Features

[wesley974]

Let's discuss about the features we need to implement.
And start to fill the README.

Thank's to @jaypatelani @vetelko @teatkin @qbit and @romanzolotarev for joining!!

[wesley974]

What's about the following ?

• Multiple domains support with only one admin
• Work on OpenBSD 6.3
• Maildir format
• MTA : OpenSMTPD
• DKIM support
• Antispam : spamd with spf walk
• MDA : Dovecot
• POP3 / IMAP Protocol
• Manage Sieve
• MUA : Roundcubemail
• Web Server : httpd
• Let's Encrypt certificate
• Packet Filter
• CLI to manage domains/users and spam, monitoring (cpu, mem, free space, used space per user)
• Installer (a mix of shell scripts)
• Full comments on any scripts and configuration files
• Describe how to backup & restore your server

[wesley974]

What's about the following ?

• Multiple domains support with only one admin
• Work on OpenBSD 6.3
• Maildir format
• MTA : OpenSMTPD
• DKIM support
• Antispam : spamd with spf walk
• MDA : Dovecot
• POP3 / IMAP Protocol
• Manage Sieve
• MUA : Roundcubemail
• Web Server : httpd
• Let's Encrypt certificate
• Packet Filter
• CLI to manage domains/users and spam, monitoring (cpu, mem, free space, used space per user)
• Installer (a mix of shell scripts)
• Full comments on any scripts and configuration files
• Describe how to backup & restore your server

[mhekeler]

I would opt for a KISS concept.

Meaning using plain text files wherever possible. (-> This means store the users, passwords, rules in plaintext - no databases).
But it depends on the fact, who should admin the mailserver? The root of the box or the mailuser? Should the project result in a system that

• is set up by me serving multiple clients. Or is the goal of the project something
• like an adminpanel where a client can configure his maildomain, (add mailboxes, create mappings... - something like Confix or Plesk).

I think this design question comes first, because if root (or any other system user) manages the mailbox then he can easily fire up vim /etc/mail/foo, but if the owner of the maildomain manages it then this user has no permissions in filesystem and we need a database.

Right?

[mhekeler]

I would opt for a KISS concept.

Meaning using plain text files wherever possible. (-> This means store the users, passwords, rules in plaintext - no databases).
But it depends on the fact, who should admin the mailserver? The root of the box or the mailuser? Should the project result in a system that

• is set up by me serving multiple clients. Or is the goal of the project something
• like an adminpanel where a client can configure his maildomain, (add mailboxes, create mappings... - something like Confix or Plesk).

I think this design question comes first, because if root (or any other system user) manages the mailbox then he can easily fire up vim /etc/mail/foo, but if the owner of the maildomain manages it then this user has no permissions in filesystem and we need a database.

Right?

[wesley974]

I can see 2 cases :

• We host multiple domains, so it will be best to enable a user to administrate his own domain using a CLI or a GUI.
• We host only one domain, so 'root' can be used to administrate.

[wesley974]

I can see 2 cases :

• We host multiple domains, so it will be best to enable a user to administrate his own domain using a CLI or a GUI.
• We host only one domain, so 'root' can be used to administrate.

[mhekeler]

But isn´t there a 3. case

• We host multiple domains, and 'root' is the only one to administrate.

This usecase is what I do on my servers.
I have clients that are no techie people. They don´t know how to setup a mailbox. They even don´t know exactly what they want. They only know that they want to "send and receive a letter via internet".

...and in the end I don´t want them to create mailboxes, emailaddresses or passwords on my machines. I want to do it myself, so I can be sure that it is setup correct and then I can give support.

[mhekeler]

But isn´t there a 3. case

• We host multiple domains, and 'root' is the only one to administrate.

This usecase is what I do on my servers.
I have clients that are no techie people. They don´t know how to setup a mailbox. They even don´t know exactly what they want. They only know that they want to "send and receive a letter via internet".

...and in the end I don´t want them to create mailboxes, emailaddresses or passwords on my machines. I want to do it myself, so I can be sure that it is setup correct and then I can give support.

