feat: use uv for initenv if installed

2026-05-18 15:18:58 +00:00 · 2026-04-21 08:22:11 +02:00
43 changed files with 161 additions and 778 deletions
--- a/.github/workflows/ci-no-dns.yaml
+++ b/.github/workflows/ci-no-dns.yaml
@@ -1,35 +0,0 @@
 name: No-DNS
 on:
  # Triggers when a PR is merged into main or a direct push occurs
  push:
    branches: [ "main" ]
  # Triggers for any PR (and its subsequent commits) targeting the main branch
  pull_request:
    branches: [ "main" ]
 # Newest push wins: Prevents multiple runs from clashing and wasting runner efforts
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true
 jobs:
  no-dns:
    name: LXC deploy and test
    uses: chatmail/cmlxc/.github/workflows/lxc-test.yml@d39fe34c39cee6d760c3479325e8dc82b66a8928
    with:
      cmlxc_commands: |
        cmlxc init 
        # single cmdeploy relay test
        cmlxc -v deploy-cmdeploy --source ./repo --ipv4-only --no-dns cm0
        cmlxc -v test-cmdeploy --no-dns cm0
        # cross cmdeploy relay test
        cmlxc -v deploy-cmdeploy --source ./repo cm1
        cmlxc -v test-cmdeploy --no-dns cm0 cm1
        # cross cmdeploy/madmail relay tests
        cmlxc -v deploy-madmail mad0
        cmlxc -v test-cmdeploy --no-dns cm0 mad0
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -1,4 +1,4 @@
-name: CI
+name: Run unit-tests and container-based deploy+test verification
 on:
  # Triggers when a PR is merged into main or a direct push occurs
@@ -9,8 +9,6 @@ on:
  pull_request:
    branches: [ "main" ]
 permissions: {}
 # Newest push wins: Prevents multiple runs from clashing and wasting runner efforts
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
@@ -27,9 +25,8 @@ jobs:
        # Otherwise `test_deployed_state` will be unhappy.
        with:
          ref: ${{ github.event.pull_request.head.sha }}
          persist-credentials: false
      - name: download filtermail
-        run: curl -L https://github.com/chatmail/filtermail/releases/download/v0.6.4/filtermail-x86_64 -o /usr/local/bin/filtermail && chmod +x /usr/local/bin/filtermail
+        run: curl -L https://github.com/chatmail/filtermail/releases/download/v0.6.1/filtermail-x86_64 -o /usr/local/bin/filtermail && chmod +x /usr/local/bin/filtermail
      - name: run chatmaild tests 
        working-directory: chatmaild
        run: pipx run tox
@@ -41,7 +38,6 @@ jobs:
      - uses: actions/checkout@v6
        with:
          ref: ${{ github.event.pull_request.head.sha }}
          persist-credentials: false
      - name: initenv 
        run: scripts/initenv.sh
@@ -57,7 +53,7 @@ jobs:
  lxc-test:
    name: LXC deploy and test
-    uses: chatmail/cmlxc/.github/workflows/lxc-test.yml@d39fe34c39cee6d760c3479325e8dc82b66a8928
+    uses: chatmail/cmlxc/.github/workflows/lxc-test.yml@v0.10.0
    with:
      cmlxc_commands: |
        cmlxc init 
--- a/.github/workflows/docker-dispatch.yaml
+++ b/.github/workflows/docker-dispatch.yaml
@@ -1,37 +0,0 @@
 # Notify the docker repo to build and test a new image after relay CI passes.
 #
 # Sends a repository_dispatch event to chatmail/docker with the relay ref
 # and short SHA, which triggers docker-ci.yaml to build, push to GHCR,
 # and run integration tests via cmlxc.
 name: Trigger Docker build
 on:
  push:
    branches: [main]
  workflow_dispatch:
 permissions: {}
 jobs:
  dispatch:
    name: Dispatch build to chatmail/docker
    runs-on: ubuntu-latest
    if: github.repository == 'chatmail/relay'
    steps:
      - name: Compute short SHA
        id: sha
        run: echo "short=$(echo '${{ github.sha }}' | cut -c1-7)" >> "$GITHUB_OUTPUT"
      - name: Send repository_dispatch
        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3
        with:
          token: ${{ secrets.CHATMAIL_DOCKER_DISPATCH_TOKEN }}
          repository: chatmail/docker
          event-type: relay-updated
          client-payload: >-
            {
              "relay_ref": "${{ github.ref_name }}",
              "relay_sha": "${{ github.sha }}",
              "relay_sha_short": "${{ steps.sha.outputs.short }}"
            }
--- a/.github/workflows/docs-preview.yaml
+++ b/.github/workflows/docs-preview.yaml
@@ -7,8 +7,6 @@ on:
      - 'scripts/build-docs.sh'
      - '.github/workflows/docs-preview.yaml'
 permissions: {}
 jobs:
  scripts:
    name: build 
@@ -18,8 +16,6 @@ jobs:
      url: https://staging.chatmail.at/doc/relay/${{ steps.prepare.outputs.prid }}
    steps:
      - uses: actions/checkout@v4
        with:
          persist-credentials: false
      - name: initenv 
        run: scripts/initenv.sh
@@ -38,22 +34,18 @@ jobs:
      - name: Get Pullrequest ID
        id: prepare
        run: |
-          export PULLREQUEST_ID=$(echo "${GITHUB_REF}" | cut -d "/" -f3)
+          export PULLREQUEST_ID=$(echo "${{ github.ref }}" | cut -d "/" -f3)
          echo "prid=$PULLREQUEST_ID" >> $GITHUB_OUTPUT
          if [ $(expr length "${{ secrets.USERNAME }}") -gt "1" ]; then echo "uploadtoserver=true" >> $GITHUB_OUTPUT; fi
      - run: |
-          echo "baseurl: /${STEPS_PREPARE_OUTPUTS_PRID}" >> _config.yml
+          echo "baseurl: /${{ steps.prepare.outputs.prid }}" >> _config.yml
        env:
          STEPS_PREPARE_OUTPUTS_PRID: ${{ steps.prepare.outputs.prid }}
      - name: Upload preview
        run: |
          mkdir -p "$HOME/.ssh"
          echo "${{ secrets.CHATMAIL_STAGING_SSHKEY }}" > "$HOME/.ssh/key"
          chmod 600 "$HOME/.ssh/key"
-          rsync -rILvh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/doc/build/ "${{ secrets.USERNAME }}@chatmail.at:/var/www/html/staging.chatmail.at/doc/relay/${STEPS_PREPARE_OUTPUTS_PRID}/"
+          rsync -rILvh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/doc/build/ "${{ secrets.USERNAME }}@chatmail.at:/var/www/html/staging.chatmail.at/doc/relay/${{ steps.prepare.outputs.prid }}/"
        env:
          STEPS_PREPARE_OUTPUTS_PRID: ${{ steps.prepare.outputs.prid }}
      - name: check links 
        working-directory: doc
--- a/.github/workflows/docs.yaml
+++ b/.github/workflows/docs.yaml
@@ -10,8 +10,6 @@ on:
      - 'scripts/build-docs.sh'
      - '.github/workflows/docs.yaml'
 permissions: {}
 jobs:
  scripts:
    name: build 
@@ -21,8 +19,6 @@ jobs:
      url: https://chatmail.at/doc/relay/
    steps:
      - uses: actions/checkout@v4
        with:
          persist-credentials: false
      - name: initenv 
        run: scripts/initenv.sh
--- a/.github/workflows/zizmor-scan.yml
+++ b/.github/workflows/zizmor-scan.yml
@@ -1,26 +0,0 @@
 name: GitHub Actions Security Analysis with zizmor
 on:
  push:
    branches: ["main"]
  pull_request:
    branches: ["**"]
 permissions: {}
 jobs:
  zizmor:
    name: Run zizmor
    runs-on: ubuntu-latest
    permissions:
      security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
      contents: read
      actions: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          persist-credentials: false
      - name: Run zizmor
        uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
--- a/.github/zizmor.yml
+++ b/.github/zizmor.yml
@@ -1,7 +0,0 @@
 rules:
  unpinned-uses:
    config:
      policies:
        actions/*: ref-pin
        dependabot/*: ref-pin
        chatmail/*: ref-pin
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,89 +1,5 @@
 # Changelog for chatmail deployment 
 ## 1.10.0 2026-04-30
 * start mtail after networking is fully up <https://github.com/chatmail/relay/pull/942>
 * support specifying custom filtermail binary through environment variable <https://github.com/chatmail/relay/pull/941>
 * add automated zizmor scanning of github workflows <https://github.com/chatmail/relay/pull/938>
 * added dispatch for *automated builds of chatmail relay docker images* <https://github.com/chatmail/relay/pull/934>
 * do not bind SMTP client sockets to public addresses <https://github.com/chatmail/relay/pull/932>
 * underline in docs that scripts/initenv.sh should be used for building the docs <https://github.com/chatmail/relay/pull/933>
 * automatic oldest-first message removal from mailboxes to always stay under max_mailbox_size <https://github.com/chatmail/relay/pull/929>
