This project is mirrored from https://blitiri.com.ar/repos/chasquid.
Pull mirroring updated .
- 19 Jun, 2022 2 commits
-
-
Alberto Bertogli authored
This patch updates the dependency on blitiri.com.ar/go/spf from v1.3.0 to v1.4.0. There are no code changes needed, but the new version contains some important fixes around lookup limits counting.
-
Alberto Bertogli authored
Some dkimpy versions have a bug where it can't parse the keys generated by its own key generator. That causes the dkimpy test to fail. See https://bugs.launchpad.net/dkimpy/+bug/1978835 for more details. This patch adds a workaround which detects the buggy version, and skip the test if needed.
-
- 11 Mar, 2022 2 commits
-
-
Alberto Bertogli authored
This patch implements support for catch-all aliases, where users can add a `*: destination` alias. Mails sent to unknown users (or other aliases) will not be rejected, but sent to the indicated destination instead. Please see https://github.com/albertito/chasquid/issues/23 and https://github.com/albertito/chasquid/pull/24 for more discussion and background. Thanks to Alex Ellwein (aellwein@github) for the alternative patch and help with testing; and to ThinkChaos (ThinkChaos@github) for help with testing.
-
Alberto Bertogli authored
This patch does a general pass updating Go modules to recent versions, and regenerates the protobufs accordingly. The main purpose is to make sure people building from source are using relatively recent versions of our dependencies.
-
- 05 Mar, 2022 1 commit
-
-
Alberto Bertogli authored
-
- 27 Feb, 2022 2 commits
-
-
Alberto Bertogli authored
This patch updates the dependency on blitiri.com.ar/go/spf from v1.2.0 to v1.3.0, which includes a few bug fixes. There are no code changes needed, just some minor adjustment to the tests due to error strings changing. The go.mod "go" keyword is also bumped up to 1.15 since it's the minimum supported version since commit e444fe1f (2021-10-05).
-
Alberto Bertogli authored
The install guide mentions that the `certs/` directory can be symlinked, but doesn't cover permissions much, so it's easy for users to be confused (like it happened in https://github.com/albertito/chasquid/issues/26). This patch adds a bit more details on how to set up certificates, to hopefully reduce the chances of confusion.
-
- 21 Jan, 2022 4 commits
-
-
Alberto Bertogli authored
This patch adds tracing to aliases' Exist and Resolve functions, to help troubleshoot problems with alias resolution.
-
Alberto Bertogli authored
This patch skips the resolution logic if the address is not local. Today, the resolution logic handles that case transparently, and returns the original email address, so this should be a no-op. However, having an explicit early check makes the resolution logic more robust, and will simplify future patches. Note this also means that the `alias-resolve` hook is no longer run for non-local aliases, which should also help simplify their implementation.
-
Alberto Bertogli authored
This patch simplifies the internal alias lookup logic, unifying it across Resolve and Exists. As part of this, the `alias-exists` hook is removed. It was redundant to begin with, although it enabled a potential optimization, it isn't worth the complexity. The timeout for execution of both was the same. This change should be backwards-compatible because `alias-resolve` is still used, and the semantics haven't changed.
-
Alberto Bertogli authored
If the `drop_characters` or `suffix_separators` options are set to "", currently instead of the empty string, their default value is used instead. This is a bug, and it also happens on other config options, but because the others have to be set in order for chasquid to function, it's not a problem in practice. Thanks Björn Busse (bbusse@github) for finding and reporting this problem, on irc and in https://github.com/albertito/chasquid/issues/25. This patch fixes the problem by marking these fields explicitly optional, which enables presence testing, as described in the protobuf documentation: https://github.com/protocolbuffers/protobuf/blob/master/docs/field_presence.md.
-
- 06 Dec, 2021 1 commit
-
-
Alberto Bertogli authored
Document that only haproxy's PROXY protocol v1 is supported. This can help users configure their instance and avoid trying to set up other versions. Thanks to Björn Busse (bbuse@github) for reporting this!
-
- 26 Nov, 2021 1 commit
-
-
Alberto Bertogli authored
This patch adds tests for STS policy checks in combination with TLS security levels. This helps ensure we're detecting mis-matches of TLS status (plain/insecure/secure) and STS policy enforcement.
-
- 29 Oct, 2021 1 commit
-
-
Alberto Bertogli authored
The `which` command isn't guaranteed to be available, it is just extremely common; `command -v` is the standard way to do find an executable program. See https://lwn.net/Articles/874049/ for more details. This patch replaces the uses of `which` with `command -v`, which only appears in a couple of tests.