[teatkin]

I think what we need is #3 where one person administers the extra domains from the root account but will fall back to #1 with the default domain if the users don't want/have their own domain

[teatkin]

I think what we need is #3 where one person administers the extra domains from the root account but will fall back to #1 with the default domain if the users don't want/have their own domain

[wesley974]

Ok it will be great if we can discuss with the others about this

• We host multiple domains, so it will be best to enable a user to administrate his own domain using a CLI or a GUI.
• We host multiple domains, and 'root' is the only one to administrate.
• We host only one domain, and 'root' is the only one to administrate.

[wesley974]

Ok it will be great if we can discuss with the others about this

• We host multiple domains, so it will be best to enable a user to administrate his own domain using a CLI or a GUI.
• We host multiple domains, and 'root' is the only one to administrate.
• We host only one domain, and 'root' is the only one to administrate.

[teatkin]

If we allow more than 1 domain, we definitely need a fallback

[teatkin]

If we allow more than 1 domain, we definitely need a fallback

[wesley974]

Keeping this one

"We host multiple domains, and 'root' is the only one to administrate"

It simplifies a lot. We can stay on plain-text files. And perhaps inspire us from the OpenSMTPD FAQ.
And even complete the FAQ for a full featured mailserver !

[wesley974]

Keeping this one

"We host multiple domains, and 'root' is the only one to administrate"

It simplifies a lot. We can stay on plain-text files. And perhaps inspire us from the OpenSMTPD FAQ.
And even complete the FAQ for a full featured mailserver !

[jaypatelani]

I think we keep only one domain ..

[jaypatelani]

I think we keep only one domain ..

[wesley974]

Installer could let you to choose between 2 models (Single | Multiple Domains).

[wesley974]

Installer could let you to choose between 2 models (Single | Multiple Domains).

[teatkin]

I am somewhat inclined to agree with @jaypatelani. I think we need to keep this like a "corporate" email and then it can be used as a template for other people who want to use their own domain

[teatkin]

I am somewhat inclined to agree with @jaypatelani. I think we need to keep this like a "corporate" email and then it can be used as a template for other people who want to use their own domain

[wesley974]

@jaypatelani @teatkin there are already many full examples of such configuration on the web.
It will be awesome to try to complete the OpenSMTPD FAQ, turn this into a full featured mailserver.
That said, it s just my opinion, we need to debate :-)

[wesley974]

@jaypatelani @teatkin there are already many full examples of such configuration on the web.
It will be awesome to try to complete the OpenSMTPD FAQ, turn this into a full featured mailserver.
That said, it s just my opinion, we need to debate :-)

[mhekeler]

I think it changes not much if there is single domain or multiple domains.
I think the only thing that would have the design to change is if there are multiple administrators with different permissions.

[mhekeler]

I think it changes not much if there is single domain or multiple domains.
I think the only thing that would have the design to change is if there are multiple administrators with different permissions.

[wesley974]

We go for multiple domains support with only one admin.
Right ?

[wesley974]

We go for multiple domains support with only one admin.
Right ?

[mischapeters]

Great idea to fully document a total solution. I have been meaning to rework PostfixAdmin to (Open)SMTPdAdmin. But from a README perspective I would suggest to indeed to for a single admin. If you have managed to get the setup running, changing the setup for multiple admins is going to be the easier part. ;)

[mischapeters]

Great idea to fully document a total solution. I have been meaning to rework PostfixAdmin to (Open)SMTPdAdmin. But from a README perspective I would suggest to indeed to for a single admin. If you have managed to get the setup running, changing the setup for multiple admins is going to be the easier part. ;)

[mischapeters]

As for anti-spam I would suggest to focus on spamd and not rspamd or SpamAssassin.

[mischapeters]

As for anti-spam I would suggest to focus on spamd and not rspamd or SpamAssassin.

[wesley974]

Questions :

• Why SpamAssassin instead of rspamd ?
• spamd as blacklist mode or greylisting mode ?

[wesley974]

Questions :

• Why SpamAssassin instead of rspamd ?
• spamd as blacklist mode or greylisting mode ?

[mischapeters]

Wasn't clear enough... not rspamd and not SpamAssassin. :)
spamd in greylist mode including spf walk to whitelist the big mailers.

