turn chatmail-expire live

and provide reporting about which mailbox is being scanned.

CHANGELOG.md

@@ -2,12 +2,6 @@
 
 ## untagged
 
-- QoL: Add a script for creating DNS records in Cloudflare 
-  ([#692](https://github.com/chatmail/relay/pull/692))
-
-- Require TLS 1.2 for outgoing SMTP connections
-  ([#685](https://github.com/chatmail/relay/pull/685))
-
 - filtermail: run CPU-intensive handle_DATA in a thread pool executor
   ([#676](https://github.com/chatmail/relay/pull/676))
 

README.md

@@ -69,20 +69,6 @@ Please substitute it with your own domain.
     mta-sts.chat.example.com. 3600 IN CNAME chat.example.com.
    ```
 
-> [!note]
-> If you use Cloudflare as your DNS server, you can use a script that will automatically create all the necessary DNS records!
-> To do this, you need to [create an API token](https://dash.cloudflare.com/profile/api-tokens) 
-> and execute the following commands in the console after you clone the repository (step 2):
-> ```bash
-> CLOUDFLARE_API_KEY="dsfkljhfkjldwsnfkjldsnf" # REPLACE TO YOURS
-> ZONE_ID="sdkjbfbnjkdsbfjkdsbkjfbds" # REPLACE TO YOURS
-> CHATMAIL_FULL_DNS_NAME="chat.example.com" # REPLACE TO YOURS
-> CHATMAIL_PUBLIC_IP="198.51.100.5" # REPLACE TO YOURS
-> # IPV6_ENABLED="true" # (optional) by default 'false'
-> # CHATMAIL_PUBLIC_IPv6="2001:db8::5" # (optional) REPLACE TO YOURS
-> ./scripts/create_cloudflare_records.sh
-> ```
-
 2. On your local PC, clone the repository and bootstrap the Python virtualenv.
 
    ```

cmdeploy/src/cmdeploy/postfix/main.cf.j2

@@ -26,7 +26,6 @@ smtp_tls_security_level=verify
 smtp_tls_servername = hostname
 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 smtp_tls_policy_maps = inline:{nauta.cu=may}
-smtp_tls_protocols = >=TLSv1.2
 smtpd_tls_protocols = >=TLSv1.2
 
