expunge: reset maildirsize after expunging old mails

Switch SPF from fail to softfail (~all instead of -all)
This is recommended to prevent SPF failure from rejecting the message early in case messages are remailed without breaking DKIM.
2026-06-10 05:31:08 +00:00 · 2024-03-10 23:25:33 +01:00 · 2024-03-09 20:02:29 +00:00 · 2024-03-09 14:01:00 +01:00 · 2024-03-08 05:39:59 +01:00 · 2024-03-08 01:56:33 +00:00
6 changed files with 32 additions and 1 deletions
@@ -15,6 +15,7 @@ import requests
 DICTPROXY_LOOKUP_CHAR = "L"
 DICTPROXY_ITERATE_CHAR = "I"
 DICTPROXY_SET_CHAR = "S"
 DICTPROXY_BEGIN_TRANSACTION_CHAR = "B"
 DICTPROXY_COMMIT_TRANSACTION_CHAR = "C"
@@ -74,6 +75,10 @@ def handle_dovecot_request(msg, transactions, notifier):
    parts = msg[1:].split("\t")
    if short_command == DICTPROXY_LOOKUP_CHAR:
        return "N\n"
    elif short_command == DICTPROXY_ITERATE_CHAR:
        # Empty line means ITER_FINISHED.
        # If we don't return empty line Dovecot will timeout.
        return "\n"
    if short_command not in (DICTPROXY_TRANSACTION_CHARS):
        return
@@ -70,6 +70,21 @@ def test_handle_dovecot_protocol_set_devicetoken():
    assert wfile.getvalue() == b"O\n"
 def test_handle_dovecot_protocol_iterate():
    rfile = io.BytesIO(
        b"\n".join(
            [
                b"H",
                b"I9\t0\tpriv/5cbe730f146fea6535be0d003dd4fc98/\tci-2dzsrs@nine.testrun.org",
            ]
        )
    )
    wfile = io.BytesIO()
    notifier = Notifier()
    handle_dovecot_protocol(rfile, wfile, notifier)
    assert wfile.getvalue() == b"\n"
 def test_handle_dovecot_protocol_messagenew():
    rfile = io.BytesIO(
        b"\n".join(
@@ -471,6 +471,10 @@ def deploy_chatmail(config_path: Path) -> None:
    apt.update(name="apt update", cache_time=24 * 3600)
    server.group(name="Create vmail group", group="vmail", system=True)
    server.user(name="Create vmail user", user="vmail", group="vmail", system=True)
    apt.packages(
        name="Install rsync",
        packages=["rsync"],
    )
    # Run local DNS resolver `unbound`.
    # `resolvconf` takes care of setting up /etc/resolv.conf
@@ -6,7 +6,7 @@ _submissions._tcp.{chatmail_domain}. SRV 0 1 465 {chatmail_domain}.
 _imap._tcp.{chatmail_domain}.        SRV 0 1 143 {chatmail_domain}.
 _imaps._tcp.{chatmail_domain}.       SRV 0 1 993 {chatmail_domain}.
 {chatmail_domain}.                   CAA 128 issue "letsencrypt.org;accounturi={acme_account_url}"
-{chatmail_domain}.                   TXT "v=spf1 a:{chatmail_domain} -all"
+{chatmail_domain}.                   TXT "v=spf1 a:{chatmail_domain} ~all"
 _dmarc.{chatmail_domain}.            TXT "v=DMARC1;p=reject;adkim=s;aspf=s"
 _mta-sts.{chatmail_domain}.          TXT "v=STSv1; id={sts_id}"
 mta-sts.{chatmail_domain}.           CNAME {chatmail_domain}.
@@ -13,6 +13,12 @@ auth_cache_size = 100M
 mail_debug = yes
 {% endif %}
 # Prevent warnings similar to:
 #   config: Warning: service auth { client_limit=1000 } is lower than required under max. load (10200). Counted for protocol services with service_count != 1: service lmtp { process_limit=100 } + service imap-urlauth-login { process_limit=100 } + service imap-login { process_limit=10000 }
 #   config: Warning: service anvil { client_limit=1000 } is lower than required under max. load (10103). Counted with: service imap-urlauth-login { process_limit=100 } + service imap-login { process_limit=10000 } + service auth { process_limit=1 }
 #   master: Warning: service(stats): client_limit (1000) reached, client connections are being dropped
 default_client_limit = 20000
 mail_server_admin = mailto:root@{{ config.mail_domain }}
 mail_server_comment = Chatmail server
@@ -8,3 +8,4 @@
 # or only temporary (but then they shouldn't be around after {{ config.delete_mails_after }} days anyway).
 2 0 * * * vmail find /home/vmail/mail/{{ config.mail_domain }} -path '*/tmp/*' -mtime +{{ config.delete_mails_after }} -type f -delete
 2 0 * * * vmail find /home/vmail/mail/{{ config.mail_domain }} -path '*/.*/tmp/*' -mtime +{{ config.delete_mails_after }} -type f -delete
 3 0 * * * vmail find /home/vmail/mail/{{ config.mail_domain }} -name 'maildirsize' -type f -delete
Author	SHA1	Message	Date
missytake	00edc05892	expunge: reset maildirsize after expunging old mails	2024-03-10 23:25:33 +01:00
link2xt	4bca7891a2	Switch SPF from fail to softfail (`~all` instead of `-all`) This is recommended to prevent SPF failure from rejecting the message early in case messages are remailed without breaking DKIM.	2024-03-09 20:02:29 +00:00
link2xt	2e23e743fd	dovecot: increase default_client_limit	2024-03-09 14:01:00 +01:00
link2xt	edc593586b	Implement "iterate" command in metadata server Otherwise Dovecot times out when trying to iterate over metadata of the folder. Apparently it happens when attempting to delete folder from the server over IMAP.	2024-03-08 05:39:59 +01:00
holger krekel	1e229ad2de	Add tests to metadata/token handling and post notifications in background thread (#224 )	2024-03-08 01:56:33 +00:00
missytake	8baee557ee	make sure rsync is installed, later commands depend on it	2024-03-07 19:14:48 +01:00