[mischapeters]

Wasn't clear enough... not rspamd and not SpamAssassin. :)
spamd in greylist mode including spf walk to whitelist the big mailers.

[tvlooy]

What will the examples look like? I built an example 3 node OpenBGPd setup that can be started with Vagrant and is provisioned with ansible. It's minimal but does it's job https://github.com/tvlooy/openbsd_examples/tree/master/bgp_ansible I'm not sure if vmm for Vagrant already works (my example uses VirtualBox) but if that's the case it seems to me like a good solution?

[tvlooy]

What will the examples look like? I built an example 3 node OpenBGPd setup that can be started with Vagrant and is provisioned with ansible. It's minimal but does it's job https://github.com/tvlooy/openbsd_examples/tree/master/bgp_ansible I'm not sure if vmm for Vagrant already works (my example uses VirtualBox) but if that's the case it seems to me like a good solution?

[mischapeters]

Thank you for the invite as for MTA I would suggest OpenSMTPd and use as much in base as possible. Which is also the reason I suggested spamd. Provides pretty solid anti-spam, especially now with spf walk.

[mischapeters]

Thank you for the invite as for MTA I would suggest OpenSMTPd and use as much in base as possible. Which is also the reason I suggested spamd. Provides pretty solid anti-spam, especially now with spf walk.

[wesley974]

@mischapeters you re welcome. Ok for OpenSMTPD.
Regarding spamd, i'm by no means a 'greylist' supporter; at work we have clients that complains with delay receiving new emails.

@mhekeler OK for multiple domains support with only one admin.

[wesley974]

@mischapeters you re welcome. Ok for OpenSMTPD.
Regarding spamd, i'm by no means a 'greylist' supporter; at work we have clients that complains with delay receiving new emails.

@mhekeler OK for multiple domains support with only one admin.

[wesley974]

@tvlooy examples i talked :
ansible-role-mailserver from gonzalo (single domain support)
caesonia project from vedetta (complex)

[wesley974]

@tvlooy examples i talked :
ansible-role-mailserver from gonzalo (single domain support)
caesonia project from vedetta (complex)

[stevelord]

I'm glad someone pointed out caesonia before I did. All I'd ask is for a mailing list manager and archive as part of the setup.

[stevelord]

I'm glad someone pointed out caesonia before I did. All I'd ask is for a mailing list manager and archive as part of the setup.

[mhekeler]

@wesley974 the link to caesonia project is wrong (an "L" too much ;-))

[mhekeler]

@wesley974 the link to caesonia project is wrong (an "L" too much ;-))

[mhekeler]

I would opt for no antivirus on emailserver.
Antivirus software users (usually) have the service running on their client.
...to be honest I think that an emailserver should just transport (=what goes in should come out).
And BTW: is there anyone that wants to do antivirus properly that relies on ClamAV?

[mhekeler]

I would opt for no antivirus on emailserver.
Antivirus software users (usually) have the service running on their client.
...to be honest I think that an emailserver should just transport (=what goes in should come out).
And BTW: is there anyone that wants to do antivirus properly that relies on ClamAV?

[wesley974]

@mhekeler thank's, corrected! (i.e link) ; OK for no antivirus protection.

[wesley974]

@mhekeler thank's, corrected! (i.e link) ; OK for no antivirus protection.

[wesley974]

@stevelord all will be commented (i.e scripts...conf files)

[wesley974]

@stevelord all will be commented (i.e scripts...conf files)

[jaypatelani]

How about we do "--reject-all --accept-only-contacts"?

[jaypatelani]

How about we do "--reject-all --accept-only-contacts"?

[wesley974]

@jaypatelani it is a good idea, looking in this way, perhaps a web form to complete (with captcha) and then the email address will be allowed...

[wesley974]

@jaypatelani it is a good idea, looking in this way, perhaps a web form to complete (with captcha) and then the email address will be allowed...

[deksar]

Thanks for the invite.

Do we need to work on last OpenBSD Release or -current?
:Definitely on last OpenBSD release. -Current is, sometimes too much, problematic on production syss.

