Now imapsql module does not handle authentication. (it was not doing it so well
anyway)
sql_table module was introduced and used in the default configuration as
a replacement for functionality that was implemented by imapsql before.
Parts of maddyctl code were rewritten to make it work transparently with
any IMAP backend or credentials store.
Closes#212.
Several comments were removed since they are not worth the trouble.
A few minor issues were addressed.
Most of remaining comments got corresponding GitHub issues assigned.
With new authorization/authentication identities split, it is possible
to have non-email authentication identity while using email authorization
identity.
This makes server more aggressive in retrying delivery. The total
attempts time is approximately the same (around 5 days).
Notably, the increased amount of attempts is needed to handle large
recipient lists where the remote server sometimes rejects subset of them
with "Too Many Recipients" code.
See #149.
Set of flow restrictions is represented as a "limits" module instance
that can be either created inline via "limits" directive in some modules
(including "remote" target and "smtp" endpoint) or defined globally and
referenced in configuration of modules mentioned above.
This permits a variety of use cases, including shared and separate
counters for various endpoints and also "modules group" style sharing
described in #195.
Allows pipeline routing to be used in places where a regular target is
required. Also allows to share parts of pipeline configurations on the
semantical level (instead of lexical level as it goes with config
snippets), see #195.
It is pretty much not that simple as e.g WildDuck and not at all magical
like caddy.
It is (going to be) as powerful as Postfix & Dovecot combo. Except that
it is not tainted by 20 years of maintaining compatibility while adding
features, not tainted by defaults that were reasonable two decades ago
and so on.
maddy is locking in users by using a custom storage format, though. So
saying "GTFO, use a different server if you need that" is not a very
reasonable path to take.
New script build.sh is much more suitable for downstream packaging
(e.g. ./build.sh package) than hacked together package.sh wrapper for
get.sh while still being usable for "effort-less" installation.
Additionally, hostname setting in get.sh is flawed in many ways and is
not reimplemented in build.sh.
build.sh has proper command line options that allow to customize build
configuration and installation prefixes.
Documentation page get.sh is removed since all applicable environment
variables and flags are documented in ./build.sh --help.
build.sh can be called from the source directory to build maddy from
*this* source instead of forced 'go get' that was used in get.sh.
However, if build.sh is called not from the source directory, it clones
the repo and (optionally) uses the specified commit. This keeps build.sh
usable in curl|bash commands.
Due to the way source code is fetched, build.sh uses Git tags instead of
Go module versions as get.sh did.
This commit replaces two variants borrowed from caddy with {env:name}
syntax that is consistent with value placeholder syntax used in several
other places in maddy.
maddy(1) was incorrect calling them 'statedir' and 'runtimedir'.
Name with 'dir' is preferred since it is more explicit. Use of
underscores is consistent with other directives.
Similar to global scoring system that was removed before, but works only
for DNSBL. It is simplier and only actually useful for BLs, since
rejecting/quarantining messages based on a single listing is usually bad
idea and leads to a high false positives rate.
Previous approach consisted of multiple independent options with unknown
interaction between each other and not offering enough flexibility for
local policy configuration.
Additionally, it was not possible to implement downgrade protection
mentioned in #178 because it was not clear what is "downgrade" since
options were not related in any linear order, this commit makes it
explicit via the "security levels" system:
MX: DNSSEC > MTA-STS > Nothing
TLS: Authenticated+Encrypted > Encrypted > Plaintext
Note DNSSEC and MTA-STS being different levels, they provide different
security guarantees. Keeping them together under "authenticated" level
would not provide enough granularity for levels-based downgrade
protection and local policies.
'common_domain' MX authentication option is removed. It was offering no
real protection and therefore is was problematic to use together with
planned downgrade protection.
All security level errors are marked as temporary to force requeueing
and allow local admin to troubleshoot them without losing messages.
'remote' tests are changed to use testTarget function to initialize
tested module instance, since security levels mapping requires some
pre-initialization.
Support for IP literals in address domain-part is disabled because it
is incompatible with the new verification logic and was broken anyway
(#176).
Allow to override DNS resolver address via the -debug.dnsoverride flag
and SMTP port via -debug.smtpport.
All flags are not available unless maddy is built using the 'debugflags'
tag.
