chatmaild.filtermail:main"
 [tool.pytest.ini_options]
 addopts = "-v -ra --strict-markers"
 log_format = "%(asctime)s %(levelname)s %(message)s"
 log_date_format = "%Y-%m-%d %H:%M:%S"
 log_level = "INFO"
 [tool.tox]
 legacy_tox_ini = """
--- a/chatmaild/src/chatmaild/doveauth-http.service
+++ b/chatmaild/src/chatmaild/doveauth-http.service
@@ -1,10 +0,0 @@
 [Unit]
 Description=HTTP endpoint for creating chatmail accounts
 [Service]
 ExecStart=/usr/local/bin/gunicorn --timeout 60 -b :3691 -w 1 chatmaild.web:main
 Restart=always
 RestartSec=30
 [Install]
 WantedBy=multi-user.target
--- a/chatmaild/src/chatmaild/doveauth.py
+++ b/chatmaild/src/chatmaild/doveauth.py
@@ -3,6 +3,7 @@ import os
 import time
 import sys
 import json
 import crypt
 from socketserver import (
    UnixStreamServer,
    StreamRequestHandler,
@@ -11,7 +12,39 @@ from socketserver import (
 import pwd
 from .database import Database
-from .util import is_allowed_to_create, encrypt_password, get_mail_domain
+
 NOCREATE_FILE = "/etc/chatmail-nocreate"
 def encrypt_password(password: str):
    # https://doc.dovecot.org/configuration_manual/authentication/password_schemes/
    passhash = crypt.crypt(password, crypt.METHOD_SHA512)
    return "{SHA512-CRYPT}" + passhash
 def is_allowed_to_create(user, cleartext_password) -> bool:
    """Return True if user and password are admissable."""
    if os.path.exists(NOCREATE_FILE):
        logging.warning(f"blocked account creation because {NOCREATE_FILE!r} exists.")
        return False
    if len(cleartext_password) < 10:
        logging.warning("Password needs to be at least 10 characters long")
        return False
    parts = user.split("@")
    if len(parts) != 2:
        logging.warning(f"user {user!r} is not a proper e-mail address")
        return False
    localpart, domain = parts
    if domain == "nine.testrun.org":
        # nine.testrun.org policy, username has to be exactly nine chars
        if len(localpart) != 9:
            logging.warning(f"localpart {localpart!r} has not exactly nine chars")
            return False
    return True
 def get_user_data(db, user):
@@ -83,31 +116,26 @@ def handle_dovecot_request(msg, db, mail_domain):
 class ThreadedUnixStreamServer(ThreadingMixIn, UnixStreamServer):
-    request_queue_size = 100
+    pass
 def main():
    socket = sys.argv[1]
    passwd_entry = pwd.getpwnam(sys.argv[2])
    db = Database(sys.argv[3])
-    mail_domain = get_mail_domain()
+    with open("/etc/mailname", "r") as fp:
        mail_domain = fp.read().strip()
    class Handler(StreamRequestHandler):
        def handle(self):
-            try:
+            while True:
-                while True:
+                msg = self.rfile.readline().strip().decode()
-                    msg = self.rfile.readline().strip().decode()
+                if not msg:
-                    if not msg:
+                    break
-                        break
+                res = handle_dovecot_request(msg, db, mail_domain)
-                    res = handle_dovecot_request(msg, db, mail_domain)
+                if res:
-                    if res:
+                    self.wfile.write(res.encode("ascii"))
-                        self.wfile.write(res.encode("ascii"))
+                    self.wfile.flush()
                        self.wfile.flush()
                    else:
                        logging.warn("request had no answer: %r", msg)
            except Exception:
                logging.exception("Exception in the handler")
                raise
    try:
        os.unlink(socket)
--- a/chatmaild/src/chatmaild/filtermail.py
+++ b/chatmaild/src/chatmaild/filtermail.py
@@ -149,7 +149,7 @@ class SendRateLimiter:
 def main():
    args = sys.argv[1:]
    assert len(args) == 1
-    logging.basicConfig(level=logging.WARN)
+    logging.basicConfig(level=logging.INFO)
    loop = asyncio.new_event_loop()
    asyncio.set_event_loop(loop)
    task = asyncmain_beforequeue(port=int(args[0]))
--- a/chatmaild/src/chatmaild/util.py
+++ b/chatmaild/src/chatmaild/util.py
@@ -1,56 +0,0 @@
 import base64
 import random
 import logging
 import os
 import crypt
 NOCREATE_FILE = "/etc/chatmail-nocreate"
 def is_allowed_to_create(user, cleartext_password) -> bool:
    """Return True if user and password are admissable."""
