|Uriel Fanelli 223b65994c|
Futuristic SMTP INBOUND-only server for home usage. Inspired by Marinetti's RFC (AKA Manifesto of Futurism).
It only serves a precise list of email address. No aliases.
Everything else will be apparently accepted, and then discarded. So that, spammers will waste their time (and money).
- Golang version >= 1.13
First download the code into the folder you want to use with Golang
git clone https://git.keinpfusch.net/loweel/zangtumb.git go build -mod=vendor ./zangtumb to start the daemon , after setting the environment strings.
zangtumb is designed be easy to dockerize.
A reference pseudo-dockerfile could be:
FROM debian:stable-slim ##MAIN ENV KEYFILE "/certs/"mydomain.key" ENV CERTFILE "/certs/mydomain.crt" ENV DOMAINNAME "mydomain.tld" ENV LISTEN ":5025" ##SESSION ENV RECIPIENTS "recipients.conf" ENV MAILFOLDER "/zangmail" ##MAIN ENV USETLS="true" ## HERE WE GO RUN useradd -ms /bin/bash zangtumb RUN mkdir -p /opt/zangtumb RUN mkdir -p /zangmail COPY . /opt/zangtumb/ RUN chown -R zangtumb:zangtumb /opt/zangtumb RUN chown -R zangtumb:zangtumb /zangmail EXPOSE 5025 USER zangtumb WORKDIR /opt/zangtumb ENTRYPOINT ["/opt/zangtumb/zangtumb"]
everything is configured using ENV strings , as follows
|ENV STRING||Example value||Meaning|
|KEYFILE||"/certs/mydomain.key"||Path for private key. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it?|
|CERTFILE||"/certs/mydomain.crt"||Path for certificate. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it?|
|DOMAINNAME||"mydomain.tld"||will declare this value on the banner. No impact on recipients. Used as CN in self-signed certificates|
|LISTEN||":5025"||Address to listen in golang format. This example will listen to port 5025 on all interfaces. You may specify a specific interface like "22.214.171.124:5025"|
|RECIPIENTS||"recipients.conf"||File containing a list with email to serve. One mail address per line. Please notice, that firstname.lastname@example.org and email@example.com will end in the same mailbox, "pippo".|
|MAILFOLDER||"/zangmail"||Root of mailfolder. Mail is stored in the default dovecot Maildir format, meaning in the example "/zangmail/%u/Maildir" .|
|USETLS||"true"||Whether to force all to use TLS or not. yes. Do it.|
Of course , if you put your certificatesinto /certs, (likethe example), this folder MUST exist.
This TLS behavior is violating RFC 2487
To give a shit of RFCs is a de facto standard. Zangtumb works, and no spammer will ever buy a certificate per each spambot.
The minimal amount of recipients by RFC 5321 is 100. You reduced it.
Yes. The reason is, we allow the ones we need. No more. This server is supposed to run inside a Raspberry, if needed. Call the RFC police, if you don't like.
The example dockerfile is way too big. Why no multistage?
This is because is an example. An example must be easy to understand. An example must be simple. Even you should be able to understand it. Well.... ok. Let's say, even Bob should.
Why don't you use opensmtpd?
To make this server took less than dockerizing opensmtpd in a decent way.
Why don't you use postfix/sendmail/qmail/courier
I serve 4 mailboxes in total. Why should I deploy all that complexity? Complexity != security.
Silently discarrding email after pretending you've accepted is not nice. Perhaps, this will make your server to look like an open relay.
Unfortunately, English cannot translate the correct answer, which is "esticazzi non ce lo scriviamo?". So I can't properly answer you.
This golang code is not idiomatic. And there is no graphene, no quantum computing, no UI/UX and no horizontal scaling of Internet of Things with Artificial Intelligence of Big Data.
Please, bring me a Frappuccino.