Mirrors/go-chasquid-smtp
1
0
Fork 0
mirror of https://blitiri.com.ar/repos/chasquid synced 2025-12-16 14:27:01 +00:00
Code Releases Activity
446 Commits 4 Branches 28 Tags
643f7576f055f18b5dbf8bc59bd633e7806a12cf
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Alberto Bertogli 643f7576f0 courier: Use explicit certificate validation in the SMTP courier 
When using STARTTLS, the SMTP courier needs to determine whether the
server certificates are valid or not.

Today, that's implemented via connecting once with full certificate
verification, and if that fails, reconnecting with verification
disabled.

This works okay in practice, but it is slower on insecure servers (due
to the reconnection), and some of them even complain because we connect
too frequently, causing delivery problems. The latter has only been
observed once, on the drv-berlin-brandenburg.de MX servers.

To improve on that situation, this patch makes the courier do the TLS
connection only once, and uses the verification results directly.

The behaviour of the server is otherwise unchanged. The only difference
is that when delivering mail to servers that have invalid certificates,
we now connect once instead of twice.

The tests are expanded to increase coverage for this particular case.
2021-10-25 12:41:24 +01:00
cmd
chasquid-util: Update ReadPassword dependency
2021-10-08 23:11:29 +01:00
docker
docker: Install libcap2-bin binary
2021-09-03 11:41:59 +01:00
docs
docs: v1.8 release notes
2021-07-30 09:40:10 +01:00
etc
hooks: Add dkimpy support
2021-07-21 02:06:20 +01:00
internal
courier: Use explicit certificate validation in the SMTP courier
2021-10-25 12:41:24 +01:00
test
courier: Use DNSError.IsNotFound to identify NXDOMAIN
2021-10-08 23:11:29 +01:00
.cirrus.yml
cirrus: Remove Linux tests
2021-05-31 15:03:38 +01:00
.gitignore
test: Remove dependency on wget
2020-11-12 23:24:21 +00:00
.gitlab-ci.yml
gitlab: Update minimal supported version
2021-10-05 00:21:14 +01:00
.mkdocs.yml
docs: Add a page for known issues
2021-05-24 01:01:16 +01:00
chasquid.go
dovecot: Retry auto-detect until we find a usable socket pair
2021-05-24 10:21:33 +01:00
coverage_test.go
test: Add tools to generate test coverage information
2018-03-02 19:37:37 +00:00
dnsoverride.go
test: Add TLS tracking integration test
2018-06-02 19:31:28 +01:00
go.mod
chasquid-util: Update ReadPassword dependency
2021-10-08 23:11:29 +01:00
go.sum
modules: Add missing golang.org/x/tools sum
2021-06-11 10:34:20 +01:00
LICENSE
Add a license
2016-11-03 00:51:59 +00:00
Makefile
test: Add stress tests
2018-03-26 01:58:47 +01:00
monitoring.go
Add /exit endpoint to monitoring server
2020-11-12 23:24:21 +00:00
README.md
doc: Expand contact to include GitHub issues, and security reports
2021-06-06 02:10:01 +01:00

README.md

chasquid

chasquid is an SMTP (email) server with a focus on simplicity, security, and ease of operation.

It is designed mainly for individuals and small groups.

It's written in Go, and distributed under the Apache license 2.0.

Gitlab CI status Cirrus-CI Status Go Report Card Coverage
Docs OFTC IRC

Features

  • Easy
    • Easy to configure.
    • Hard to mis-configure in ways that are harmful or insecure (e.g. no open relay, or clear-text authentication).
    • Monitoring HTTP server, with exported variables and tracing to help debugging.
    • Integrated with Debian, Ubuntu, and Arch.
    • Supports using Dovecot for authentication.
  • Useful
    • Multiple/virtual domains, with per-domain users and aliases.
    • Suffix dropping (user+something@domainuser@domain).
    • Hooks for integration with greylisting, anti-virus, anti-spam, and DKIM/DMARC.
    • International usernames (SMTPUTF8) and domain names (IDNA).
  • Secure
    • Tracking of per-domain TLS support, prevents connection downgrading.
    • Multiple TLS certificates.
    • Easy integration with Let's Encrypt.
    • SPF and MTA-STS checking.

Documentation

The how-to guide and the installation guide are the best starting points on how to install, configure and run chasquid.

You will find all documentation here.

Contact

If you have any questions, comments or patches, please send them to the mailing list, chasquid@googlegroups.com.
To subscribe, send an email to chasquid+subscribe@googlegroups.com.

Security issues can be reported privately to albertito@blitiri.com.ar.

Bug reports and pull requests on GitHub are also welcome.

You can also reach out via IRC, #chasquid on OFTC.

Description
No description provided
Readme 1.7 MiB
Languages
Go 84.1%
Shell 11.1%
Python 2.8%
Dockerfile 1%
CSS 0.7%
Other 0.3%