 * remove --slow from cmdeploy test <https://github.com/chatmail/relay/pull/931>
 * handle missing inotify sysctl keys in containers <https://github.com/chatmail/relay/pull/930>
 * replace resolvconf with static resolv.conf <https://github.com/chatmail/relay/pull/928>
 * disable fsync for LMTP and IMAP services <https://github.com/chatmail/relay/pull/925>
 * re-use cmlxc workflow, replacing CI with hetzner staging servers with local lxc containers <https://github.com/chatmail/relay/pull/917>
 * explicitly install resolvconf <https://github.com/chatmail/relay/pull/924>
 * detect stale dovecot binary and force restart in activate() <https://github.com/chatmail/relay/pull/922>
 * Rename filtermail_http_port to filtermail_http_port_incoming <https://github.com/chatmail/relay/pull/921>
 * consolidated is_in_container() check https://github.com/chatmail/relay/pull/920>
 * restart dovecot after package replacement (rebase, test condense) <https://github.com/chatmail/relay/pull/913>
 * Set permissions on dovecot pin prefs <https://github.com/chatmail/relay/pull/915>
 * Route `/mxdeliv/` to configurable port <https://github.com/chatmail/relay/pull/901>
 * fix VM detection, automated testing fixes, use newer chatmail-turn and move to standard BIND DNS zone format <https://github.com/chatmail/relay/pull/912>
 * Upgrade to filtermail 0.6.1 <https://github.com/chatmail/relay/pull/910>
 * pin dovecot packages to prevent apt upgrades <https://github.com/chatmail/relay/pull/908>
 * add rpc server to cmdeploy along with client <https://github.com/chatmail/relay/pull/906>
 * remove unused deps from chatmaild <https://github.com/chatmail/relay/pull/905>
 * set default smtp_tls_security_level to "verify" unconditionally <https://github.com/chatmail/relay/pull/902>
 * featprefer IPv4 in SMTP client <https://github.com/chatmail/relay/pull/900>
 * Install dovecot .deb packages atomically <https://github.com/chatmail/relay/pull/899>
 * stop installing cron package <https://github.com/chatmail/relay/pull/898>
 * Rewrite dovecot install logic, update <https://github.com/chatmail/relay/pull/862>
 * fix a test and some linting fixes <https://github.com/chatmail/relay/pull/897>
 * Disable IP verification on domain-literal addresses <https://github.com/chatmail/relay/pull/895>
 * disable installing recommended packages globally on the relay <https://github.com/chatmail/relay/pull/887>
 * multiple bug fixes across chatmaild and cmdeploy <https://github.com/chatmail/relay/pull/883>
 * remove /metrics from the website <https://github.com/chatmail/relay/pull/703>
 * add Prometheus textfile output to fsreport <https://github.com/chatmail/relay/pull/881>
 * chown opendkim: private key <https://github.com/chatmail/relay/pull/879>
 * make sure chatmail-metadata was started <https://github.com/chatmail/relay/pull/882>
 * dovecot update url <https://github.com/chatmail/relay/pull/880>
 * upgrade to filtermail v0.5.2 <https://github.com/chatmail/relay/pull/876>
 * download dovecot packages from github release <https://github.com/chatmail/relay/pull/875>
 * replace DKIM verification with filtermail v0.5 <https://github.com/chatmail/relay/pull/831>
 * remove CFFI deltachat bindings usage, and consolidate test support with rpc-bindings <https://github.com/chatmail/relay/pull/872>
 * prepare chatmaild/cmdeploy changes for Docker support <https://github.com/chatmail/relay/pull/857>
 * stabilize online benchmark timing adding rate-limit-aware cooldown between iterations <https://github.com/chatmail/relay/pull/867>
 * move rate-limit cooldown to benchmark fixture <https://github.com/chatmail/relay/pull/868>
 * reconfigure acmetool from redirector to proxy mode <https://github.com/chatmail/relay/pull/861>
 * make tests work with `--ssh-host localhost` <https://github.com/chatmail/relay/pull/856>
 * mark f-string with f prefix in test_expunged <https://github.com/chatmail/relay/pull/863>
 * install also if dovecot.service=False in SystemdEnabled Fact <https://github.com/chatmail/relay/pull/841>
 * Introduce support for self-signed chatmail relays <https://github.com/chatmail/relay/pull/855>
 * Strip Received headers before delivery <https://github.com/chatmail/relay/pull/849>
 * upgrade to filtermail v0.3 <https://github.com/chatmail/relay/pull/850>
 * fix link to Maddy and update madmail URL <https://github.com/chatmail/relay/pull/847>
 * accept self-signed certificates for IP-only relays <https://github.com/chatmail/relay/pull/846>
 * enforce sending from public IP addresses <https://github.com/chatmail/relay/pull/845>
 * port check: check addresses, fix single services <https://github.com/chatmail/relay/pull/844>
 * remediates issue with improper concat on resolver injection <https://github.com/chatmail/relay/pull/834>
 * ipv6 boolean not being respected during operations <https://github.com/chatmail/relay/pull/832>
 * upgrade to filtermail v0.2 by <https://github.com/chatmail/relay/pull/825>
 * fix link to filtermail <https://github.com/chatmail/relay/pull/824>
 * print timestamps when sending messages <https://github.com/chatmail/relay/pull/823>
 * fix flaky test_exceed_rate_limit <https://github.com/chatmail/relay/pull/822>
 * Replace filtermail with rust reimplementation <https://github.com/chatmail/relay/pull/808>
 * Set default internal SMTP ports in Config <https://github.com/chatmail/relay/pull/819>
 * separate metrics for incoming and outgoing messages <https://github.com/chatmail/relay/pull/820>
 * disable appending the Received header <https://github.com/chatmail/relay/pull/815>
 * fail on errors in postfix/dovecot config <https://github.com/chatmail/relay/pull/813>
 * tweak idle/hibernate metrics some more <https://github.com/chatmail/relay/pull/811>
 * add config flag to export statistics <https://github.com/chatmail/relay/pull/806>
 * add --website-only option to run subcommand <https://github.com/chatmail/relay/pull/768>
 * Strip DKIM-Signature header before LMTP <https://github.com/chatmail/relay/pull/803>
 * properly make sure that postfix gets restarted on failure <https://github.com/chatmail/relay/pull/802>
 * expire.py: use absolute path to maildirsize <https://github.com/chatmail/relay/pull/807>
 * pin Dovecot documentation URLs to version 2.3 <https://github.com/chatmail/relay/pull/800>
 * try to use "build machine" and "deployment server"  consistently  <https://github.com/chatmail/relay/pull/797>
 * adds instructions for migrating control machines <https://github.com/chatmail/relay/pull/795>
 * use consistent naming schema in getting started <https://github.com/chatmail/relay/pull/793>
 * remove jsok/serialize-workflow-action dependency <https://github.com/chatmail/relay/pull/790>
 * streamline migration guide wording, provide titled steps  <https://github.com/chatmail/relay/pull/789>
 * increases default max mailbox size <https://github.com/chatmail/relay/pull/792>
 * use daemon_name for OpenDKIM sign-verify decision instead of IP <https://github.com/chatmail/relay/pull/784>
 ## 1.9.0 2025-12-18
 ### Documentation
--- a/chatmaild/pyproject.toml
+++ b/chatmaild/pyproject.toml
@@ -10,7 +10,6 @@ dependencies = [
  "filelock",
  "requests",
  "crypt-r >= 3.13.1 ; python_version >= '3.11'",
  "domain-validator",
 ]
 [tool.setuptools]
@@ -22,8 +21,7 @@ where = ['src']
 [project.scripts]
 doveauth = "chatmaild.doveauth:main"
 chatmail-metadata = "chatmaild.metadata:main"
-chatmail-expire = "chatmaild.expire:daily_expire_main"
+chatmail-expire = "chatmaild.expire:main"
 chatmail-quota-expire = "chatmaild.expire:quota_expire_main"
 chatmail-fsreport = "chatmaild.fsreport:main"
 lastlogin = "chatmaild.lastlogin:main"
 turnserver = "chatmaild.turnserver:main"
--- a/chatmaild/src/chatmaild/config.py
+++ b/chatmaild/src/chatmaild/config.py
@@ -1,8 +1,7 @@
-import ipaddress
+import os
 from pathlib import Path
 import iniconfig
 from domain_validator import DomainValidator
 from chatmaild.user import User
@@ -21,19 +20,7 @@ def read_config(inipath):
 class Config:
    def __init__(self, inipath, params):
        self._inipath = inipath
-        raw_domain = params["mail_domain"]
+        self.mail_domain = params["mail_domain"]
        self.mail_domain_bare = raw_domain
        if is_valid_ipv4(raw_domain):
