Skip to content

Raven MDA v0.3.0

Choose a tag to compare

@Aravinda-HWK Aravinda-HWK released this 28 Nov 10:10
a6313fa

Raven Mail Server v0.3.0

📅 Release Date: November 28, 2025

🎯 Overview
Raven v0.3.0 introduces a revolutionary multi-database architecture, built-in SASL authentication service, and role-based email system. This release eliminates external dependencies like Dovecot while significantly improving scalability, security, and code quality through comprehensive refactoring and testing.

✨ What's New

🗄️ Multi-Database Architecture (#85)

Complete database redesign for improved scalability and data isolation:

Database Structure

  • shared.db - Global data for all services

    • Domains configuration
    • User accounts and authentication
    • Role mailboxes definitions
    • User-to-role assignments
  • user_db_.db - Per-user isolated databases

    • User's mailbox hierarchy (INBOX, Sent, Drafts, Trash, etc.)
    • Messages and MIME parts
    • Email headers and addresses
    • Blob storage with deduplication
    • Subscriptions and delivery tracking
    • Outbound message queue
  • role_db_.db - Per-role shared databases

    • Same schema as user databases
    • Enables team/department shared mailboxes

Benefits

  • Data isolation for privacy and security
  • Reduced database lock contention
  • Distributed I/O across multiple database files
  • Improved scalability for multi-user deployments
  • Efficient blob deduplication

👥 Role-Based Email System (#90)

Enterprise-ready shared mailbox functionality:

  • Shared Mailboxes - Multiple users can access the same mailbox
  • Team Collaboration - Departments can share email addresses (support@, sales@, etc.)
  • Role Assignments - Flexible user-to-role mapping
  • Isolated Storage - Each role mailbox has its own database
  • IMAP Support - Full IMAP access to role mailboxes
  • Delivery Routing - Automatic routing to role mailboxes via LMTP

🔐 SASL Authentication Service (#81)

Built-in authentication service eliminating Dovecot dependency:

  • Unix Socket Communication - Secure local socket for MTA integration
  • Multiple Mechanisms - Support for PLAIN and other SASL mechanisms
  • External Auth Integration - Connects to external authentication API
  • Postfix Integration - Direct SMTP authentication support
  • Stateless Design - No session state between authentications
  • Comprehensive Testing - Full test coverage for all mechanisms

Configuration

domain: example.com
auth_server_url: https://auth.example.com/verify

Integration with Postfix

smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/raven/sasl.sock

🔒 Security Enhancements

GoSec Integration (#118, #127)

  • Static security analysis for Go code
  • Detection of common security vulnerabilities
  • SQL injection prevention
  • Command injection protection
  • TLS/SSL configuration validation
  • Fixed all identified security issues

GolangCI-Lint (#112, #125)

  • Comprehensive linting for code quality
  • 40+ linters enabled
  • Consistent code style enforcement
  • Dead code detection
  • Error handling validation

TLS Improvements (#135)

  • Explicit TLS handshake in STARTTLS
  • Enhanced SSL connection handling
  • Better error handling for certificate issues
  • Improved TLS negotiation logging

🏗️ Architecture & Code Quality

Modular Project Structure (#94)

Complete reorganization for maintainability:

internal/
  ├── server/
  │   ├── auth/          - Authentication handlers (#103)
  │   ├── mailbox/       - Mailbox operations (#114)
  │   ├── message/       - Message handling (#109, #111)
  │   ├── selection/     - Mailbox selection (#114)
  │   ├── extension/     - IMAP extensions (#113)
  │   └── models/        - Shared data structures
  ├── delivery/          - LMTP delivery service
  ├── sasl/             - SASL authentication
  └── db/               - Database management

Import Path Refactoring (#92)

  • Renamed from go-imap to raven
  • Consistent package naming
  • Improved code clarity

Configuration Cleanup (#159)

  • Renamed YAML configuration files
  • Standardized configuration structure
  • Better documentation

🐛 Bug Fixes

MIME Handling (#104, #155)

  • Fixed multipart MIME parsing issues
  • Corrected attachment encoding
  • Resolved content-type detection problems
  • Improved boundary detection

Mail Delivery (#97)

  • Fixed intermittent message loss during delivery
  • Corrected database transaction handling
  • Improved error recovery

Authentication (#88)

  • Enhanced email determination logic
  • Better domain validation
  • Improved user lookup

LMTP Server (#83)

  • Improved TCP connection handling
  • Better error logging
  • Enhanced timeout management

🧪 Comprehensive Test Coverage

Massive testing effort across all modules:

Database Tests (#129)

  • DBManager functionality
  • User database creation
  • Role mailbox management
  • Connection pooling

LMTP Tests (#130)

  • Protocol compliance
  • Message parsing
  • Delivery routing
  • Error handling

Storage & Response Tests (#131)

  • Message storage operations
  • IMAP response formatting
  • Error responses

Utils Tests (#132)

  • Helper functions
  • String manipulation
  • Date parsing

Configuration Tests (#133)

  • ClientState management
  • Configuration loading
  • Validation logic

Server Utilities Tests (#136)

  • Server startup/shutdown
  • Connection management
  • Request routing

Parser Tests (#146)

  • Email parsing
  • Header extraction
  • MIME structure

Auth Tests (#147)

  • Authentication mechanisms
  • User validation
  • Token handling

Extension Tests (#148)

  • IDLE command
  • NAMESPACE command

Mailbox Handler Tests (#149)

  • LSUB command
  • LIST command
  • Pattern matching

Message Handler Tests (#150)

  • Message operations
  • Flag management

Middleware Tests (#151)