 # Disable anonymous cipher suites

scripts/create_cloudflare_records.sh

@@ -1,173 +0,0 @@
-#!/bin/bash
-# go to https://dash.cloudflare.com/profile/api-tokens
-# "create token" -> "Edit zone DNS"
-## optionaly: rename token
-## set your zone 
-# "continue to summary" -> "create token"
-# copy your created token
-
-CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
-ZONE_ID=${ZONE_ID}
-
-CHATMAIL_FULL_DNS_NAME=${CHATMAIL_FULL_DNS_NAME}
-CHATMAIL_PUBLIC_IP=${CHATMAIL_PUBLIC_IP}
-
-IPV6_ENABLED=${IPV6_ENABLED:-false}
-CHATMAIL_PUBLIC_IPv6=${CHATMAIL_PUBLIC_IPv6}
-
-#####################
-# why 'proxied' is 'false'?
-# I suppose that if Cloudflare is blocked in a country, clients cannot use Deltachat without a VPN.
-#####################
-PROXIED=${PROXIED:-"false"}
-
-check_variables() {
-    required_vars=(
-    CLOUDFLARE_API_KEY
-    ZONE_ID
-    CHATMAIL_FULL_DNS_NAME
-    CHATMAIL_PUBLIC_IP
-    )
-
-    missing_vars=()
-
-    for var in "${required_vars[@]}"; do
-    if [ -z "${!var}" ]; then
-        missing_vars+=("$var")
-    fi
-    done
-
-    if [ ${#missing_vars[@]} -ne 0 ]; then
-    echo "❌ Error: this variables not set or empty:"
-    for var in "${missing_vars[@]}"; do
-        echo "  - $var"
-    done
-    echo "Please execute command 'export var_name=\"var_value\"' and restart script."
-    exit 1
-    fi
-}
-
-
-create_record() {
-    local data=$1
-    curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records \
-    -H 'Content-Type: application/json' \
-    -H "Authorization: Bearer ${CLOUDFLARE_API_KEY}" \
-    -d "$1"
-}
-
-generate_post_data_a_aaaa_record()
-{
-    local name=$1
-    local type=${2:-"A"}
-    cat <<EOF
-{
-    "name": "${name}",
-    "ttl": 3600,
-    "type": "${type}",
-    "comment": "",
-    "content": "${CHATMAIL_PUBLIC_IP}",
-    "proxied": ${PROXIED}
-}
-EOF
-}
-
-generate_post_data_cname_record()
-{
-    local name=$1
-    cat <<EOF
-{
-    "name": "${name}",
-    "ttl": 3600,
-    "type": "CNAME",
-    "comment": "",
-    "content": "${CHATMAIL_FULL_DNS_NAME}",
-    "proxied": ${PROXIED}
-}
-EOF
-}
-
-generate_post_data_mx_record()
-{
-    local name=$1
-    cat <<EOF
-{
-    "name": "${name}",
-    "ttl": 120,
-    "type": "MX",
-    "comment": "",
-    "content": "${CHATMAIL_FULL_DNS_NAME}",
-    "priority": 10,
-    "proxied": ${PROXIED}
-}
-EOF
-}
-
-generate_post_data_txt_record()
-{
-    local name=$1
-    local content=$2
-    cat <<EOF
-{
-    "name": "${name}",
-    "ttl": 120,
-    "type": "TXT",
-    "comment": "",
-    "content": "$content",
-    "proxied": ${PROXIED}
-}
-EOF
-}
-
-generate_post_data_srv_record()
-{
-    local name=$1
-    local port=$2
-    cat <<EOF
-{
-    "name": "${name}",
-    "ttl": 120,
-    "type": "SRV",
-    "comment": "",
-    "data": {
-        "port": $port,
-        "priority": 0,
-        "target": "${CHATMAIL_FULL_DNS_NAME}",
-        "weight": 1
-    },
-    "proxied": ${PROXIED}
-}
-EOF
-}
-
-check_variables
-
-# A records
-create_record "$(generate_post_data_a_record "$CHATMAIL_FULL_DNS_NAME" "A")"
-create_record "$(generate_post_data_a_record "*.$CHATMAIL_FULL_DNS_NAME" "A")"
-
-# AAAA records
-if [ $IPV6_ENABLED = true ]; then # note: I don't have an IPv6 address, so this part hasn't been tested!
-    create_record "$(generate_post_data_a_record "$CHATMAIL_FULL_DNS_NAME" "AAAA")"
-    # create_record "$(generate_post_data_a_record "*.$CHATMAIL_FULL_DNS_NAME" "AAAA")"
-fi
-
-# CNAME records
-create_record "$(generate_post_data_cname_record "mta-sts.$CHATMAIL_FULL_DNS_NAME")"
-create_record "$(generate_post_data_cname_record "www.$CHATMAIL_FULL_DNS_NAME")"
-
-# MX records
-create_record "$(generate_post_data_mx_record "$CHATMAIL_FULL_DNS_NAME")"
-
-# TXT records
-create_record "$(generate_post_data_txt_record "$CHATMAIL_FULL_DNS_NAME" '\"v=spf1 a ~all\"')"
-create_record "$(generate_post_data_txt_record "_dmarc.$CHATMAIL_FULL_DNS_NAME" '\"v=DMARC1;p=reject;adkim=s;aspf=s\"')"
-create_record "$(generate_post_data_txt_record "_adsp._domainkey.$CHATMAIL_FULL_DNS_NAME" '\"dkim=discardable\"')"
-create_record "$(generate_post_data_txt_record "opendkim._domainkey.$CHATMAIL_FULL_DNS_NAME" '\"v=DKIM1;k=rsa;p=;s=email;t=s\"')"
-create_record "$(generate_post_data_txt_record "_mta-sts.$CHATMAIL_FULL_DNS_NAME" '\"v=STSv1; id='"$(date +"%Y%m%d%H%M")"'\"')"
-
-# SRV records
-create_record "$(generate_post_data_srv_record "_imap._tcp.$CHATMAIL_FULL_DNS_NAME" "143")"
-create_record "$(generate_post_data_srv_record "_imaps._tcp.$CHATMAIL_FULL_DNS_NAME" "993")"
-create_record "$(generate_post_data_srv_record "_submission._tcp.$CHATMAIL_FULL_DNS_NAME" "587")"
-create_record "$(generate_post_data_srv_record "_submissions._tcp.$CHATMAIL_FULL_DNS_NAME" "465")"