-
- 25 Oct, 2021 2 commits
-
-
Alberto Bertogli authored
When using STARTTLS, the SMTP courier needs to determine whether the server certificates are valid or not. Today, that's implemented via connecting once with full certificate verification, and if that fails, reconnecting with verification disabled. This works okay in practice, but it is slower on insecure servers (due to the reconnection), and some of them even complain because we connect too frequently, causing delivery problems. The latter has only been observed once, on the drv-berlin-brandenburg.de MX servers. To improve on that situation, this patch makes the courier do the TLS connection only once, and uses the verification results directly. The behaviour of the server is otherwise unchanged. The only difference is that when delivering mail to servers that have invalid certificates, we now connect once instead of twice. The tests are expanded to increase coverage for this particular case.
-
Alberto Bertogli authored
This patch moves the GenerateCert function from the smtpsrv tests to the common testlib, so it can be used by other tests in the future.
-
- 08 Oct, 2021 4 commits
-
-
Alberto Bertogli authored
When resolving MX records, we need to distinguish between "no such domain" and other kinds of errors. Before Go 1.13, this was not possible, so we had a workaround that assumed any permanent error was a "no such domain", which is not great, but functional. Now that our minimum supported version is Go 1.15, we can remove the workaround. This patch replaces the workaround with proper logic using DNSError.IsNotFound to identify NXDOMAIN results when resolving MX records. This requires to adjust a few tests, that used to work on environments where resolving unknown domains (used for testing) returned a permanent error, and now they no longer do so. Instead of relying on this environmental property, we make the affected tests use our own DNS server, which should make them more hermetic and reproducible.
-
Alberto Bertogli authored
tls.BuildNameToCertificate has been deprecated, and calling it is no longer necessary since Go 1.14. Now that our minimum supported Go version is 1.15, we can remove it.
-
Alberto Bertogli authored
In the Dovecot integration test, we can now simplify the configuration as we assume Dovecot 2.3 is the minimum version supported for testing (as that's the one from Debian stable at the moment).
-
Alberto Bertogli authored
Today, we use `golang.org/x/crypto/ssh/terminal` to read passwords. That package is obsolete, replaced with `golang.org/x/term`. We couldn't move them because term wasn't compatible with Go 1.11 which was our oldest supported Go version. Now that we moved to Go 1.15 as the oldest supported version, we can do the update.
-
- 04 Oct, 2021 2 commits
-
-
Alberto Bertogli authored
Travis hasn't worked in a while, is shutting down for most projects, and we have already removed it from all public documentation. Also all the functionality it provided is now provided by GitLab CI. This patch removes the obsolete Travis configuration file.
-
Alberto Bertogli authored
With the new Debian stable release, we now support back to Go 1.15. Update the automated tests to reflect this.
-
- 03 Sep, 2021 1 commit
-
-
Alberto Bertogli authored
The latest Debian stable images don't include the `setcap` binary by default like they used to. Our Docker build depends on it, so this patch makes the Dockerfile install the libcap2-bin package (which contains the `setcap` binary).
-
- 14 Aug, 2021 1 commit
-
-
Alberto Bertogli authored
When doing a `docker pull`, if a tag is not specified, it defaults to `latest`. We currently don't push such a tag, so it can cause confusion in some cases (e.g. https://github.com/albertito/chasquid/issues/21). To help prevent this, make the docker automatic builds for `master` also apply the `latest` tag. As a part of this, update the obsolete `$CI_BUILD_REF_NAME` to `$CI_COMMIT_REF_NAME`.
-
- 30 Jul, 2021 1 commit
-
-
Alberto Bertogli authored
-
- 25 Jul, 2021 1 commit
-
-
Alberto Bertogli authored
This patch adds some basic instructions to the documentation on how to set up DKIM, using the tools supported by the example hook. It's not meant to be a full DKIM how-to, but to help someone who already knows enough, or who is complementing it with a more general purpose DKIM guide.
-
- 21 Jul, 2021 1 commit
-
-
Alberto Bertogli authored
This patch adds support in the default hook for using dkimpy for DKIM signing. Unfortunately, dkimpy binaries have the same name as driusan/dkim's, so we need to use --help to disambiguate. It's not pretty but it should work, and is quite self contained. Also, for the integration tests, we still need driusan/dkim because dkimpy lacks the features needed. Specifically, dkimpy's dkimverify can't be made to use custom DNS, or override the TXT values in any way, so we can't verify that the generated signature is reasonable. Thanks to ne9z@github for suggesting this change and providing an alternative patch in https://github.com/albertito/chasquid/pull/19.