            self.ipv4_relay = raw_domain
            self.mail_domain = f"[{raw_domain}]"
            self.postfix_myhostname = ipaddress.IPv4Address(raw_domain).reverse_pointer
        else:
            DomainValidator().validate_domain_re(raw_domain)
            self.ipv4_relay = None
            self.mail_domain = raw_domain
            self.postfix_myhostname = raw_domain
        self.max_user_send_per_minute = int(params.get("max_user_send_per_minute", 60))
        self.max_user_send_burst_size = int(params.get("max_user_send_burst_size", 10))
        self.max_mailbox_size = params["max_mailbox_size"]
@@ -54,20 +41,19 @@ class Config:
        self.filtermail_http_port_incoming = int(
            params.get("filtermail_http_port_incoming", "10082")
        )
        self.filtermail_lmtp_port_transport = int(
            params.get("filtermail_lmtp_port_transport", "10083")
        )
        self.postfix_reinject_port = int(params.get("postfix_reinject_port", "10025"))
        self.postfix_reinject_port_incoming = int(
            params.get("postfix_reinject_port_incoming", "10026")
        )
        self.mtail_address = params.get("mtail_address")
        self.disable_ipv6 = params.get("disable_ipv6", "false").lower() == "true"
        self.addr_v4 = os.environ.get("CHATMAIL_ADDR_V4", "")
        self.addr_v6 = os.environ.get("CHATMAIL_ADDR_V6", "")
        self.acme_email = params.get("acme_email", "")
        self.imap_rawlog = params.get("imap_rawlog", "false").lower() == "true"
        self.imap_compress = params.get("imap_compress", "false").lower() == "true"
        if "iroh_relay" not in params:
-            self.iroh_relay = "https://" + raw_domain
+            self.iroh_relay = "https://" + params["mail_domain"]
            self.enable_iroh_relay = True
        else:
            self.iroh_relay = params["iroh_relay"].strip()
@@ -93,27 +79,22 @@ class Config:
                )
            self.tls_cert_mode = "external"
            self.tls_cert_path, self.tls_key_path = parts
-        elif raw_domain.startswith("_") or self.ipv4_relay:
+        elif self.mail_domain.startswith("_"):
            self.tls_cert_mode = "self"
            self.tls_cert_path = "/etc/ssl/certs/mailserver.pem"
            self.tls_key_path = "/etc/ssl/private/mailserver.key"
        else:
            self.tls_cert_mode = "acme"
-            self.tls_cert_path = f"/var/lib/acme/live/{raw_domain}/fullchain"
+            self.tls_cert_path = f"/var/lib/acme/live/{self.mail_domain}/fullchain"
-            self.tls_key_path = f"/var/lib/acme/live/{raw_domain}/privkey"
+            self.tls_key_path = f"/var/lib/acme/live/{self.mail_domain}/privkey"
        # deprecated option
-        mbdir = params.get("mailboxes_dir", f"/home/vmail/mail/{raw_domain}")
+        mbdir = params.get("mailboxes_dir", f"/home/vmail/mail/{self.mail_domain}")
        self.mailboxes_dir = Path(mbdir.strip())
        # old unused option (except for first migration from sqlite to maildir store)
        self.passdb_path = Path(params.get("passdb_path", "/home/vmail/passdb.sqlite"))
    @property
    def max_mailbox_size_mb(self):
        """Return max_mailbox_size as an integer in megabytes."""
        return parse_size_mb(self.max_mailbox_size)
    def _getbytefile(self):
        return open(self._inipath, "rb")
@@ -127,16 +108,6 @@ class Config:
        return User(maildir, addr, password_path, uid="vmail", gid="vmail")
 def parse_size_mb(limit):
    """Parse a size string like ``500M`` or ``2G`` and return megabytes."""
    value = limit.strip().upper().removesuffix("B")
    if value.endswith("G"):
        return int(value[:-1]) * 1024
    if value.endswith("M"):
        return int(value[:-1])
    return int(value)
 def write_initial_config(inipath, mail_domain, overrides):
    """Write out default config file, using the specified config value overrides."""
    content = get_default_config_content(mail_domain, **overrides)
@@ -189,27 +160,3 @@ def get_default_config_content(mail_domain, **overrides):
                lines.append(line)
        content = "\n".join(lines)
    return content
 def is_valid_ipv4(address: str) -> bool:
    """Check if a mail_domain is an IPv4 address."""
    try:
        ipaddress.IPv4Address(address)
        return True
    except ValueError:
        return False
 def format_arpa_address(address: str) -> str:
    if is_valid_ipv4(address):
        return ipaddress.IPv4Address(address).reverse_pointer
    DomainValidator().validate_domain_re(address)
    return address
 def format_mail_domain(raw_domain: str) -> str:
    if is_valid_ipv4(raw_domain):
        return f"[{raw_domain}]"
    DomainValidator().validate_domain_re(raw_domain)
    return raw_domain
--- a/chatmaild/src/chatmaild/expire.py
+++ b/chatmaild/src/chatmaild/expire.py
@@ -4,26 +4,17 @@ Expire old messages and addresses.
 """
 import os
 import re
 import shutil
 import sys
 import time
 from argparse import ArgumentParser
 from collections import namedtuple
 from datetime import datetime
 from pathlib import Path
 from stat import S_ISREG
 from chatmaild.config import read_config
 FileEntry = namedtuple("FileEntry", ("path", "mtime", "size"))
 QuotaFileEntry = namedtuple("QuotaFileEntry", ("mtime", "quota_size", "path"))
 # Quota cleanup factor of max_mailbox_size. The mailbox is reset to this size.
 QUOTA_CLEANUP_FACTOR = 0.7
 # e.g. "cur/1775324677.M448978P3029757.exam,S=3235,W=3305:2,S"
 _dovecot_fn_rex = re.compile(r".+/(\d+)\..+,S=(\d+)")
 def iter_mailboxes(basedir, maxnum):
@@ -83,42 +74,6 @@ class MailboxStat:
        self.extrafiles.sort(key=lambda x: -x.size)
 def parse_dovecot_filename(relpath):
    m = _dovecot_fn_rex.match(relpath)
    if not m:
        return None
    return QuotaFileEntry(int(m.group(1)), int(m.group(2)), relpath)
 def scan_mailbox_messages(mbox):
    messages = []
    for sub in ("cur", "new"):
        for name in os_listdir_if_exists(mbox / sub):
            if entry := parse_dovecot_filename(f"{sub}/{name}"):
                messages.append(entry)
    return messages
 def expire_to_target(mbox, target_bytes):
    messages = scan_mailbox_messages(mbox)
    total_size = sum(m.quota_size for m in messages)
    # Keep recent 24 hours of messages protected from expiry because
    # likely something is wrong with interactions on that address
    # and quota-full signal can help the address owner's device to notice it
    undeletable_messages_cutoff = time.time() - (3600 * 24)
    removed = 0
    for entry in sorted(messages):
        if total_size <= target_bytes:
            break
        if entry.mtime > undeletable_messages_cutoff:
            break
        (mbox / entry.path).unlink(missing_ok=True)
        total_size -= entry.quota_size
        removed += 1
    return removed
 def print_info(msg):
    print(msg, file=sys.stderr)
@@ -188,19 +143,6 @@ class Expiry:
            else:
                continue
            changed = True
        target_bytes = (
            self.config.max_mailbox_size_mb * 1024 * 1024 * QUOTA_CLEANUP_FACTOR
        )
        removed = expire_to_target(Path(mbox.basedir), target_bytes)
        if removed:
            changed = True
            self.del_files += removed
            if self.verbose:
                print_info(
                    f"quota-expire: removed {removed} message(s) from {mboxname}"
                )
        if changed:
            self.remove_file(f"{mbox.basedir}/maildirsize")
@@ -212,9 +154,9 @@ class Expiry:
        )
-def daily_expire_main(args=None):
+def main(args=None):
    """Expire mailboxes and messages according to chatmail config"""
-    parser = ArgumentParser(description=daily_expire_main.__doc__)
+    parser = ArgumentParser(description=main.__doc__)
    ini = "/usr/local/lib/chatmaild/chatmail.ini"
    parser.add_argument(
        "chatmail_ini",
@@ -260,33 +202,5 @@ def daily_expire_main(args=None):
    print(exp.get_summary())
-def quota_expire_main(args=None):
+if __name__ == "__main__":
-    """Remove mailbox messages to stay within a megabyte target.
+    main(sys.argv[1:])
    This entry point is called by dovecot when a quota threshold is passed.
