Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' of github.com:baudehlo/Haraka
Conflicts: tests/rfc1869.js
- Loading branch information
Showing
122 changed files
with
4,153 additions
and
642 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,41 @@ | ||
- Rate Limiting for outbound mail (there's a branch for this but it's incomplete) | ||
- Milter support | ||
- Ability to modify the body of email (e.g add a banner) | ||
- Create a config file for each of the core shipping configs, so people have something as a baseline | ||
- IMAP server (long shot for now) | ||
- Plugins to copy from Qpsmtpd: | ||
- bogus_bounce (checks bounces have one recipient and no return-path) | ||
- dspam | ||
- greylisting | ||
- karma? | ||
- virus/* | ||
|
||
Outbound improvements | ||
- Rate Limiting (there's a branch for this but it's incomplete) | ||
- Provide better command line tools for manipulating/inspecting the queue | ||
- Add the ability to force a run on a specific queue file or destination domain | ||
- Make retry times configurable (handle RFC requirements for 5 days and DSN queued warnings) | ||
- Limit concurrency by domain | ||
- Disable deliveries for a domain | ||
- Pool connections by domain/MX | ||
|
||
Plugin behavior changes | ||
- in SpamAssassin plugin, change default behavior of 'legacy' status header. | ||
Presently, when undefined, legacy is used. Legacy support should be changed to | ||
only when requested, with a sunset date. | ||
|
||
Remove the following deprecated plugins | ||
- rdns.regexp | ||
- data.nomsgid | ||
- data.noreceived | ||
- data.rfc5322_header_checks | ||
- daemonize | ||
- mail_from.nobounces | ||
|
||
Rename the following plugins | ||
- toobusy -> connect.toobusy | ||
- attachment -> data.attachment | ||
- avg -> data.avg | ||
- clamd -> data.clamd | ||
- spamassassin -> data.spamassassin | ||
- spf -> mail_from.spf | ||
|
||
Move the following plugins: | ||
- test_queue -> queue/test_queue |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
|
||
2013.12.27 | ||
|
||
new plugin: data.headers | ||
|
||
deprecates data.rfc5322_header_checks.js | ||
deprecates data.noreceived.js | ||
deprecates data.nomsgid.js | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
host=127.0.0.6 | ||
port=89 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
; reject all bounce messages (generally not a good idea) | ||
reject_all=0 | ||
|
||
; reject bounces that are not RFC compliant (likely faked) | ||
reject_invalid=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
; public_ip: the public IP address of *this* mail server | ||
; if your mail server is not bound to a public IP, you'll have to provide | ||
; this for distance calculations to work. | ||
; public_ip= | ||
|
||
; show_city: show city data in logs and headers | ||
; note: city data is less accurate than country | ||
show_city=1 | ||
|
||
; show_region: show regional data (US states, CA provinces, etc..) | ||
show_region=1 | ||
|
||
; enable distance calculations. If you don't use the distance, leave it | ||
; disabled to save few CPU cycles. | ||
calc_distance=0 | ||
|
||
; if calculating distance, an additional 'too_far' key in the geoip | ||
; connection note can be set to true if the distance exceeds the limit (in | ||
; kilometers). A suggested use for that data is the karma plugin. | ||
;too_far=4000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
|
||
; where the p0f socket is found | ||
; default: socket_path=/tmp/.p0f_socket | ||
socket_path=/tmp/.p0f_socket | ||
|
||
; add_header, add a message header with a p0f summary | ||
; default: X-Haraka-p0f | ||
add_header=X-Haraka-p0f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