    if os.path.exists(NOCREATE_FILE):
        logging.warning(f"blocked account creation because {NOCREATE_FILE!r} exists.")
        return False
    if len(cleartext_password) < 10:
        logging.warning("Password needs to be at least 10 characters long")
        return False
    parts = user.split("@")
    if len(parts) != 2:
        logging.warning(f"user {user!r} is not a proper e-mail address")
        return False
    localpart, domain = parts
    if domain == "nine.testrun.org":
        # nine.testrun.org policy, username has to be exactly nine chars
        if len(localpart) != 9:
            logging.warning(f"localpart {localpart!r} has not exactly nine chars")
            return False
    return True
 def gen_password():
    with open("/dev/urandom", "rb") as f:
        s = f.read(21)
    return base64.b64encode(s).decode("ascii")[:12]
 def encrypt_password(password: str):
    # https://doc.dovecot.org/configuration_manual/authentication/password_schemes/
    passhash = crypt.crypt(password, crypt.METHOD_SHA512)
    return "{SHA512-CRYPT}" + passhash
 def get_mail_domain():
    with open("/etc/mailname", "r") as fp:
        return fp.read().strip()
 def get_valid_email_addr(length=9, chars="2345789acdefghjkmnpqrstuvwxyz"):
    localpart = "".join(random.choice(chars) for i in range(length))
    mail_domain = get_mail_domain()
    return f"{localpart}@{mail_domain}"
--- a/chatmaild/src/chatmaild/web.py
+++ b/chatmaild/src/chatmaild/web.py
@@ -1,48 +0,0 @@
 from flask import Flask, jsonify, request
 import time
 import os
 from database import Database
 from util import gen_password, get_valid_email_addr, encrypt_password
 from doveauth import get_user_data
 def create_app_from_db_path(db_path=None):
    db = Database(db_path)
    return create_app_from_db(db)
 def create_app_from_db(db):
    app = Flask("chatmaild-http")
    app.db = db
    @app.route("/", methods=["POST"])
    def new_email():
        for i in range(10):
            addr = get_valid_email_addr()
            if not get_user_data(db, addr):
                cleartext_password = gen_password()
                encrypted_password = encrypt_password(cleartext_password)
                q = """INSERT INTO users (addr, password, last_login)
                       VALUES (?, ?, ?)"""
                with db.write_transaction() as conn:
                    conn.execute(q, (addr, encrypted_password, int(time.time())))
                return jsonify(
                    email=addr,
                    password=cleartext_password,
                )
        return jsonify(
            type="error",
            status_code=409,
            reason="all 10 email addresses we tried are taken"
        )
    return app
 def main():
    """(debugging-only!) serve http account creation Web API on localhost"""
    db_path = os.getenv("CHATMAIL_DATABASE", "/home/vmail/passdb.sqlite")
    app = create_app_from_db_path(db_path)
    if __name__ == "__main__":
        app.run(debug=True, host="localhost", port=3691)
--- a/deploy-chatmail/src/deploy_chatmail/init.py
+++ b/deploy-chatmail/src/deploy_chatmail/init.py
@@ -25,8 +25,8 @@ def _install_chatmaild() -> None:
        )
        apt.packages(
-            name="apt install python3-aiosmtpd python3-pip python3-venv",
+            name="apt install python3-aiosmtpd",
-            packages=["python3-aiosmtpd", "python3-pip", "python3-venv"],
+            packages=["python3-aiosmtpd", "python3-pip"],
        )
        # --no-deps because aiosmtplib is installed with `apt`.
@@ -46,7 +46,6 @@ def _install_chatmaild() -> None:
        for fn in (
            "doveauth",
            "doveauth-http",
            "filtermail",
        ):
            files.put(
@@ -134,44 +133,6 @@ def _configure_opendkim(domain: str, dkim_selector: str) -> bool:
    return need_restart
 def _install_mta_sts_daemon() -> bool:
    need_restart = False
    config = files.put(
        name="upload postfix-mta-sts-resolver config",
        src=importlib.resources.files(__package__).joinpath(
            "postfix/mta-sts-daemon.yml"
        ),
        dest="/etc/mta-sts-daemon.yml",
        user="root",
        group="root",
        mode="644",
    )
    need_restart |= config.changed
    server.shell(
        name="install postfix-mta-sts-resolver with pip",
        commands=[
            "python3 -m venv /usr/local/lib/postfix-mta-sts-resolver",
            "/usr/local/lib/postfix-mta-sts-resolver/bin/pip install postfix-mta-sts-resolver",
        ],
    )
    systemd_unit = files.put(
        name="upload mta-sts-daemon systemd unit",
        src=importlib.resources.files(__package__).joinpath(
            "postfix/mta-sts-daemon.service"
        ),
        dest="/etc/systemd/system/mta-sts-daemon.service",
        user="root",
        group="root",
        mode="644",
    )
    need_restart |= systemd_unit.changed
    return need_restart
 def _configure_postfix(domain: str, debug: bool = False) -> bool:
    """Configures Postfix SMTP server."""