    """
    parser = ArgumentParser(description=quota_expire_main.__doc__)
    parser.add_argument(
        "target_mb",
        type=int,
        help="target mailbox size in megabytes",
    )
    parser.add_argument(
        "mailbox_path",
        type=Path,
        help="path to a user mailbox",
    )
    args = parser.parse_args(args)
    target_bytes = args.target_mb * 1024 * 1024
    removed_count = expire_to_target(args.mailbox_path, target_bytes)
    if removed_count:
        (args.mailbox_path / "maildirsize").unlink(missing_ok=True)
        print(
            f"quota-expire: removed {removed_count} message(s)"
            f" from {args.mailbox_path.name}",
            file=sys.stderr,
        )
    return 0
--- a/chatmaild/src/chatmaild/ini/chatmail.ini.f
+++ b/chatmaild/src/chatmaild/ini/chatmail.ini.f
@@ -18,7 +18,6 @@ max_user_send_per_minute = 60
 max_user_send_burst_size = 10
 # maximum mailbox size of a chatmail address
 # Oldest messages will be removed automatically, so mailboxes never run full.
 max_mailbox_size = 500M
 # maximum message size for an e-mail in bytes
--- a/chatmaild/src/chatmaild/newemail.py
+++ b/chatmaild/src/chatmaild/newemail.py
@@ -2,6 +2,7 @@
 """CGI script for creating new accounts."""
 import ipaddress
 import json
 import secrets
 import string
@@ -14,6 +15,16 @@ ALPHANUMERIC = string.ascii_lowercase + string.digits
 ALPHANUMERIC_PUNCT = string.ascii_letters + string.digits + string.punctuation
 def wrap_ip(host):
    if host.startswith("[") and host.endswith("]"):
        return host
    try:
        ipaddress.ip_address(host)
        return f"[{host}]"
    except ValueError:
        return host
 def create_newemail_dict(config: Config):
    user = "".join(
        secrets.choice(ALPHANUMERIC) for _ in range(config.username_max_length)
@@ -22,22 +33,16 @@ def create_newemail_dict(config: Config):
        secrets.choice(ALPHANUMERIC_PUNCT)
        for _ in range(config.password_min_length + 3)
    )
-    return dict(email=f"{user}@{config.mail_domain}", password=f"{password}")
+    return dict(email=f"{user}@{wrap_ip(config.mail_domain)}", password=f"{password}")
-def create_dclogin_url(config, email, password):
+def create_dclogin_url(email, password):
    """Build a dclogin: URL with credentials and self-signed cert acceptance.
    Uses ic=3 (AcceptInvalidCertificates) so chatmail clients
    can connect to servers with self-signed TLS certificates.
    """
-    if config.ipv4_relay:
+    return f"dclogin:{quote(email, safe='@')}?p={quote(password, safe='')}&v=1&ic=3"
        imap_host = "&ih=" + config.ipv4_relay
        smtp_host = "&sh=" + config.ipv4_relay
    else:
        imap_host = ""
        smtp_host = ""
    return f"dclogin:{quote(email, safe='@[]')}?p={quote(password, safe='')}&v=1{imap_host}{smtp_host}&ic=3"
 def print_new_account():
@@ -46,9 +51,7 @@ def print_new_account():
    result = dict(email=creds["email"], password=creds["password"])
    if config.tls_cert_mode == "self":
-        result["dclogin_url"] = create_dclogin_url(
+        result["dclogin_url"] = create_dclogin_url(creds["email"], creds["password"])
            config, creds["email"], creds["password"]
        )
    print("Content-Type: application/json")
    print("")
--- a/chatmaild/src/chatmaild/tests/plugin.py
+++ b/chatmaild/src/chatmaild/tests/plugin.py
@@ -31,11 +31,6 @@ def example_config(make_config):
    return make_config("chat.example.org")
@pytest.fixture
 def ipv4_config(make_config):
    return make_config("1.3.3.7")
@pytest.fixture
 def maildomain(example_config):
    return example_config.mail_domain
--- a/chatmaild/src/chatmaild/tests/test_config.py
+++ b/chatmaild/src/chatmaild/tests/test_config.py
@@ -1,14 +1,6 @@
 from contextlib import nullcontext as does_not_raise
 import pytest
-from chatmaild.config import (
+from chatmaild.config import read_config
    format_arpa_address,
    format_mail_domain,
    is_valid_ipv4,
    parse_size_mb,
    read_config,
 )
 def test_read_config_basic(example_config):
@@ -21,12 +13,6 @@ def test_read_config_basic(example_config):
    example_config = read_config(inipath)
    assert example_config.max_user_send_per_minute == 37
    assert example_config.mail_domain == "chat.example.org"
    assert example_config.ipv4_relay is None
 def test_read_config_ipv4(ipv4_config):
    assert ipv4_config.ipv4_relay == "1.3.3.7"
    assert ipv4_config.mail_domain == "[1.3.3.7]"
 def test_read_config_basic_using_defaults(tmp_path, maildomain):
@@ -135,59 +121,3 @@ def test_config_tls_external_bad_format(make_config):
                "tls_external_cert_and_key": "/only/one/path.pem",
            },
        )
 def test_parse_size_mb():
    assert parse_size_mb("500M") == 500
    assert parse_size_mb("2G") == 2048
    assert parse_size_mb("  1g  ") == 1024
    assert parse_size_mb("100MB") == 100
    assert parse_size_mb("256") == 256
 def test_max_mailbox_size_mb(make_config):
    config = make_config("chat.example.org")
    assert config.max_mailbox_size == "500M"
    assert config.max_mailbox_size_mb == 500
@pytest.mark.parametrize(
    ["input", "result"],
    [
        ("example.org", False),
        ("1.3.3.7", True),
        ("fe::1", False),
        ("ad.1e.dag.adf", False),
        ("12394142", False),
    ],
 )
 def test_is_valid_ipv4(input, result):
    assert result == is_valid_ipv4(input)
@pytest.mark.parametrize(
    ["input", "result", "exception"],
    [
        ("example.org", "example.org", does_not_raise()),
        ("1.3.3.7", "7.3.3.1.in-addr.arpa", does_not_raise()),
        ("fe::1", None, pytest.raises(ValueError)),
        ("12394142", None, pytest.raises(ValueError)),
    ],
 )
 def test_format_arpa_address(input, result, exception):
    with exception:
        assert result == format_arpa_address(input)
@pytest.mark.parametrize(
    ["input", "result", "exception"],
    [
        ("example.org", "example.org", does_not_raise()),
        ("1.3.3.7", "[1.3.3.7]", does_not_raise()),
        ("fe::1", None, pytest.raises(ValueError)),
        ("12394142", None, pytest.raises(ValueError)),
    ],
 )
 def test_format_mail_domain(input, result, exception):
    with exception:
        assert result == format_mail_domain(input)
--- a/chatmaild/src/chatmaild/tests/test_delete_inactive_users.py
+++ b/chatmaild/src/chatmaild/tests/test_delete_inactive_users.py
@@ -1,7 +1,7 @@
 import time
 from chatmaild.doveauth import AuthDictProxy
-from chatmaild.expire import daily_expire_main as main_expire
+from chatmaild.expire import main as main_expire
 def test_login_timestamps(example_config):
--- a/chatmaild/src/chatmaild/tests/test_expire.py
+++ b/chatmaild/src/chatmaild/tests/test_expire.py
@@ -1,7 +1,5 @@
 import itertools
 import os
 import random
 import time
 from datetime import datetime
 from fnmatch import fnmatch
 from pathlib import Path
@@ -11,19 +9,13 @@ import pytest
 from chatmaild.expire import (
    FileEntry,
    MailboxStat,
    expire_to_target,
    get_file_entry,
    iter_mailboxes,
    os_listdir_if_exists,
    parse_dovecot_filename,
    quota_expire_main,
    scan_mailbox_messages,
 )
-from chatmaild.expire import daily_expire_main as expiry_main
+from chatmaild.expire import main as expiry_main
 from chatmaild.fsreport import main as report_main
 MB = 1024 * 1024
 def fill_mbox(folderdir):
    password = folderdir.joinpath("password")
@@ -204,51 +196,3 @@ def test_os_listdir_if_exists(tmp_path):
    tmp_path.joinpath("x").write_text("hello")
    assert len(os_listdir_if_exists(str(tmp_path))) == 1
    assert len(os_listdir_if_exists(str(tmp_path.joinpath("123123")))) == 0
 # --- quota expire tests ---
 _msg_counter = itertools.count(1)
 def _create_message(basedir, sub, size, days_old=0, disk_size=None):
    seq = next(_msg_counter)
    mtime = int(time.time() - days_old * 86400)
    name = f"{mtime}.M1P1Q{seq}.hostname,S={size},W={size}:2,S"
    path = basedir / sub / name
    path.parent.mkdir(parents=True, exist_ok=True)
    path.write_bytes(b"x" * (disk_size if disk_size is not None else size))
    os.utime(path, (mtime, mtime))
    return path
 def test_parse_dovecot_filename():
    e = parse_dovecot_filename("cur/1775324677.M448978P3029757.exam,S=3235,W=3305:2,S")
