Reinstate the MTA-STS (Strict Transport Security) implementation

This commit brings back the experimental MTA-STS (Strict Transport Security) implementation, removed in commit 7f5bedf4aa. We will continue development in the "sts" branch, subject to rebase, until it is ready to be integrated into "next" again.
2025-12-17 14:37:02 +00:00 · 2017-04-11 01:03:05 +01:00
parent a94253ba25
commit 23deaf1f88
6 changed files with 936 additions and 8 deletions
--- a/chasquid.go
+++ b/chasquid.go
@@ -7,6 +7,7 @@
 package main

 import (
+	"context"
 	"expvar"
 	"flag"
 	"fmt"
@@ -25,6 +26,7 @@ import (
 	"blitiri.com.ar/go/chasquid/internal/maillog"
 	"blitiri.com.ar/go/chasquid/internal/normalize"
 	"blitiri.com.ar/go/chasquid/internal/smtpsrv"
+	"blitiri.com.ar/go/chasquid/internal/sts"
 	"blitiri.com.ar/go/chasquid/internal/userdb"
 	"blitiri.com.ar/go/log"
 	"blitiri.com.ar/go/systemd"
@@ -146,12 +148,18 @@ func main() {

 	dinfo := s.InitDomainInfo(conf.DataDir + "/domaininfo")

+	stsCache, err := sts.NewCache(conf.DataDir + "/sts-cache")
+	if err != nil {
+		log.Fatalf("Failed to initialize STS cache: %v", err)
+	}
+	go stsCache.PeriodicallyRefresh(context.Background())
+
 	localC := &courier.Procmail{
 		Binary:  conf.MailDeliveryAgentBin,
 		Args:    conf.MailDeliveryAgentArgs,
 		Timeout: 30 * time.Second,
 	}
-	remoteC := &courier.SMTP{Dinfo: dinfo}
+	remoteC := &courier.SMTP{Dinfo: dinfo, STSCache: stsCache}
 	s.InitQueue(conf.DataDir+"/queue", localC, remoteC)

 	// Load the addresses and listeners.