    need_restart = False
@@ -270,16 +231,6 @@ def _configure_nginx(domain: str, debug: bool = False) -> bool:
    )
    need_restart |= autoconfig.changed
    mta_sts_config = files.template(
        src=importlib.resources.files(__package__).joinpath("nginx/mta-sts.txt.j2"),
        dest="/var/www/html/.well-known/mta-sts.txt",
        user="root",
        group="root",
        mode="644",
        config={"domain_name": domain},
    )
    need_restart |= mta_sts_config.changed
    return need_restart
@@ -304,7 +255,7 @@ def deploy_chatmail(mail_domain: str, mail_server: str, dkim_selector: str) -> N
    )
    # Deploy acmetool to have TLS certificates.
-    deploy_acmetool(nginx_hook=True, domains=[mail_server, f"mta-sts.{mail_server}"])
+    deploy_acmetool(nginx_hook=True, domains=[mail_server])
    apt.packages(
        name="Install Postfix",
@@ -335,7 +286,6 @@ def deploy_chatmail(mail_domain: str, mail_server: str, dkim_selector: str) -> N
    postfix_need_restart = _configure_postfix(mail_domain, debug=debug)
    opendkim_need_restart = _configure_opendkim(mail_domain, dkim_selector)
    nginx_need_restart = _configure_nginx(mail_domain)
    mta_sts_need_restart = _install_mta_sts_daemon()
    # deploy web pages and info if we have them
    pkg_root = importlib.resources.files(__package__)
@@ -351,15 +301,6 @@ def deploy_chatmail(mail_domain: str, mail_server: str, dkim_selector: str) -> N
        restarted=opendkim_need_restart,
    )
    systemd.service(
        name="Start and enable MTA-STS daemon",
        service="mta-sts-daemon.service",
        daemon_reload=True,
        running=True,
        enabled=True,
        restarted=mta_sts_need_restart,
    )
    systemd.service(
        name="Start and enable Postfix",
        service="postfix.service",
--- a/deploy-chatmail/src/deploy_chatmail/acmetool/init.py
+++ b/deploy-chatmail/src/deploy_chatmail/acmetool/init.py
@@ -46,7 +46,8 @@ def deploy_acmetool(nginx_hook=False, email="", domains=[]):
        mode="644",
    )
-    server.shell(
+    for domain in domains:
-        name=f"Request certificate for: { ', '.join(domains) }",
+        server.shell(
-        commands=[f"acmetool want { ' '.join(domains)}"],
+            name=f"Request certificate for {domain}",
-    )
+            commands=[f"acmetool want {domain}"],
        )