    assert e.path == "cur/1775324677.M448978P3029757.exam,S=3235,W=3305:2,S"
    assert e.mtime == 1775324677
    assert e.quota_size == 3235
    assert parse_dovecot_filename("cur/msg_without_structure") is None
 def test_expire_to_target(tmp_path):
    _create_message(tmp_path, "cur", MB, days_old=10, disk_size=100)
    _create_message(tmp_path, "new", MB, days_old=5)
    _create_message(tmp_path, "cur", MB, days_old=0)  # undeletable (<1 hour)
    assert len(scan_mailbox_messages(tmp_path)) == 3
    # removes oldest first, uses S= size not disk size
    removed = expire_to_target(tmp_path, MB)
    assert removed == 2
    msgs = scan_mailbox_messages(tmp_path)
    assert len(msgs) == 1
    # the surviving message is the fresh undeletable one
    assert msgs[0].mtime > time.time() - 3600
 def test_quota_expire_main(tmp_path, capsys):
    mbox = tmp_path / "user@example.org"
    _create_message(mbox, "cur", 2 * MB, days_old=5)
    (mbox / "maildirsize").write_text("x")
    quota_expire_main([str(1), str(mbox)])
    _, err = capsys.readouterr()
    assert "quota-expire: removed 1 message(s) from user@example.org" in err
    assert not (mbox / "maildirsize").exists()
--- a/chatmaild/src/chatmaild/tests/test_newmail.py
+++ b/chatmaild/src/chatmaild/tests/test_newmail.py
@@ -19,35 +19,24 @@ def test_create_newemail_dict(example_config):
    assert ac1["password"] != ac2["password"]
-def test_create_newemail_dict_ip(ipv4_config):
+def test_create_newemail_dict_ip(make_config):
-    ac = create_newemail_dict(ipv4_config)
+    config = make_config("1.2.3.4")
-    assert ac["email"].endswith("@[1.3.3.7]")
+    ac = create_newemail_dict(config)
    assert ac["email"].endswith("@[1.2.3.4]")
-def test_create_dclogin_url(example_config):
+def test_create_dclogin_url():
-    addr = "user@example.org"
+    url = create_dclogin_url("user@example.org", "p@ss w+rd")
    password = "p@ss w+rd"
    url = create_dclogin_url(example_config, addr, password)
    assert url.startswith("dclogin:")
    assert "v=1" in url
    assert "ic=3" in url
-    assert addr in url
+    assert "user@example.org" in url
    # password special chars must be encoded
    assert "p%40ss" in url
    assert "w%2Brd" in url
 def test_create_dclogin_url_ipv4(ipv4_config):
    addr = "user@[1.3.3.7]"
    password = "p@ss w+rd"
    url = create_dclogin_url(ipv4_config, addr, password)
    assert url.startswith("dclogin:")
    assert "v=1" in url
    assert "ic=3" in url
    assert addr in url
 def test_print_new_account(capsys, monkeypatch, maildomain, tmpdir, example_config):
    monkeypatch.setattr(chatmaild.newemail, "CONFIG_PATH", str(example_config._inipath))
    print_new_account()
--- a/cmdeploy/src/cmdeploy/cmdeploy.py
+++ b/cmdeploy/src/cmdeploy/cmdeploy.py
@@ -87,12 +87,10 @@ def run_cmd_options(parser):
 def run_cmd(args, out):
    """Deploy chatmail services on the remote server."""
-    ssh_host = args.ssh_host if args.ssh_host else args.config.mail_domain_bare
+    ssh_host = args.ssh_host if args.ssh_host else args.config.mail_domain
    sshexec = get_sshexec(ssh_host)
    require_iroh = args.config.enable_iroh_relay
    strict_tls = args.config.tls_cert_mode == "acme"
    if args.config.ipv4_relay:
        args.dns_check_disabled = True
    if not args.dns_check_disabled:
        remote_data = dns.get_initial_remote_data(sshexec, args.config.mail_domain)
        if not dns.check_initial_remote_data(remote_data, strict_tls=strict_tls, print=out.red):
@@ -103,6 +101,9 @@ def run_cmd(args, out):
    env["CHATMAIL_WEBSITE_ONLY"] = "True" if args.website_only else ""
    env["CHATMAIL_DISABLE_MAIL"] = "True" if args.disable_mail else ""
    env["CHATMAIL_REQUIRE_IROH"] = "True" if require_iroh else ""
    if not args.dns_check_disabled:
        env["CHATMAIL_ADDR_V4"] = remote_data.get("A") or ""
        env["CHATMAIL_ADDR_V6"] = remote_data.get("AAAA") or ""
    deploy_path = importlib.resources.files(__package__).joinpath("run.py").resolve()
    pyinf = "pyinfra --dry" if args.dry_run else "pyinfra"
@@ -121,8 +122,6 @@ def run_cmd(args, out):
        elif not args.dns_check_disabled and strict_tls and not remote_data["acme_account_url"]:
            out.red("Deploy completed but letsencrypt not configured")
            out.red("Run 'cmdeploy run' again")
        elif args.config.ipv4_relay:
            out.green("Deploy completed.")
        else:
            out.green("Deploy completed, call `cmdeploy dns` next.")
        return 0
@@ -144,10 +143,6 @@ def dns_cmd_options(parser):
 def dns_cmd(args, out):
    """Check DNS entries and optionally generate dns zone file."""
    if args.config.ipv4_relay:
        ipv4 = args.config.ipv4_relay
        print(f"[WARNING] {ipv4} is not a domain, skipping DNS checks.")
        return 0
    ssh_host = args.ssh_host if args.ssh_host else args.config.mail_domain
    sshexec = get_sshexec(ssh_host, verbose=args.verbose)
    tls_cert_mode = args.config.tls_cert_mode
@@ -185,7 +180,7 @@ def status_cmd_options(parser):
 def status_cmd(args, out):
    """Display status for online chatmail instance."""
-    ssh_host = args.ssh_host if args.ssh_host else args.config.mail_domain_bare
+    ssh_host = args.ssh_host if args.ssh_host else args.config.mail_domain
    sshexec = get_sshexec(ssh_host, verbose=args.verbose)
    out.green(f"chatmail domain: {args.config.mail_domain}")
@@ -199,6 +194,12 @@ def status_cmd(args, out):
 def test_cmd_options(parser):
    parser.add_argument(
        "--slow",
        dest="slow",
        action="store_true",
        help="also run slow tests",
    )
    add_ssh_host_option(parser)
@@ -220,6 +221,8 @@ def test_cmd(args, out):
        "-v",
        "--durations=5",
    ]
    if args.slow:
        pytest_args.append("--slow")
    ret = out.run_ret(pytest_args, env=env)
    return ret
--- a/cmdeploy/src/cmdeploy/deployers.py
+++ b/cmdeploy/src/cmdeploy/deployers.py
@@ -468,7 +468,7 @@ class ChatmailVenvDeployer(Deployer):
    def configure(self):
        _configure_remote_venv_with_chatmaild(self.config)
-        configure_remote_units(self.config.mail_domain_bare, self.units)
+        configure_remote_units(self.config.mail_domain, self.units)
    def activate(self):
        activate_remote_units(self.units)
@@ -584,7 +584,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool, website_only: bool) -
    """
    config = read_config(config_path)
    check_config(config)
-    bare_host = config.mail_domain_bare
+    mail_domain = config.mail_domain
    if website_only:
        Deployment().perform_stages([WebsiteDeployer(config)])
@@ -635,7 +635,7 @@ def deploy_chatmail(config_path: Path, disable_mail: bool, website_only: bool) -
                    )
                    exit(1)
-    tls_deployer = get_tls_deployer(config, bare_host)
+    tls_deployer = get_tls_deployer(config, mail_domain)
    all_deployers = [
        ChatmailDeployer(config),
@@ -643,13 +643,13 @@ def deploy_chatmail(config_path: Path, disable_mail: bool, website_only: bool) -
        FiltermailDeployer(),
        JournaldDeployer(),
        UnboundDeployer(config),
-        TurnDeployer(bare_host),
+        TurnDeployer(mail_domain),
        IrohDeployer(config.enable_iroh_relay),
        tls_deployer,
        WebsiteDeployer(config),
        ChatmailVenvDeployer(config),
        MtastsDeployer(),
-        OpendkimDeployer(config.mail_domain),
+        OpendkimDeployer(mail_domain),
        # Dovecot should be started before Postfix
        # because it creates authentication socket
        # required by Postfix.
--- a/cmdeploy/src/cmdeploy/dovecot/deployer.py
+++ b/cmdeploy/src/cmdeploy/dovecot/deployer.py
@@ -73,7 +73,7 @@ class DovecotDeployer(Deployer):
        )
    def configure(self):
-        configure_remote_units(self.config.mail_domain_bare, self.units)
+        configure_remote_units(self.config.mail_domain, self.units)
        config_restart, self.daemon_reload = _configure_dovecot(self.config)
        self.need_restart |= config_restart
--- a/cmdeploy/src/cmdeploy/dovecot/dovecot.conf.j2
+++ b/cmdeploy/src/cmdeploy/dovecot/dovecot.conf.j2
@@ -7,7 +7,6 @@ listen = 0.0.0.0
 protocols = imap lmtp
 auth_mechanisms = plain
 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@[]