Installer could let you to choose between 2 models (Single | Multiple Domains).
👍 Great idea! As well as, when it's on 'Multiple Domains', it will be best to enable a user to administrate his own domain using a CLI or a GUI. So an admin user per his/her own domain(s).

[deksar]

Thanks for the invite.

Do we need to work on last OpenBSD Release or -current?
:Definitely on last OpenBSD release. -Current is, sometimes too much, problematic on production syss.

Installer could let you to choose between 2 models (Single | Multiple Domains).
👍 Great idea! As well as, when it's on 'Multiple Domains', it will be best to enable a user to administrate his own domain using a CLI or a GUI. So an admin user per his/her own domain(s).

[wesley974]

@deksar but on next release, OpenSMTPD configuration file (new grammar) will need to be upgraded... we need to think about this point. We ll support multiple domains with only one admin user, later it could be changed.

[wesley974]

@deksar but on next release, OpenSMTPD configuration file (new grammar) will need to be upgraded... we need to think about this point. We ll support multiple domains with only one admin user, later it could be changed.

[jaypatelani]

We can have similar to https://mailinabox.email/

[jaypatelani]

We can have similar to https://mailinabox.email/

[teatkin]

If we do want to run -current to use the new grammar, we'll have to make sure the hosting provider provides out-of-band console access that can access the console before the kernel has booted

[teatkin]

If we do want to run -current to use the new grammar, we'll have to make sure the hosting provider provides out-of-band console access that can access the console before the kernel has booted

[Synchro]

As @jaypatelani mentioned, is there any reason not to port mailinabox.email? It's what I moved to after my old OpenBSD setup and it works really well. It's all pretty standard stuff, so it should mostly be a matter of making it work with the differences in OpenBSD packages, and you gain the benefit of a ready-to-roll management app.

As far as installers go, I'd recommend building this using something like ansible rather than trying to build a config from scratch using shell scripts.

[Synchro]

As @jaypatelani mentioned, is there any reason not to port mailinabox.email? It's what I moved to after my old OpenBSD setup and it works really well. It's all pretty standard stuff, so it should mostly be a matter of making it work with the differences in OpenBSD packages, and you gain the benefit of a ready-to-roll management app.

As far as installers go, I'd recommend building this using something like ansible rather than trying to build a config from scratch using shell scripts.

[wesley974]

@Synchro @jaypatelani it uses Postfix, and the purpose of this project is to make something based on KISS concept, and use much in base as possible.

[wesley974]

@Synchro @jaypatelani it uses Postfix, and the purpose of this project is to make something based on KISS concept, and use much in base as possible.

[wesley974]

@teatkin if we decide to work with -current, the project aim will be to use it with OpenBSD 6.4.

[wesley974]

@teatkin if we decide to work with -current, the project aim will be to use it with OpenBSD 6.4.

[stevelord]

What is going to be the difference between this and Caesonia? If the only difference is the choice of software, then wouldn't we be better off improving Caesonia rather than starting a new project?

What if we try to teach people what the components are, and get them to build it in a structured way? It's one thing to run a script to build a mailserver that mostly works but it's another to have it working without any black magic involved.

[stevelord]

What is going to be the difference between this and Caesonia? If the only difference is the choice of software, then wouldn't we be better off improving Caesonia rather than starting a new project?

What if we try to teach people what the components are, and get them to build it in a structured way? It's one thing to run a script to build a mailserver that mostly works but it's another to have it working without any black magic involved.

[teatkin]

I have to agree with @stevelord. The one thing that stopped me setting up my mail server is not being able to understand how mail systems work under the hood.

[teatkin]

I have to agree with @stevelord. The one thing that stopped me setting up my mail server is not being able to understand how mail systems work under the hood.

[aminb]

@wesley974 Thanks for the invitation!

Since @jaypatelani mentioned Mail-in-a-Box, I'll mention Mailu (repo at Mailu/Mailu) as well, which is a simple, yet full-featured, Docker-based mail server I've been using for a couple of years. The images are based on Alpine Linux, but regardless, I think it's a well put-together solution worth looking into for inspiration. There's mailcow too but I haven't personally used that one.

