Security for LMTP should be configured using Implicit TLS that is
already supported using tls:// scheme for addresses. TLS
is also unnecessary for most LMTP use-cases (Unix sockets, etc) and
attempting STARTTLS caused issues in the past (see #309).
On the way to keeping a reasonable degree of compatibility, we are now
issuing at least one minor version with functionality being marked as
deprecated instead of directly removing it.
Since STARTTLS Everywhere support is broken anyway due to list being
expired - we stub out all related code and make it no-op.
In 0.5 it will be gone completely.
Closes#244.
go-sqlite3 does not implement them properly (in fact, the proper support
was just removed, wtf, mattn). Additionally, go-sqlite3 does not handle
$name or @name properly despite these being supported by SQLite, only
:name works.
Closes#241.
Remove link to CONTRIBUTING.md from README.md since it is included
in documentation build and results in broken link since CONTRIBUTING.md
is not included. It does not seem to be possible to include files from
parent directories and symlinks do not work.
Fix man page link in seclevels.md.
Add missing maddy-tables(5) link in maddy(1) "See Also".
Closes#223.
This allows modules to be used as a table to check account existence.
auth/pass_table: Implement module.Table interface
auth/shadow: Implement module.Table interface
auth/plain_separate: Implement module.Table interface
Now imapsql module does not handle authentication. (it was not doing it so well
anyway)
sql_table module was introduced and used in the default configuration as
a replacement for functionality that was implemented by imapsql before.
Parts of maddyctl code were rewritten to make it work transparently with
any IMAP backend or credentials store.
Closes#212.
Several comments were removed since they are not worth the trouble.
A few minor issues were addressed.
Most of remaining comments got corresponding GitHub issues assigned.
With new authorization/authentication identities split, it is possible
to have non-email authentication identity while using email authorization
identity.
This makes server more aggressive in retrying delivery. The total
attempts time is approximately the same (around 5 days).
Notably, the increased amount of attempts is needed to handle large
recipient lists where the remote server sometimes rejects subset of them
with "Too Many Recipients" code.
See #149.