 {% if debug == true %}
 auth_verbose = yes
@@ -150,26 +149,12 @@ plugin {
 }
 plugin {
  # for now we define static quota-rules for all users 
  quota = maildir:User quota
  quota_rule = *:storage={{ config.max_mailbox_size }}
  quota_max_mail_size={{ config.max_message_size }}
  quota_grace = 0
-
+  # quota_over_flag_value = TRUE
  quota_rule = *:storage={{ config.max_mailbox_size_mb }}M
  # Trigger at 75%% of quota, expire oldest messages down to 70%%.
  # The percentages are chosen to prevent current Delta Chat users
  # from seeing "quota warnings" which trigger at 80% and 95%.
  quota_warning = storage=75%% quota-warning {{ config.max_mailbox_size_mb * 70 // 100 }} {{ config.mailboxes_dir }}/%u
 }
 service quota-warning {
  executable = script /usr/local/lib/chatmaild/venv/bin/chatmail-quota-expire
  user = vmail
  unix_listener quota-warning {
     user = vmail
     mode = 0600
  }
 }
 # push_notification configuration
--- a/cmdeploy/src/cmdeploy/filtermail/deployer.py
+++ b/cmdeploy/src/cmdeploy/filtermail/deployer.py
@@ -1,5 +1,3 @@
 import os
 from pyinfra import facts, host
 from pyinfra.operations import files, systemd
@@ -7,7 +5,7 @@ from cmdeploy.basedeploy import Deployer, get_resource
 class FiltermailDeployer(Deployer):
-    services = ["filtermail", "filtermail-incoming", "filtermail-transport"]
+    services = ["filtermail", "filtermail-incoming"]
    bin_path = "/usr/local/bin/filtermail"
    config_path = "/usr/local/lib/chatmaild/chatmail.ini"
@@ -15,21 +13,11 @@ class FiltermailDeployer(Deployer):
        self.need_restart = False
    def install(self):
        local_bin = os.environ.get("CHATMAIL_FILTERMAIL_BINARY")
        if local_bin:
            self.need_restart |= files.put(
                name="Upload locally built filtermail",
                src=local_bin,
                dest=self.bin_path,
                mode="755",
            ).changed
            return
        arch = host.get_fact(facts.server.Arch)
-        url = f"https://github.com/chatmail/filtermail/releases/download/v0.6.4/filtermail-{arch}"
+        url = f"https://github.com/chatmail/filtermail/releases/download/v0.6.1/filtermail-{arch}"
        sha256sum = {
-            "x86_64": "5295115952c72e4c4ec3c85546e094b4155a4c702c82bd71fcdcb744dc73adf6",
+            "x86_64": "48b3fb80c092d00b9b0a0ef77a8673496da3b9aed5ec1851e1df936d5589d62f",
-            "aarch64": "6892244f17b8f26ccb465766e96028e7222b3c8adefca9fc6bfe9ff332ca8dff",
+            "aarch64": "c65bd5f45df187d3d65d6965a285583a3be0f44a6916ff12909ff9a8d702c22e",
        }[arch]
        self.need_restart |= files.download(
            name="Download filtermail",
--- a/cmdeploy/src/cmdeploy/filtermail/filtermail-transport.service.j2
+++ b/cmdeploy/src/cmdeploy/filtermail/filtermail-transport.service.j2
@@ -1,11 +0,0 @@
 [Unit]
 Description=Chatmail transport service
 [Service]
 ExecStart={{ bin_path }} {{ config_path }} transport
 Restart=always
 RestartSec=30
 User=vmail
 [Install]
 WantedBy=multi-user.target
--- a/cmdeploy/src/cmdeploy/mtail/delivered_mail.mtail
+++ b/cmdeploy/src/cmdeploy/mtail/delivered_mail.mtail
@@ -78,11 +78,3 @@ counter rejected_unencrypted_mail_count
 /Rejected unencrypted mail/ {
  rejected_unencrypted_mail_count++
 }
 counter quota_expire_runs
 counter quota_expire_removed_files
 /quota-expire: removed (?P<count>\d+) message\(s\)/ {
  quota_expire_runs++
  quota_expire_removed_files += $count
 }
--- a/cmdeploy/src/cmdeploy/mtail/mtail.service.j2
+++ b/cmdeploy/src/cmdeploy/mtail/mtail.service.j2
@@ -1,6 +1,5 @@
 [Unit]
 Description=mtail
 After=multi-user.target
 [Service]
 Type=simple
--- a/cmdeploy/src/cmdeploy/nginx/nginx.conf.j2
+++ b/cmdeploy/src/cmdeploy/nginx/nginx.conf.j2
@@ -73,7 +73,7 @@ http {
 		access_log syslog:server=unix:/dev/log,facility=local7;
-		location /mxdeliv {
+		location /mxdeliv/ {
 		    proxy_pass http://127.0.0.1:{{ config.filtermail_http_port_incoming }};
 		}
--- a/cmdeploy/src/cmdeploy/postfix/main.cf.j2
+++ b/cmdeploy/src/cmdeploy/postfix/main.cf.j2
@@ -54,16 +54,14 @@ smtpd_tls_exclude_ciphers = aNULL, RC4, MD5, DES
 tls_preempt_cipherlist = yes
 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
-myhostname = {{ config.postfix_myhostname }}
+myhostname = {{ config.mail_domain }}
 alias_maps = hash:/etc/aliases
 alias_database = hash:/etc/aliases
-# When postfix receives mail for $mydestination,
+# Postfix does not deliver mail for any domain by itself.
-# it hands it over to dovecot via $local_transport.
+# Primary domain is listed in `virtual_mailbox_domains` instead
-mydestination = {{ config.mail_domain }}
+# and handed over to Dovecot.