Edit: There's also the How To Run Your Own Mail Server guide for running a mail server on FreeBSD, and ISPmail for running one on Debian Stretch. Both great resources.

[aminb]

@wesley974 Thanks for the invitation!

Since @jaypatelani mentioned Mail-in-a-Box, I'll mention Mailu (repo at Mailu/Mailu) as well, which is a simple, yet full-featured, Docker-based mail server I've been using for a couple of years. The images are based on Alpine Linux, but regardless, I think it's a well put-together solution worth looking into for inspiration. There's mailcow too but I haven't personally used that one.

Edit: There's also the How To Run Your Own Mail Server guide for running a mail server on FreeBSD, and ISPmail for running one on Debian Stretch. Both great resources.

[law]

Might as well throw 'JMAP support' onto the heap while we're at it.

[law]

Might as well throw 'JMAP support' onto the heap while we're at it.

[taoeffect]

Since @jaypatelani mentioned Mail-in-a-Box, I'll mention Mailu (repo at Mailu/Mailu)

Another shoutout for Mailu — while I haven't had a chance to test it out myself yet, it did top my list of "best self-hosted email implementations".

[taoeffect]

Since @jaypatelani mentioned Mail-in-a-Box, I'll mention Mailu (repo at Mailu/Mailu)

Another shoutout for Mailu — while I haven't had a chance to test it out myself yet, it did top my list of "best self-hosted email implementations".

[mhekeler]

...then wouldn't we be better off improving Caesonia rather than starting a new project?

To be honest this is what I thought in the beginning of the project :-/
Why not collaborate to an existing project to make it work with opensmtpd? Not specifically caesonia. But there are so many solution for a mailserver out there - a few projects was mentioned before. I also like to mention iRedmail. It works on openbsd and is actively maintained. But works with postfix.

[mhekeler]

...then wouldn't we be better off improving Caesonia rather than starting a new project?

To be honest this is what I thought in the beginning of the project :-/
Why not collaborate to an existing project to make it work with opensmtpd? Not specifically caesonia. But there are so many solution for a mailserver out there - a few projects was mentioned before. I also like to mention iRedmail. It works on openbsd and is actively maintained. But works with postfix.

[jaypatelani]

We need to use OpenSMTPD only. And maximum options from base. We can use sitexx from faq to provide mailu/mail-in-a-box similar ISO.

[jaypatelani]

We need to use OpenSMTPD only. And maximum options from base. We can use sitexx from faq to provide mailu/mail-in-a-box similar ISO.

[mischapeters]

I agree with Jay on this one. Focus should be base and only pick pieces, which are needed / relevant, that are not. Which is why I like spamd, with spf walk the majority is delivered in time. Will be different when filters are included again in OpenSMTPd.

[mischapeters]

I agree with Jay on this one. Focus should be base and only pick pieces, which are needed / relevant, that are not. Which is why I like spamd, with spf walk the majority is delivered in time. Will be different when filters are included again in OpenSMTPd.

[wesley974]

The purpose of this project is to use maximum options from base, so using a CLI (KSH script) will limit to add packages for a specific GUI. We ll just need Roundcube, DKIM, and Dovecot (+sieve).

[wesley974]

The purpose of this project is to use maximum options from base, so using a CLI (KSH script) will limit to add packages for a specific GUI. We ll just need Roundcube, DKIM, and Dovecot (+sieve).

[stevelord]

It sounds like @wesley974 has chosen a direction, I think we should choose to get behind it or jump off. I think given my free time and desire not to reinvent the wheel, I'll jump off shortly but I look forward to seeing the output and wish everyone well.

[stevelord]

It sounds like @wesley974 has chosen a direction, I think we should choose to get behind it or jump off. I think given my free time and desire not to reinvent the wheel, I'll jump off shortly but I look forward to seeing the output and wish everyone well.

[stevelord]

Also further to @jaypatelani and @taoeffect, I run Mailu. The whole setup and interface is pretty awesome. However, I have absolutely no idea what code is running on that mailserver at any point in time, which is also pretty terrifying.

I plan to move it to OpenBSD at some point, but I'm going to miss that nice web interface.

