| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Prevent outgoing spoofed emails by requiring the MAIL FROM header to
match the SASL login name.
Specifically, the SASL user must "own" the address.
`smtpd_sender_login_maps` defines a lookup table to determine ownership.
We create a placeholder table that states each user simply owns their
own email address (aka: the value of their username).
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Protect user privacy by stripping IP addresses from headers received
from authenticated mail submission. Headers for mail received from
other servers are unaffected.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Sending mail to an external server previously fails due to name
resolution error. ("Host or domain name not found. Name service error
for name=xxxxxxxxxx type=A: Host not found, try again")
The reason this was happening is because the relay process runs in a
chroot jail and can not access the docker container's resolve.conf file.
Given the system is containerized, which is like a chroot on steroids,
I'm comfortable disabling chrooting for mail processes to work around
this.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
The encrypted "submissions" port (465) is opened in postfix and is
configured for delivery of outgoing mail of authenticated users only.
The authentication is provided by dovecot via unix socket and account
data is sourced from the userconfig directory.
Signed-off-by: Malfurious <m@lfurio.us>
|
|
Signed-off-by: Malfurious <m@lfurio.us>
|
