If the domain part was not provided, $myhostname will be used.
In case $myhostname is not in $mydestinations, the email will be relayed.
In case $myhostname is invalid, the email will be bounced.
The next hop should always be LMTP (local: transport)
and hence the `@localhost`
- View: security.html -> email_security.html
- Setup: will not install Redis
- Setup: put clamav packages on hold
- Crash recovery: opening firewall ports becomes the last post action
- Crash recovery: group postconf.set_many into small transactions
- Crash recovery: safer postconf.set_master_cf_options
- Make extensive use of the milter protocol
- Milter: add X-Fbx- headers to emails
- All submitted mails go to smtp:localhost:10025 for filtering
- Header privacy for submitted mails
- Rspamd: be able to inject and replace FreedomBox-managed config
- Reserve special addresses for future use
Known issue: internal emails do not go through spam filtering
- Move render_tabs into plinth.views
- Move admin_tabs and user_tabs into the class
- New interproc module contains inter-process functions
- New helper methods in TabMixin
email_server:
- `-i` option passes all remaining arguments to action
- delete unused "touch file" option
Views:
- delete broken links
- add tabs to every page
- separate admin tabs from user tabs
- Separate alias database from system
- Block mail to system users, without backscatter
- Alias management UI for non-admin users
- Enabling/Disabling aliases (mails to /dev/null)
Misc. changes
- Daemon management
- Backup information
- Postconf diagnostics interface
- New class: `MainCfDiagnosis`
- "Advise and repair" mechanism reduces the number of postconf calls
- File locking: lock acquisition moved into audit module
- Enables finer-grained control
- Rewrote action script to eliminate stdin communication
- Changed return type of audit.*.get()
- An audit can return multiple lines of diagnostics
- Move recommended endpoint URLs into function docstrings
- Install postfix and manage the service
- Import ugettext
- Dummy forms and views
- <module>.version (integer) is required
[sunil: Disable the app until remaining issues are worked out]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
- Re-use the same validator in Matrix Synapse.
- Avoid importing plinth classes in actions files.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This implementation is very similar to that of Matrix Synapse with a lot
of code duplicated.
One major difference is that ejabberd doesn't have a conf.d/ directory.
So, the managed configuration and overridden configuration cannot be
cleanly separated.
Whether the configuration is managed or not is determined by the
presence of a file under `/etc/ejabberd`. Managed coturn configuration
isn't stored in ejabberd, since only one set of configuration can be
stored at a time. If the admin chooses to use the managed configuration,
the current coturn configuration is fetched and used to configure
ejabberd.
Fixes#1978
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #514.
Test: Ran diagnostics with all apps enabled.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Return a warning result if no domains are configured.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This was used before to ensure the domain name was ASCII. However, str
does not convert to ASCII in Python 3.
Note that in config module, which sets the system domain name, the
domain is already restricted to alphanumerics, hyphen, and period.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Domain name is not case sensitive, but Let's Encrypt certificate paths
use lower-case domain name.
Add an extra 1 second delay to tests that configure DynamicDNS domain.
Test: DynamicDNS functional tests are passing.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
After a domain name change, Let's Encrypt will restart the webserver
and could cause a connection failure.
Test: DynamicDNS functional tests are passing.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