--- a/deploy-chatmail/src/deploy_chatmail/nginx/mta-sts.txt.j2
+++ b/deploy-chatmail/src/deploy_chatmail/nginx/mta-sts.txt.j2
@@ -1,4 +0,0 @@
 version: STSv1
 mode: enforce
 mx: {{ config.domain_name }}
 max_age: 2419200
--- a/deploy-chatmail/src/deploy_chatmail/nginx/nginx.conf.j2
+++ b/deploy-chatmail/src/deploy_chatmail/nginx/nginx.conf.j2
@@ -42,10 +42,6 @@ http {
 			# as directory, then fall back to displaying a 404.
 			try_files $uri $uri/ =404;
 		}
        location /new_email {
            proxy_pass http://localhost:3691/;
        }
 	}
 }
--- a/deploy-chatmail/src/deploy_chatmail/opendkim/opendkim.conf
+++ b/deploy-chatmail/src/deploy_chatmail/opendkim/opendkim.conf
@@ -20,7 +20,7 @@ Domain			{{ config.domain_name }}
 Selector		{{ config.opendkim_selector }}
 KeyFile		  /etc/dkimkeys/{{ config.opendkim_selector }}.private
 KeyTable          /etc/dkimkeys/KeyTable
-SigningTable      refile:/etc/dkimkeys/SigningTable
+SigningTable      /etc/dkimkeys/SigningTable
 # In Debian, opendkim runs as user "opendkim". A umask of 007 is required when
 # using a local socket with MTAs that access the socket as a non-privileged
--- a/deploy-chatmail/src/deploy_chatmail/postfix/main.cf.j2
+++ b/deploy-chatmail/src/deploy_chatmail/postfix/main.cf.j2
@@ -23,7 +23,6 @@ smtpd_tls_security_level=may
 smtp_tls_CApath=/etc/ssl/certs
 smtp_tls_security_level=may
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 smtp_tls_policy_maps = socketmap:inet:127.0.0.1:8461:postfix
 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
 myhostname = {{ config.domain_name }}
--- a/deploy-chatmail/src/deploy_chatmail/postfix/master.cf.j2
+++ b/deploy-chatmail/src/deploy_chatmail/postfix/master.cf.j2
@@ -32,7 +32,6 @@ submission inet n       -       y       -       -       smtpd
  -o smtpd_recipient_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
  -o smtpd_client_connection_count_limit=1000
  -o smtpd_proxy_filter=127.0.0.1:10080
 smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
@@ -47,7 +46,6 @@ smtps     inet  n       -       y       -       -       smtpd
  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o smtpd_client_connection_count_limit=1000
  -o milter_macro_daemon_name=ORIGINATING
  -o smtpd_proxy_filter=127.0.0.1:10080
 #628       inet  n       -       y       -       -       qmqpd
--- a/deploy-chatmail/src/deploy_chatmail/postfix/mta-sts-daemon.service
+++ b/deploy-chatmail/src/deploy_chatmail/postfix/mta-sts-daemon.service
@@ -1,10 +0,0 @@
 [Unit]
 Description=Postfix MTA-STS resolver daemon
 [Service]
 ExecStart=/usr/local/lib/postfix-mta-sts-resolver/bin/mta-sts-daemon
 Restart=always
 RestartSec=30
 [Install]
 WantedBy=multi-user.target
--- a/deploy-chatmail/src/deploy_chatmail/postfix/mta-sts-daemon.yml
+++ b/deploy-chatmail/src/deploy_chatmail/postfix/mta-sts-daemon.yml
@@ -1,13 +0,0 @@
 host: 127.0.0.1
 port: 8461
 reuse_port: true
 shutdown_timeout: 20
 cache:
  type: internal
  options:
    cache_size: 10000
 proactive_policy_fetching:
  enabled: true
 default_zone:
  strict_testing: false
  timeout: 4
--- a/scripts/generate-dns-zone.sh
+++ b/scripts/generate-dns-zone.sh
@@ -15,9 +15,6 @@ _submission._tcp.$CHATMAIL_DOMAIN.  SRV 0 1 587 $CHATMAIL_DOMAIN.
 _submissions._tcp.$CHATMAIL_DOMAIN. SRV 0 1 465 $CHATMAIL_DOMAIN.
 _imap._tcp.$CHATMAIL_DOMAIN.        SRV 0 1 143 $CHATMAIL_DOMAIN.
 _imaps._tcp.$CHATMAIL_DOMAIN.       SRV 0 1 993 $CHATMAIL_DOMAIN.
-$CHATMAIL_DOMAIN. IN CAA 128 issue "letsencrypt.org;accounturi=$ACME_ACCOUNT_URL"
+$CHATMAIL_DOMAIN. IN CAA 128 issue "letsencrypt.org; accounturi=$ACME_ACCOUNT_URL"
 _mta-sts.$CHATMAIL_DOMAIN. IN TXT "v=STSv1; id=$(date -u '+%Y%m%d%H%M')"
 mta-sts.$CHATMAIL_DOMAIN. IN CNAME $CHATMAIL_DOMAIN.