-
- 14 Jul, 2021 1 commit
-
-
Alberto Bertogli authored
Most integration tests depend on the $HOSTALIASES environment variable being functional. That variable works on most systems, but not all. In particular, systems with `systemd-resolved` can cause the variable to be ignored. This was reported by Alex Ellwein in https://github.com/albertito/chasquid/issues/20. This patch makes the affected tests to be skipped if $HOSTALIASES is not working properly. It also removes unnecessary hosts files from tests which don't need it, and documents this behaviour. Thanks to Alex Ellwein and foxcpp@ for reporting and helping investigate this issue!
-
- 08 Jul, 2021 1 commit
-
-
Alberto Bertogli authored
The chasquid-rspamd utility (https://github.com/Thor77/chasquid-rspamd) provides a better integration with rspamd, by taking envelope and connection information from the environment variables, and communicating with rspamd using its protocol. So if it is available, use it instead of rspamc in the default hook.
-
- 25 Jun, 2021 1 commit
-
-
Alberto Bertogli authored
Some LMTP servers (like dovecot) can't handle UTF8 addresses in the LMTP commands. This can be problematic if we want to use them with UTF8 domains or usernames, which are well supported by chasquid. To help workaround this issue, this patch adds a new -to_puny flag for mda-lmtp, that makes it encode `from` and `recipient` in punycode. That way, the server will get punycode-encoded (ASCII) strings in the LTMP commands. This can be particularly convenient when the recipients are ASCII (because they're under the mail server control), but `from` may not be (because it comes from the network).
-
- 11 Jun, 2021 7 commits
-
-
Alberto Bertogli authored
By default, golang.org/x/net/trace currently only allows the tracing pages to be seen from localhost. This restriction can be confusing for people accessing the monitoring server remotely, and adds no value in our environment. The monitoring server already exports very sensitive information, and must be enabled with care, and is not on by default. This is well documented. This patch removes the restriction, making all the monitoring pages equally accessible.
-
Alberto Bertogli authored
Some deployments already have users that authenticate without a domain. Today, we refuse to even consider those, and reject them at parsing time. However, it is a use-case worth supporting, at least with some restrictions that make the complexity manageable. This patch changes the auth package to support authenticating users without an "@domaiN" part. Those requests will always be directly passed on to the fallback authenticator, if available. The dovecot fallback authenticator can already handle this case just fine.
-
Alberto Bertogli authored
The openmetrics proposed standard says we should use the `application/openmetrics-text` content type when exporting the metrics. Currently we use `text/plain` for backwards compatibility with Prometheus, but the new content type is apparently supported since 2018, so it should be safe to update to match the current proposed standard.
-
Alberto Bertogli authored
To help with defense-in-depth on cross-protocol attacks (e.g. https://alpaca-attack.com/), this patch makes chasquid reject HTTP commands.
-
Alberto Bertogli authored
Today, we close the connection after 10 errors. While this is fine for normal use, it is unnecessarily large. Lowering it to 3 helps with defense-in-depth for cross-protocol attacks (e.g. https://alpaca-attack.com/), while still being large enough for useful troubleshooting and normal operation. As part of this change, we also remove the AUTH-specific failures limit, because they're covered by the connection limit.
-
Alberto Bertogli authored
When we receive unknown commands, we use the first 6 bytes for troubleshooting (e.g. put them in traces and exported metrics). While this is safe, since the different places know how to quote them properly, it makes things more difficult to analyse, since it's not uncommon to see be binary blobs. This patch makes us use the ascii-quoted version instead, to make things easier to analyze.
-
Alberto Bertogli authored
This patch adds a missing golang.org/x/tools sum, that is used by the coverage view generator, so it was missed in the last general update.
-
- 06 Jun, 2021 1 commit
-
-
Alberto Bertogli authored
This patch extends the README to mention explicitly that reporting bugs and sending patches on GitHub is welcome, and also adds a private email where to report security issues. The changes matches the common practice so far, but it's useful to have it explicitly documented.
-
- 05 Jun, 2021 1 commit
-
-
Alberto Bertogli authored
This patch adds tracing for the auth and domaininfo modules. In the latter, we replace the long-running event with the short-term request tracing, which is more practical and useful. There are no logic changes, it only adds tracing instrumentation to help troubleshooting.
-
- 31 May, 2021 1 commit
-
-
Alberto Bertogli authored
-