email: Set up local delivery (no spam filtering)

Hosts file:

192.168.56.101 host1.test.example virtualbox
10.42.0.101    host2.test.example freedombox

Container setup (run commands in container)

1. Install the email server module
2. Create a FreedomBox account for `fred`
3.
$ sudo postconf myhostname=host2.test.example
$ echo "contactfred: fred" | sudo tee -a /etc/aliases
$ sudo newaliases
$ sudo systemctl reload postfix

Test IMAP (run on host1.test.example)

$ swaks --to=contactfred@host2.test.example --from=spam@host1.test.example
$ mutt -f imaps://fred@host2.test.example

Test mail submission (run in container):

$ swaks --to=spam@host1.test.example --from=contactfred@host2.test.example \
        --server host2.test.example:587 --tlso --auth-user=fred

plinth/modules/email_server/__init__.py

@@ -8,6 +8,7 @@ import plinth.app
 import plinth.daemon
 import plinth.frontpage
 import plinth.menu
+from plinth import actions
 from plinth.modules.firewall.components import Firewall
 
 from . import audit
@@ -95,3 +96,6 @@ def setup(helper, old_version=None):
     """Installs and configures module"""
     helper.install(managed_packages)
     helper.call('post', audit.ldap.repair)
+    helper.call('post', app.enable)
+    for service_name in managed_services:
+        actions.superuser_run('service', ['reload', service_name])

plinth/modules/email_server/audit/ldap.py

@@ -9,7 +9,9 @@ from . import models
 default_config = {
     'smtpd_sasl_auth_enable': 'yes',
     'smtpd_sasl_type': 'dovecot',
-    'smtpd_sasl_path': 'private/auth'
+    'smtpd_sasl_path': 'private/auth',
+    'mailbox_transport': 'lmtp:unix:private/dovecot-lmtp',
+    'virtual_transport': 'lmtp:unix:private/dovecot-lmtp'
 }
 
 submission_flags = postconf.ServiceFlags(

plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-auth.conf

@@ -0,0 +1,22 @@
+# Direct edits to this file will be lost!
+# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
+
+auth_mechanisms = plain login
+
+passdb {
+  driver = ldap
+  args = /etc/dovecot/freedombox-ldap-passdb.conf.ext
+  # Block the default passdb lookup (pam, 10-auth.conf)
+  result_failure = return-fail
+  result_internalfail = return-fail
+  result_success = return-ok
+}
+
+userdb {
+  driver = ldap
+  args = /etc/dovecot/freedombox-ldap-userdb.conf.ext
+  # Block the default userdb lookup (passwd, 10-auth.conf)
+  result_failure = return-fail
+  result_internalfail = return-fail
+  result_success = return-ok
+}

plinth/modules/email_server/data/etc/dovecot/conf.d/90-freedombox-master.conf

@@ -0,0 +1,18 @@
+# Direct edits to this file will be lost!
+# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
+
+service auth {
+  unix_listener /var/spool/postfix/private/auth {
+      mode = 0600
+      user = postfix
+      group = postfix
+  }
+}
+
+service lmtp {
+  unix_listener /var/spool/postfix/private/dovecot-lmtp {
+    mode = 0600
+    user = postfix
+    group = postfix
+  }
+}

plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-passdb.conf.ext

@@ -0,0 +1,8 @@
+# Direct edits to this file will be lost!
+# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
+
+uris = ldap://127.0.0.1
+base = dc=thisbox
+
+auth_bind = yes
+auth_bind_userdn = uid=%u,ou=users,dc=thisbox

plinth/modules/email_server/data/etc/dovecot/freedombox-ldap-userdb.conf.ext

@@ -0,0 +1,18 @@
+# Direct edits to this file will be lost!
+# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
+
+uris = ldap://127.0.0.1
+base = dc=thisbox
+
+user_attrs = \
+  =home=%{ldap:homeDirectory}, \
+  =uid=%{ldap:uidNumber}, \
+  =gid=%{ldap:gidNumber}, \
+  =mail=maildir:~/Maildir:LAYOUT=index
+
+user_filter = (&(objectClass=posixAccount)(uid=%Ln))
+
+# For doveadm
+
+iterate_attrs = =user=%{ldap:uid}
+iterate_filter = (objectClass=posixAccount)