[stevelord]

Also further to @jaypatelani and @taoeffect, I run Mailu. The whole setup and interface is pretty awesome. However, I have absolutely no idea what code is running on that mailserver at any point in time, which is also pretty terrifying.

I plan to move it to OpenBSD at some point, but I'm going to miss that nice web interface.

[alphacc]

For the sake of history https://github.com/mailserv/mailserv/ had a really simple/nice/powerful admin interface. I was a paid customer from @allard offering it was very nice.tool.

[alphacc]

For the sake of history https://github.com/mailserv/mailserv/ had a really simple/nice/powerful admin interface. I was a paid customer from @allard offering it was very nice.tool.

[wesley974]

Can i have your choice (everyone) ? Keep things simple with a minimum of installed packages and a CLI or try to port 'mail-in-a-box' or 'mailu' to OpenBSD ?

[wesley974]

Can i have your choice (everyone) ? Keep things simple with a minimum of installed packages and a CLI or try to port 'mail-in-a-box' or 'mailu' to OpenBSD ?

[wesley974]

@alphacc i used it also, and i have a 6.0 running version : https://github.com/wesley974/mailserver
With script to upgrade to 6.3 ; and yes, the admin console in rails is a power one!

[wesley974]

@alphacc i used it also, and i have a 6.0 running version : https://github.com/wesley974/mailserver
With script to upgrade to 6.3 ; and yes, the admin console in rails is a power one!

[teatkin]

A very well commented and explained set of config files and maybe roundcube (I've been meaning to learn BCHS, maybe here's a project for me) and some ksh scripts. I like mail-in-a-box type projects but they black box the user somewhat (in that the user likely never looks at the source to know what their server is doing)

[teatkin]

A very well commented and explained set of config files and maybe roundcube (I've been meaning to learn BCHS, maybe here's a project for me) and some ksh scripts. I like mail-in-a-box type projects but they black box the user somewhat (in that the user likely never looks at the source to know what their server is doing)

[stevelord]

If I could make a suggestion:

• Consider who the ideal users are going to be, their systems experience and skill levels
• Consider an upgrade path (e.g. OpenSMTPd grammar change, release vs current)
• Consider ease of deployment and ease of understanding what's going on underneath

My personal preferences:

• Assume users are using Vultr//, and are Linux users unfamiliar with OpenBSD, SMTP, DNS etc.
• Ansible for deployment, comment everything. Heavy focus on modular, concise documentation in code and site. No magic, no black boxing.
• Base where possible (smtpd, httpd, spamd), tracking RELEASE so they upgrade once a year

I would include a walkthrough of setting up the install on a VPS on Vultr with a domain from a specific provider as part of the docs.

Those are just my personal prefs but it's your train set. I can help out with docs on DNS and SMTP integration and client configuration, but I know little about the underlying code (aside from Dovecot, httpd, acme-client and Roundcube)

[stevelord]

If I could make a suggestion:

• Consider who the ideal users are going to be, their systems experience and skill levels
• Consider an upgrade path (e.g. OpenSMTPd grammar change, release vs current)
• Consider ease of deployment and ease of understanding what's going on underneath

My personal preferences:

• Assume users are using Vultr//, and are Linux users unfamiliar with OpenBSD, SMTP, DNS etc.
• Ansible for deployment, comment everything. Heavy focus on modular, concise documentation in code and site. No magic, no black boxing.
• Base where possible (smtpd, httpd, spamd), tracking RELEASE so they upgrade once a year

I would include a walkthrough of setting up the install on a VPS on Vultr with a domain from a specific provider as part of the docs.

Those are just my personal prefs but it's your train set. I can help out with docs on DNS and SMTP integration and client configuration, but I know little about the underlying code (aside from Dovecot, httpd, acme-client and Roundcube)

[wesley974]

We will need to take a decision soon. So give me your suggestions and we will decide together on which one we ll go with.

[wesley974]

We will need to take a decision soon. So give me your suggestions and we will decide together on which one we ll go with.