-local_transport = lmtp:unix:private/dovecot-lmtp
+mydestination =
 # postfix doesn't check whether local users exist or not:
 local_recipient_maps =
 relayhost = 
 {% if disable_ipv6 %}
@@ -71,6 +69,15 @@ mynetworks = 127.0.0.0/8
 {% else %}
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
 {% endif %}
 {% if config.addr_v4 %}
 smtp_bind_address = {{ config.addr_v4 }}
 {% endif %}
 {% if config.addr_v6 %}
 smtp_bind_address6 = {{ config.addr_v6 }}
 {% endif %}
 {% if config.addr_v4 or config.addr_v6 %}
 smtp_bind_address_enforce = yes
 {% endif %}
 mailbox_size_limit = 0
 message_size_limit = {{config.max_message_size}}
 recipient_delimiter = +
@@ -81,6 +88,24 @@ inet_protocols = ipv4
 inet_protocols = all
 {% endif %}
 # Postfix does not try IPv4 and IPv6 connections
 # concurrently as of version 3.7.11.
 #
 # When relay has both A (IPv4) and AAAA (IPv6) records,
 # but broken IPv6 connectivity,
 # every second message is delayed by the connection timeout
 # <https://www.postfix.org/postconf.5.html#smtp_connect_timeout>
 # which defaults to 30 seconds. Reducing timeouts is not a solution
 # as this will result in a failure to connect to slow servers.
 #
 # As a workaround we always prefer IPv4 when it is available.
 # 
 # The setting is documented at
 # <https://www.postfix.org/postconf.5.html#smtp_address_preference>
 smtp_address_preference=ipv4
 virtual_transport = lmtp:unix:private/dovecot-lmtp
 virtual_mailbox_domains = {{ config.mail_domain }}
 lmtp_header_checks = regexp:/etc/postfix/lmtp_header_cleanup
 mua_client_restrictions = permit_sasl_authenticated, reject
@@ -93,12 +118,3 @@ smtpd_sender_login_maps = regexp:/etc/postfix/login_map
 # Do not lookup SMTP client hostnames to reduce delays
 # and avoid unnecessary DNS requests.
 smtpd_peername_lookup = no
 # Use filtermail-transport to relay messages.
 # We can't force postfix to split messages per destination,
 # when specifying a custom next-hop,
 # so instead this is handled in filtermail.
 # We use LMTP instead SMTP so we can communicate per-recipient errors back to postfix.
 default_transport = lmtp-filtermail:inet:[127.0.0.1]:{{ config.filtermail_lmtp_port_transport }}
 lmtp-filtermail_initial_destination_concurrency=10000
 lmtp-filtermail_destination_concurrency_limit=10000
--- a/cmdeploy/src/cmdeploy/postfix/master.cf.j2
+++ b/cmdeploy/src/cmdeploy/postfix/master.cf.j2
@@ -80,9 +80,8 @@ filter    unix -        n       n       -       -       lmtp
 127.0.0.1:{{ config.postfix_reinject_port }} inet  n       -       n       -       100      smtpd
  -o syslog_name=postfix/reinject
  -o milter_macro_daemon_name=ORIGINATING
  -o smtpd_milters=unix:opendkim/opendkim.sock
  -o cleanup_service_name=authclean
 {% if not config.ipv4_relay %}  -o smtpd_milters=unix:opendkim/opendkim.sock
 {% endif %}
 # Local SMTP server for reinjecting incoming filtered mail 
 127.0.0.1:{{ config.postfix_reinject_port_incoming }} inet  n       -       n       -       100      smtpd
@@ -101,8 +100,3 @@ filter    unix -        n       n       -       -       lmtp
 # cannot send unprotected Subject.
 authclean unix  n       -       -       -       0       cleanup
  -o header_checks=regexp:/etc/postfix/submission_header_cleanup
 lmtp-filtermail unix  -       -       y       -       10000       lmtp
  -o syslog_name=postfix/lmtp-filtermail
  -o lmtp_header_checks=
  -o lmtp_tls_security_level=none
--- a/cmdeploy/src/cmdeploy/tests/online/test_0_login.py
+++ b/cmdeploy/src/cmdeploy/tests/online/test_0_login.py
@@ -89,11 +89,12 @@ def test_concurrent_logins_same_account(
        assert login_results.get()
-def test_no_vrfy(cmfactory, chatmail_config, maildomain):
+def test_no_vrfy(cmfactory, chatmail_config):
    ac = cmfactory.get_online_account()
    addr = ac.get_config("addr")
    domain = chatmail_config.mail_domain
-    s = smtplib.SMTP(maildomain)
+    s = smtplib.SMTP(domain)
    s.starttls()
    s.putcmd("vrfy", f"wrongaddress@{chatmail_config.mail_domain}")
--- a/cmdeploy/src/cmdeploy/tests/online/test_1_basic.py
+++ b/cmdeploy/src/cmdeploy/tests/online/test_1_basic.py
@@ -8,7 +8,6 @@ import pytest
 from cmdeploy import remote
 from cmdeploy.cmdeploy import get_sshexec
 from chatmaild.config import is_valid_ipv4
 class TestSSHExecutor:
@@ -22,8 +21,6 @@ class TestSSHExecutor:
        assert out == out2
    def test_perform_initial(self, sshexec, maildomain):
        if is_valid_ipv4(maildomain):
            pytest.skip(f"{maildomain} is not a domain")
        res = sshexec(
            remote.rdns.perform_initial_checks, kwargs=dict(mail_domain=maildomain)
        )
@@ -224,6 +221,7 @@ def test_rewrite_subject(cmsetup, maildata):
    assert "Subject: Unencrypted subject" not in rcvd_msg
@pytest.mark.slow
 def test_exceed_rate_limit(cmsetup, gencreds, maildata, chatmail_config):
    """Test that the per-account send-mail limit is exceeded."""
    user1, user2 = cmsetup.gen_users(2)
@@ -246,6 +244,7 @@ def test_exceed_rate_limit(cmsetup, gencreds, maildata, chatmail_config):
    pytest.fail("Rate limit was not exceeded")
@pytest.mark.slow
 def test_expunged(remote, chatmail_config):
    outdated_days = int(chatmail_config.delete_mails_after) + 1
    find_cmds = [
--- a/cmdeploy/src/cmdeploy/tests/online/test_2_deltachat.py
+++ b/cmdeploy/src/cmdeploy/tests/online/test_2_deltachat.py
@@ -15,7 +15,7 @@ def imap_mailbox(cmfactory, ssl_context):
    (ac1,) = cmfactory.get_online_accounts(1)
    user = ac1.get_config("addr")
    password = ac1.get_config("mail_pw")
-    host = user.split("@")[1].strip("[").strip("]")
+    host = user.split("@")[1]
    mailbox = imap_tools.MailBox(host, ssl_context=ssl_context)
    mailbox.login(user, password)
    mailbox.dc_ac = ac1
@@ -178,7 +178,7 @@ def test_hide_senders_ip_address(cmfactory, ssl_context):
    chat.send_text("testing submission header cleanup")
    user2.wait_for_incoming_msg()
    addr = user2.get_config("addr")
-    host = addr.split("@")[1].strip("[").strip("]")
+    host = addr.split("@")[1]
    pw = user2.get_config("mail_pw")
    mailbox = imap_tools.MailBox(host, ssl_context=ssl_context)
    mailbox.login(addr, pw)
--- a/cmdeploy/src/cmdeploy/tests/plugin.py
+++ b/cmdeploy/src/cmdeploy/tests/plugin.py
@@ -10,8 +10,7 @@ import time
 from pathlib import Path
 import pytest
-from chatmaild.config import read_config, format_mail_domain, is_valid_ipv4
+from chatmaild.config import read_config
 conftestdir = Path(__file__).parent
@@ -24,6 +23,12 @@ def _is_ip(domain):
        return False
 def pytest_addoption(parser):
    parser.addoption(
        "--slow", action="store_true", default=False, help="also run slow tests"
    )
 def pytest_configure(config):
    config._benchresults = {}
    config.addinivalue_line(
@@ -31,6 +36,13 @@ def pytest_configure(config):
    )
 def pytest_runtest_setup(item):
    markers = list(item.iter_markers(name="slow"))
    if markers:
        if not item.config.getoption("--slow"):
            pytest.skip("skipping slow test, use --slow to run")
 def _get_chatmail_config():
    inipath = os.environ.get("CHATMAIL_INI")
    if inipath:
@@ -59,12 +71,7 @@ def chatmail_config(pytestconfig):
@pytest.fixture(scope="session")
 def maildomain(chatmail_config):
-    return chatmail_config.mail_domain_bare
+    return chatmail_config.mail_domain
@pytest.fixture(scope="session")
 def maildomain_deliverable(maildomain):
    return format_mail_domain(maildomain)
@pytest.fixture(scope="session")
@@ -284,6 +291,7 @@ def gencreds(chatmail_config):
    def gen(domain=None):
        domain = domain if domain else chatmail_config.mail_domain
        addr_domain = f"[{domain}]" if _is_ip(domain) else domain
        while 1:
            num = next(count)
            alphanumeric = "abcdefghijklmnopqrstuvwxyz1234567890"
@@ -297,7 +305,7 @@ def gencreds(chatmail_config):
            password = "".join(
                random.choices(alphanumeric, k=chatmail_config.password_min_length)
            )
-            yield f"{user}@{domain}", f"{password}"
+            yield f"{user}@{addr_domain}", f"{password}"
    return lambda domain=None: next(gen(domain))
@@ -322,8 +330,7 @@ class ChatmailACFactory:
    def _make_transport(self, domain):
        """Build a transport config dict for the given domain."""
-        domain_deliverable = format_mail_domain(domain)
+        addr, password = self.gencreds(domain)
        addr, password = self.gencreds(domain_deliverable)
        transport = {
            "addr": addr,
            "password": password,
@@ -332,7 +339,7 @@ class ChatmailACFactory:
            "imapServer": domain,
            "smtpServer": domain,
        }
-        if domain.startswith("_") or is_valid_ipv4(domain):
+        if self.chatmail_config.tls_cert_mode == "self":
            transport["certificateChecks"] = "acceptInvalidCertificates"
        return transport
@@ -347,8 +354,7 @@ class ChatmailACFactory:
        accounts = []
        for _ in range(num):
            account = self.dc.add_account()
-            domain_deliverable = format_mail_domain(domain)
+            addr, password = self.gencreds(domain)
            addr, password = self.gencreds(domain_deliverable)
            if _is_ip(domain):
                # Use DCLOGIN scheme with explicit server hosts,
                # matching how madmail presents its addresses to users.
--- a/cmdeploy/src/cmdeploy/tests/test_cmdeploy.py
+++ b/cmdeploy/src/cmdeploy/tests/test_cmdeploy.py
@@ -39,14 +39,6 @@ class TestCmdline:
        out, err = capsys.readouterr()
        assert "deleting config file" in out.lower()
    def test_dns_skip_on_ip(self, capsys, tmp_path, monkeypatch):
        monkeypatch.delenv("CHATMAIL_INI", raising=False)
        inipath = tmp_path / "chatmail.ini"
        assert main(["init", "--config", str(inipath), "1.3.3.7"]) == 0
        assert main(["dns", "--config", str(inipath)]) == 0
        out, err = capsys.readouterr()
        assert out == "[WARNING] 1.3.3.7 is not a domain, skipping DNS checks.\n"
 def test_www_folder(example_config, tmp_path):
    reporoot = importlib.resources.files(__package__).joinpath("../../../../").resolve()
--- a/cmdeploy/src/cmdeploy/tests/test_helpers.py
+++ b/cmdeploy/src/cmdeploy/tests/test_helpers.py
@@ -1,10 +1,11 @@
-from pathlib import Path
+import importlib.resources
 from cmdeploy.www import build_webpages
 def test_build_webpages(tmp_path, make_config):
-    src_dir = (Path(__file__).resolve() / "../../../../../www/src").resolve()
+    pkgroot = importlib.resources.files("cmdeploy")
    src_dir = pkgroot.joinpath("../../../www/src").resolve()
    assert src_dir.exists(), src_dir
    config = make_config("chat.example.org")
    build_dir = tmp_path.joinpath("build")
--- a/cmdeploy/src/cmdeploy/www.py
+++ b/cmdeploy/src/cmdeploy/www.py
@@ -1,4 +1,5 @@
 import hashlib
 import importlib.resources
 import re
 import time
 import traceback
@@ -36,7 +37,7 @@ def prepare_template(source):
 def get_paths(config) -> (Path, Path, Path):
-    reporoot = (Path(__file__).resolve() / "../../../../").resolve()
+    reporoot = importlib.resources.files(__package__).joinpath("../../../").resolve()
    www_path = Path(config.www_folder)
    # if www_folder was not set, use default directory
    if config.www_folder == "":
@@ -132,7 +133,8 @@ def find_merge_conflict(src_dir) -> Path:
 def main():
-    reporoot = (Path(__file__).resolve() / "../../../../").resolve()
+    path = importlib.resources.files(__package__)
    reporoot = path.joinpath("../../../").resolve()
    inipath = reporoot.joinpath("chatmail.ini")
    config = read_config(inipath)
    config.webdev = True
--- a/doc/README.md
+++ b/doc/README.md
@@ -4,14 +4,12 @@
 You can use the `make` command and `make html` to build web pages. 