; configuration for data.headers plugin | ||
|
||
; Requiring a date header will cause the loss of valid mail. The JavaMail | ||
; sender used by some banks, photo processing services, health insurance | ||
; companies, bounce senders, and others send messages without a Date header. | ||
; | ||
; If you can afford to reject some valid mail, please do enforce this, and | ||
; encourage mailers toward RFC adherence. Otherwise, do not require Date. | ||
|
||
; Headers that MUST be present (RFC 5322) | ||
; required=From,Date ; <-- RFC 5322 compliant | ||
required=From,Date | ||
|
||
; Received | ||
; If you have no outbound, add 'Received' to the required list for an | ||
; aggressive anti-spam measure. It works because all real mail relays will | ||
; add a `Received` header. It may false positive on some bulk mail that | ||
; uses a custom tool to send, but this appears to be fairly rare. | ||
|
||
; If the date header is present, and future and/or past days are | ||
; defined, it will be validated. 0 = disabled | ||
date_future_days=2 | ||
date_past_days=15 | ||
|
||
|
||
; Headers that MUST be unique if present (RFC 5322) | ||
; singular=Date,From,Sender,Reply-To,To,Cc,Bcc,Message-Id,In-Reply-To,References,Subject (RFC 5322) | ||
singular=Date,From,Sender,Reply-To,To,Cc,Bcc,Message-Id,In-Reply-To,References,Subject | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
|
||
; excluded plugins: a list of denials that are to be excluded (ie, all the immediate rejection) | ||
; Examples: <plugin> | ||
; <plugin>:<hook> | ||
; <plugin>:<hook>:<function name> | ||
; | ||
;excluded_plugins=spf,lookup_rdns_strict |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
#!/bin/sh | ||
|
||
usage() { | ||
echo " usage: $0 <example.com> [haraka username]" | ||
echo " " | ||
exit | ||
} | ||
|
||
if [ -z $1 ]; | ||
then | ||
usage | ||
fi | ||
|
||
DOMAIN=$1 | ||
SMTPD=$2 | ||
if [ -z $SMTPD ]; | ||
then | ||
SMTPD="www" | ||
fi | ||
|
||
# create a directory for each DKIM signing domain | ||
mkdir -p $DOMAIN | ||
cd $DOMAIN | ||
|
||
# The selector can be any value that is a valid DNS label | ||
# create in the common format: mmmYYYY (apr2014) | ||
date '+%h%Y' | tr "[:upper:]" "[:lower:]" > selector | ||
|
||
# generate private and public keys | ||
# key length considerations | ||
# The minimum recommended key length for short duration keys (ones that | ||
# will be replaced within a few months) is 1024. If you are unlikely to | ||
# rotate your keys frequently, choose 2048, at the expense of more CPU. | ||
openssl genrsa -out private 2048 | ||
chmod 400 private | ||
openssl rsa -in private -out public -pubout | ||
|
||
# make it really easy to publish the public key in DNS | ||
# by creating a file named 'dns', with instructions | ||
cat > dns <<EO_DKIM_DNS | ||
Add this TXT record to the $DOMAIN DNS zone. | ||
`cat selector | tr -d "\n"`._domainkey TXT "v=DKIM1;p=`grep -v -e '^-' public | tr -d "\n"`" | ||
Tell the world that the ONLY mail servers that send mail from this domain are DKIM signed and/or bear our MX and A records. | ||
With SPF: | ||
SPF "v=spf1 mx a -all" | ||
TXT "v=spf1 mx a -all" | ||
With DMARC: | ||
_dmarc TXT "v=DMARC1; p=reject; adkim=s; aspf=r; rua=mailto:dmarc-feedback@$DOMAIN; ruf=mailto:dmarc-feedback@$DOMAIN; pct=100" | ||
With DomainKeys (deprecated) | ||
_domainkey TXT "o=-; t=y; r=postmaster@$DOMAIN" | ||
For more information about DKIM and SPF policy, the documentation within each plugin contains a longer discussion and links to more detailed information: | ||
haraka -h dkim_sign | ||
haraka -h spf | ||
EO_DKIM_DNS | ||
|
||
cd .. | ||
#chown -R $SMTPD:$SMTPD $DOMAIN |
Oops, something went wrong.