[mischapeters]

I guess it all depends on how complete / complicated you want to make this? I personally would be against adding Ansible or any orchstrator in the mix. OpenBSD defaults are sane and don't require a lot of tweaking. Installing a bunch of packges can be even done with a single command.

My suggestion would be to focus on the base functionality first. Incoming/Outgoing/Reading with a level of security and Anti-Spam. Anything beyond that, GUI, Ansible, Monitoring, Quota support etc... should be out side of initial scope and a follow up jumpstart maybe?

Jumpstart Mailserver, part 1
Jumpstart Mailserver, part 2 -> Make it fancy!

:)

[mischapeters]

I guess it all depends on how complete / complicated you want to make this? I personally would be against adding Ansible or any orchstrator in the mix. OpenBSD defaults are sane and don't require a lot of tweaking. Installing a bunch of packges can be even done with a single command.

My suggestion would be to focus on the base functionality first. Incoming/Outgoing/Reading with a level of security and Anti-Spam. Anything beyond that, GUI, Ansible, Monitoring, Quota support etc... should be out side of initial scope and a follow up jumpstart maybe?

Jumpstart Mailserver, part 1
Jumpstart Mailserver, part 2 -> Make it fancy!

:)

[stevelord]

I mentioned Ansible, because large shell scripts tend to be full of the magic we should avoid. However, as long as the result is reasonably sane, modular and can avoid the magic, I'm all for it.

[stevelord]

I mentioned Ansible, because large shell scripts tend to be full of the magic we should avoid. However, as long as the result is reasonably sane, modular and can avoid the magic, I'm all for it.

[deksar]

My suggestion is; a Monitor page would truly be useful and needed. Showing statistics on CPU/MEM/SWAP/Disk Space/Total users/Disk Usage on Domains
Quotas/disk usage limit per users/domains are also well needed on Mailservers usually. Especially when they run on a limited VPSs.

[deksar]

My suggestion is; a Monitor page would truly be useful and needed. Showing statistics on CPU/MEM/SWAP/Disk Space/Total users/Disk Usage on Domains
Quotas/disk usage limit per users/domains are also well needed on Mailservers usually. Especially when they run on a limited VPSs.

[mischapeters]

IMHO it doesn't really involve mail as such. I believe the premise for the document will be single admin, single domain. I agree that monitoring would be useful but is not specifically related to mail. These days storage is cheap, even for a VPS.

[mischapeters]

IMHO it doesn't really involve mail as such. I believe the premise for the document will be single admin, single domain. I agree that monitoring would be useful but is not specifically related to mail. These days storage is cheap, even for a VPS.

[wesley974]

So, are you all agree with the following ?

• Multiple domains support with only one admin
• Work on OpenBSD 6.3
• Maildir format
• MTA : OpenSMTPD
• DKIM support
• Antispam : spamd with spf walk
• MDA : Dovecot
• POP3 / IMAP Protocol
• Manage Sieve
• MUA : Roundcubemail
• Web Server : httpd
• Let's Encrypt certificate
• Packet Filter
• CLI to manage domains/users and spam, monitoring (cpu, mem, free space, used space per user)
• Installer (a mix of shell scripts)
• Full comments on any scripts and configuration files
• Describe how to backup & restore your server

[wesley974]

So, are you all agree with the following ?

• Multiple domains support with only one admin
• Work on OpenBSD 6.3
• Maildir format
• MTA : OpenSMTPD
• DKIM support
• Antispam : spamd with spf walk
• MDA : Dovecot
• POP3 / IMAP Protocol
• Manage Sieve
• MUA : Roundcubemail
• Web Server : httpd
• Let's Encrypt certificate
• Packet Filter
• CLI to manage domains/users and spam, monitoring (cpu, mem, free space, used space per user)
• Installer (a mix of shell scripts)
• Full comments on any scripts and configuration files
• Describe how to backup & restore your server

[mischapeters]

Has my vote

[mischapeters]

Has my vote

[vetelko]

Has my vote

[vetelko]

Has my vote

[Synchro]

That list makes it even more worthwhile looking at mailnabox. The only differences are:

• Running on OpenBSD
• Using OpenSMTPd instead of Postfix
• Using httpd instead of nginx

There's a vast amount in common and it works in pretty much the same way - all standard packages, held together with minimal shell scripts.

mailinabox also has full DNS control (which allows it to automate SPF and DKIM config), including complete DNSSEC support. It also integrates NextCloud, so it has shared address books, calendars, file sharing etc.