  • Request validation
  • Error handling
  • Logging

Selection Tests (#152)

  • Mailbox selection
  • State management

UID Tests (#153)

  • UID operations
  • Sequence handling

Integration Tests (#157)

  • Models integration
  • Middleware integration
  • Selection integration
  • Core server functionality

Test Coverage

  • 40+ test suites added
  • 500+ individual test cases
  • CI/CD integration for all tests
  • Comprehensive edge case coverage

📚 Documentation Updates

README.md

  • Updated architecture overview
  • Added SASL service documentation
  • Multi-database architecture explanation
  • Enhanced configuration examples

SECURITY.md

  • Updated supported versions (v0.3.x)
  • Fixed PGP key path
  • Clarified security policies

DELIVERY_SERVICE.md

  • Simplified and streamlined
  • Essential configuration only
  • Quick start focus

⚙️ Configuration

IMAP Server (raven.yaml)

domain: example.com
auth_server_url: https://auth.example.com/verify

Delivery Service (delivery.yaml)

lmtp:
  unix_socket: /var/run/raven/lmtp.sock
  tcp_address: 127.0.0.1:24
  max_size: 52428800  # 50MB
  hostname: mail.example.com

database:
  path: data  # Directory for all databases

delivery:
  default_folder: INBOX
  allowed_domains:
    - example.com

logging:
  level: info
  format: text

🐳 Docker Deployment

docker pull ghcr.io/lsflk/raven:latest
docker run -d --rm \
  --name raven \
  -p 143:143 -p 993:993 -p 24:24 \
  -v $(pwd)/config:/etc/raven \
  -v $(pwd)/data:/app/data \
  -v $(pwd)/certs:/certs \
  -v $(pwd)/delivery.yaml:/app/delivery.yaml \
  ghcr.io/lsflk/raven:latest

⚠️ Breaking Changes

💾 Database Schema

The database architecture has been completely redesigned:

  • Old Format: Single mail.db database
  • New Format: Multi-database architecture
    • shared.db - Global data
    • user_db_*.db - Per-user databases
    • role_db_*.db - Per-role databases

Action Required: Migration from v0.2.0 is not supported. Fresh installation required.

📦 Service Architecture

New three-service architecture:

  1. IMAP Server (Ports 143, 993)
  2. LMTP Delivery Service (Port 24)
  3. SASL Authentication Service (Unix socket)

Action Required: Update Docker configuration to expose SASL socket if using Postfix SMTP authentication.

⚙️ Configuration Files

Configuration structure updated:

  • IMAP: raven.yaml
  • Delivery: delivery.yaml
  • Database path now points to directory, not file

Action Required: Update configuration files to new format.

🔧 Technical Details

Service Ports

Service Port/Socket Protocol Description
IMAP 143 TCP Unencrypted IMAP
IMAPS 993 TCP TLS/SSL IMAP
LMTP 24 TCP Mail delivery
LMTP /var/run/raven/lmtp.sock Unix Socket Local delivery
SASL /var/run/raven/sasl.sock Unix Socket Authentication

Database Files

File Purpose Tables
shared.db Global data domains, users, role_mailboxes, user_role_assignments
user_db_*.db User mailboxes mailboxes, messages, message_parts, headers, blobs, etc.
role_db_*.db Role mailboxes Same schema as user databases

IMAP Commands Support

All IMAP commands from v0.2.0 remain fully supported with enhanced reliability:

  • ✅ CAPABILITY, LOGIN, AUTHENTICATE, STARTTLS
  • ✅ LIST, LSUB, SUBSCRIBE, UNSUBSCRIBE
  • ✅ CREATE, DELETE, RENAME
  • ✅ SELECT, EXAMINE, STATUS
  • ✅ FETCH, SEARCH, STORE, COPY
  • ✅ UID, APPEND, CHECK, CLOSE, EXPUNGE
  • ✅ NOOP, IDLE, NAMESPACE, UNSELECT

⚡ Performance Improvements

  • Reduced database lock contention with per-user databases
  • Faster mailbox operations with isolated storage
  • Improved concurrent user handling
  • Better memory efficiency with connection pooling
  • Optimized blob deduplication

🔐 Security Improvements

  • GoSec static analysis integration
  • All security vulnerabilities fixed
  • Enhanced TLS/SSL handling
  • Improved input validation
  • Better error handling to prevent information leakage
  • Secure socket permissions

🚧 Known Limitations

  • SQLite-based storage (not suitable for massive scale deployments)
  • No built-in SMTP server (requires external MTA like Postfix)
  • Authentication requires external auth server
  • Single-server deployment only (no clustering)

📦 Upgrade Instructions

From v0.2.0

  1. Backup existing data (cannot be migrated)
  2. Pull latest image: docker pull ghcr.io/lsflk/raven:latest
  3. Update configuration files to new format
  4. Update Docker run command:
    • Change database volume mount
    • Add SASL socket volume (optional)
  5. Restart container with new configuration

Note: Database format is incompatible. You will need to start fresh or manually migrate data.

Fresh Installation

Follow the Quick Start guide in README.md

💬 Support & Documentation

🙏 Contributors

Thanks to all contributors who made this release possible!

📊 Full Changelog

v0.2.0...v0.3.0

Total Changes:

  • 40+ merged pull requests
  • 500+ commits
  • 40+ test suites added
  • 3 major features
  • 10+ bug fixes
  • Complete architectural redesign

🎉 Raven v0.3.0 represents a major milestone with enterprise-ready features, improved security, and a solid foundation for future development. The new multi-database architecture and role-based email system make Raven suitable for organizational email deployments.