 _smtp._tls.$CHATMAIL_DOMAIN. IN TXT "v=TLSRPTv1;rua=mailto:$EMAIL"
 EOF
 $SSH opendkim-genzone -F | sed 's/^;.*$//;/^$/d'
--- a/tests/chatmaild/test_doveauth.py
+++ b/tests/chatmaild/test_doveauth.py
@@ -1,5 +1,5 @@
 import json
-import sys
+
 import pytest
 import threading
 import queue
@@ -60,31 +60,27 @@ def test_handle_dovecot_request(db):
    assert userdata["password"].startswith("{SHA512-CRYPT}")
-def test_100_concurrent_lookups_different_accounts(db, gencreds):
+def test_100_concurrent_lookups(db):
-    num_threads = 100
+    num = 100
-    req_per_thread = 5
+    dbs = [Database(db.path) for i in range(num)]
    print(f"created {num} databases")
    results = queue.Queue()
    def lookup(db):
-        for i in range(req_per_thread):
+        try:
-            addr, password = gencreds()
+            lookup_passdb(db, "something@c1.testrun.org", "Pieg9aeToe3eghuthe5u")
-            try:
+        except Exception:
-                lookup_passdb(db, addr, password)
+            results.put(traceback.format_exc())
-            except Exception:
+        else:
-                results.put(traceback.format_exc())
+            results.put(None)
            else:
                results.put(None)
-    threads = []
+    threads = [threading.Thread(target=lookup, args=(db,), daemon=True) for db in dbs]
    for i in range(num_threads):
        thread = threading.Thread(target=lookup, args=(db,), daemon=True)
        threads.append(thread)
-    print(f"created {num_threads} threads, starting them and waiting for results")
+    print(f"created {num} threads, starting them and waiting for results")
    for thread in threads:
        thread.start()
-    for i in range(num_threads * req_per_thread):
+    for _ in dbs:
        res = results.get()
        if res is not None:
            pytest.fail(f"concurrent lookup failed\n{res}")
--- a/www/nine.testrun.org/index.html
+++ b/www/nine.testrun.org/index.html
@@ -20,14 +20,18 @@
            box-sizing: border-box;
            padding: 9px;
            font-size: 18px;
-            font-family: "Swansea", "Helvetica", sans-serif;
+            font-family: "Courier New", monospace;
-            color: black;
+            color: white;
            background-position: left top;
            background-image: url(collage-bg.png);
            background-repeat: no-repeat;
            background-size: 100% 100%;
        }
        a {
-            color: black;
+            color: white;
        }
        h1, h2, h3 {
-            font-size: 18px;
+            font-size: 16px;
            font-weight: bold;
        }
    </style>
@@ -36,37 +40,37 @@
    <div class="wrapper">
        <img class="section" src="collage-top.png" />
        <div class="section text">
-            <h1>Dear Delta Chat users and newcomers,</h1>
+            <h1>Dear Delta Chat users,</h1>
            <p>
                welcome to the first public "chat-mail instance",
-                a small and lean e-mail provider for smooth chatting.
+                a small and lean e-mail server optimized for Delta Chat.
-                Install Delta Chat or add an account:
+            </p>
            <ul>
-                <li>Tap "LOG INTO YOUR E-MAIL ACCOUNT".</li>
+                <li>Tap "LOG INTO YOUR E-MAIL ACCOUNT". </li>
                <li>Address: invent a word with <i>exactly</i> nine characters
                and append @nine.testrun.org to it.</li>
                <li>Password: invent at least 10 characters. The first login sets your password.</li>
            </ul>
                If the e-mail address is not yet taken, you'll get that account.
            </p>
-            <p>
+        </div>
-            <img class="section" src="collage-down.png" />
+        <img class="section" src="collage-down.png" />
-
+        <div class="section text">
-            <h2>What's behind it, how does it operate?</h2>
+            <h1>faq</h1>
-            <p>nine.testrun.org is run
+            <h2>Can i chat with someone outside the chat-mail instance?</h2>
-                by a small group of devs and sysadmins, reachable via root@.
+            <p>Yes, if your messages are encrypted.
-                They want to keep this instance running at least until end 2024.
+            Use <a href="https://delta.chat/en/help#howtoe2ee">
                Current limits:
            <ul>
            <li>Un-encrypted mails can not leave the chat-mail instance.</li>
            <li>Use <a href="https://delta.chat/en/help#howtoe2ee">
                guaranteed end-to-end encryption via QR code scans</a>
-                to setup contact with users outside of the chat-mail instance.
+            to setup contact with users outside of the chat-mail instance.</p>
-            </li>
+            <h2>What about current rate limits?</h2>
-            <li>You may send up to 60 messages per minute.</li>
+            <ul>
-            <li>Messages are unconditionally removed 40 days after arrival.</li>
+              <li>Sending limit: 60 messages per minute.</li>
-            <li>Max storage per user is 100MB.</li>
+              <li>Message autoremoval: after 40 days.</li>
            </ul>
            <h2>Do you intend to keep this chat-mail instance up?</h2>
            <p>Yes, nine.testrun.org is to run for longer, on a best-effort basis.</p>
            <h2>Who is running this chat-mail instance?</h2>
            <p>A small group of devs and sysadmins, reachable via root@.
            <h2>Why are other email providers 1000 times more complicated?</h2>
            <p>¯\_(ツ)_/¯</p>
        </div>