[Synchro]

That list makes it even more worthwhile looking at mailnabox. The only differences are:

• Running on OpenBSD
• Using OpenSMTPd instead of Postfix
• Using httpd instead of nginx

There's a vast amount in common and it works in pretty much the same way - all standard packages, held together with minimal shell scripts.

mailinabox also has full DNS control (which allows it to automate SPF and DKIM config), including complete DNSSEC support. It also integrates NextCloud, so it has shared address books, calendars, file sharing etc.

[wesley974]

Waiting for more confirmations to close this first issue.

[wesley974]

Waiting for more confirmations to close this first issue.

[law]

Do we want to have JMAP support?

[law]

Do we want to have JMAP support?

[aminb]

👍 from me as well for the list. However, along with SPF I'd also add DMARC too.

[aminb]

👍 from me as well for the list. However, along with SPF I'd also add DMARC too.

[law]

+1 for DMARC/SPF/DKIM. I missed that in my initial read-thru.

[law]

+1 for DMARC/SPF/DKIM. I missed that in my initial read-thru.

[aminb]

Yeah JMAP would be nice too, but I believe Dovecot doesn't support it yet, no?

[aminb]

Yeah JMAP would be nice too, but I believe Dovecot doesn't support it yet, no?

[yukiisbored]

I think supporting JMAP doesn't add much (yet). We can consider it a stretch goal.

[yukiisbored]

I think supporting JMAP doesn't add much (yet). We can consider it a stretch goal.

[yukiisbored]

I would suggest doing milestones for this project instead of getting all of them done.

For example:

1. Basics: Basic OpenSMTPd setup with Dovecot
2. User Experience: Roundcube
3. Spring Cleaning
4. Security: Let's Encrypt, DKIM
5. Spam control: Spamd
6. Spring Cleaning
   etc

[yukiisbored]

I would suggest doing milestones for this project instead of getting all of them done.

For example:

1. Basics: Basic OpenSMTPd setup with Dovecot
2. User Experience: Roundcube
3. Spring Cleaning
4. Security: Let's Encrypt, DKIM
5. Spam control: Spamd
6. Spring Cleaning
   etc

[deksar]

The list has my vote. Will STARTTLS, SSL/TLS encrypted IMAP/POP3/SMTP all be supported?

[deksar]

The list has my vote. Will STARTTLS, SSL/TLS encrypted IMAP/POP3/SMTP all be supported?

[wesley974]

@deksar sure.

[wesley974]

@deksar sure.

[jaypatelani]

+1

[jaypatelani]

+1

[mhekeler]

Regarding @wesley974 list:

What´s the purpose of No. 11: "Web Server : httpd"
I thought this project should result in deploying a mailserver?!?

Does it mean the http part for the lets encrypt acme challenge?

[mhekeler]

Regarding @wesley974 list:

What´s the purpose of No. 11: "Web Server : httpd"
I thought this project should result in deploying a mailserver?!?

Does it mean the http part for the lets encrypt acme challenge?

[wesley974]

@mhekeler a full mailserver includes a webmail like for example roundcube, so httpd + Let's encrypt certificate

[wesley974]

@mhekeler a full mailserver includes a webmail like for example roundcube, so httpd + Let's encrypt certificate

[mhekeler]

@wesley974 I understand

but isn´t the webmail more like a "client task"?
Is the project going to build a full mailing solution like the often mentioned mailu/mailcow/iredmail/ispmail/mail-in-a-box/...
with server + (web-)client and configs managed by a nice GUI (web framework)?

[mhekeler]

@wesley974 I understand

but isn´t the webmail more like a "client task"?
Is the project going to build a full mailing solution like the often mentioned mailu/mailcow/iredmail/ispmail/mail-in-a-box/...
with server + (web-)client and configs managed by a nice GUI (web framework)?

[wesley974]

no more than listed.

[wesley974]

no more than listed.