-You need a Python environment with `sphinx` and other
+You need a Python environment where the following install was excuted: 
-dependencies, you can create it by running `scripts/initenv.sh`
+
-from the repository root.
+    pip install furo sphinx-autobuild
 To develop/change documentation, you can then do: 
    . venv/bin/activate
    cd doc
    make auto 
 A page will open at https://127.0.0.1:8000/ serving the docs and it will 
--- a/doc/source/getting_started.rst
+++ b/doc/source/getting_started.rst
@@ -14,6 +14,8 @@ Minimal requirements and prerequisites
 You will need the following:
 -  Control over a domain through a DNS provider of your choice.
 -  A Debian 12 **deployment server** with reachable SMTP/SUBMISSIONS/IMAPS/HTTPS ports.
   IPv6 is encouraged if available. Chatmail relay servers only require
   1GB RAM, one CPU, and perhaps 10GB storage for a few thousand active
@@ -26,11 +28,6 @@ You will need the following:
   (An ed25519 private key is required due to an `upstream bug in
   paramiko <https://github.com/paramiko/paramiko/issues/2191>`_)
 -  Control over a domain through a DNS provider of your choice
   (there is experimental support for :ref:`DNS-less relays <iponly>`).
 .. _setup:
 Setup with ``scripts/cmdeploy``
 -------------------------------------
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -16,7 +16,5 @@ Contributions and feedback welcome through the https://github.com/chatmail/relay
    proxy
    migrate
    overview
    reverse_dns
    related
    faq
    iponly
--- a/doc/source/iponly.rst
+++ b/doc/source/iponly.rst
@@ -1,29 +0,0 @@
 .. _iponly:
 Hosting without DNS records
 ===========================
 .. note::
   This option is experimental and might change without notice.
 In case you don't have a domain,
 for example in a local network,
 you can run a chatmail relay with only an IPv4 address as well.
 To deploy a relay without a domain,
 run ``cmdeploy init`` with only the IPv4 address
 during the :ref:`installation steps <setup>`,
 for example ``cmdeploy init 13.12.23.42``.
 Drawbacks
 ---------
 - your transport encryption will only use self-signed TLS certificates,
  which are vulnerable against MITM attacks.
  the chatmail core's end-to-end encryption should suffice in most scenarios though.
 - your messages will not be DKIM-signed;
  experimentally, most chatmail relays accept non-DKIM-signed messages from IPv4-only relays,
  but some relays might not accept messages from yours.
--- a/doc/source/overview.rst
+++ b/doc/source/overview.rst
@@ -102,12 +102,8 @@ short overview of ``chatmaild`` services:
   Apple/Google/Huawei.
 -  `chatmail-expire <https://github.com/chatmail/relay/blob/main/chatmaild/src/chatmaild/expire.py>`_
-   deletes old messages, large messages, and entire mailboxes
+   deletes users if they have not logged in for a longer while.
-   of users who have not logged in for longer than
+   The timeframe can be configured in ``chatmail.ini``.
   ``delete_inactive_users_after`` days.
 -  ``chatmail-quota-expire`` is called by Dovecot's ``quota_warning`` mechanism
   and will automatically remove oldest messages to keep mailboxes well under ``max_mailbox_size``.
 -  `lastlogin <https://github.com/chatmail/relay/blob/main/chatmaild/src/chatmaild/lastlogin.py>`_
   is contacted by Dovecot when a user logs in and stores the date of
@@ -153,7 +149,6 @@ Chatmail relay dependency diagram
        autoconfig.xml --- dovecot;
        postfix --- |10080|filtermail-outgoing;
        postfix --- |10081|filtermail-incoming;
        postfix --- |10083|filtermail-transport;
        filtermail-outgoing --- |10025 reinject|postfix;
        filtermail-incoming --- |10026 reinject|postfix;
        dovecot --- |doveauth.socket|doveauth;
@@ -161,8 +156,6 @@ Chatmail relay dependency diagram
        /home/vmail/.../user"];
        dovecot --- |lastlogin.socket|lastlogin;
        dovecot --- chatmail-metadata;
        dovecot --- |quota-warning|chatmail-quota-expire;
        chatmail-quota-expire --- maildir;
        lastlogin --- maildir;
        doveauth --- maildir;
        chatmail-expire-daily --- maildir;
@@ -296,7 +289,9 @@ ensured by ``filtermail`` proxy.
 TLS requirements
 ~~~~~~~~~~~~~~~~
-Filtermail (used for delivery) requires a valid TLS.
+Postfix is configured to require valid TLS by setting
 `smtp_tls_security_level <https://www.postfix.org/postconf.5.html#smtp_tls_security_level>`_
 to ``verify``.
 You can test it by resolving ``MX`` records of your relay domain and
 then connecting to MX relays (e.g ``mx.example.org``) with
--- a/doc/source/reverse_dns.rst
+++ b/doc/source/reverse_dns.rst
@@ -1,64 +0,0 @@
 Configuring reverse DNS
 =======================
 Some email servers reject the emails
 if they don't pass `FCrDNS`_ check, also known as `iprev`_ check.
 .. _FCrDNS: https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
 .. _iprev: https://datatracker.ietf.org/doc/html/rfc8601#section-3
 Passing the check requires that the IP address that email is sent from
 should have a ``PTR`` record pointing to the domain name of the server,
 and domain name record should have an ``A/AAAA`` record
 pointing to the IP address.
 Modern email relies on DKIM and SPF for authentication,
 while iprev check exists for
 `historical reasons <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-reverse-mapping-considerations-06#section-2.1>`_.
 Chatmail relays don't resolve ``PTR`` records,
 so you can ignore this section if configuring ``PTR`` records
 is difficult and federation with legacy email servers that don't accept
 valid DKIM signature for authentication is not important.
 Multi-homed setups
 ------------------
 If you have a server with multiple IP addresses,
 also known as multi-homed setup,
 and don't publish all IP addresses in DNS,
 you need to make sure you are using
 the published address when making outgoing connections.
 For example, your server may have a static IP
 address, and a so-called Floating IP or Virtual IP
 that can be moved between servers in case of
 migration or for failover.
 By using Floating IP you can avoid downtime
 and keep the IP address reputation
 for destinatinons that rely on IP reputation and IP blocklists.
 In this case you will only publish
 the Floating IP to DNS and only use the static IP
 to SSH into the server.
 If you have such setup, make sure that
 you not only set ``PTR`` records for the Floating IP,
 but make outgoing connections using the Floating IP.
 Otherwise reverse DNS check succeed,
 but forward check making sure your domain name points
 to the IP address will fail.
 Such setup is indistinguishable from someone
 setting IP address ``PTR`` with the domain they don't own
 and as a result don't succeed.
 On Linux you can configure source IP address with ``ip route`` command,
 for example:
 ::
  ip route change default via <default-gateway> dev eth0 src <source-address>
 Make sure to persist the change after verifying it is working.
 You can check what your outgoing IP address is
 with ``curl icanhazip.com``.
 Check both the IPv4 and IPv6 addresses.
 For IPv4 address use ``curl ipv4.icanhazip.com`` or ``curl -4 icanhazip.com``
 and similarly for IPv6 if you have it.
--- a/scripts/initenv.sh
+++ b/scripts/initenv.sh
@@ -18,8 +18,15 @@ if command -v lsb_release 2>&1 >/dev/null; then
  esac
 fi
-python3 -m venv --upgrade-deps venv
+if command -v uv >/dev/null 2>&1; then
-
+  echo "Using uv for faster environment setup..."
-venv/bin/pip install -e chatmaild 
+  uv venv venv
-venv/bin/pip install -e cmdeploy
+  uv pip install --python venv/bin/python -e chatmaild
-venv/bin/pip install sphinx sphinxcontrib-mermaid sphinx-autobuild furo  # for building the docs
+  uv pip install --python venv/bin/python -e cmdeploy
  uv pip install --python venv/bin/python sphinx sphinxcontrib-mermaid sphinx-autobuild furo
 else
  python3 -m venv --upgrade-deps venv
  venv/bin/pip install -e chatmaild
  venv/bin/pip install -e cmdeploy
  venv/bin/pip install sphinx sphinxcontrib-mermaid sphinx-autobuild furo
 fi