123 lines
4.1 KiB
Raw Normal View History

2020-10-08 20:36:17 +00:00
Futuristic SMTP INBOUND-only server for home usage.
Inspired by Marinetti's RFC (AKA _Manifesto of Futurism_).
It only serves a precise list of email address. No aliases.
Everything else will be apparently accepted, and then discarded.
So that, spammers will waste their time (and money).
- Golang version >= 1.13
- git
First download the code into the folder you want to use with Golang
git clone
go build -mod=vendor
./zangtumb to start the daemon , after setting the environment strings.
zangtumb is designed be easy to dockerize.
A reference pseudo-dockerfile could be:
FROM debian:stable-slim
ENV KEYFILE "/certs/"mydomain.key"
ENV CERTFILE "/certs/mydomain.crt"
ENV DOMAINNAME "mydomain.tld"
ENV LISTEN ":5025"
ENV RECIPIENTS "recipients.conf"
ENV MAILFOLDER "/zangmail"
RUN useradd -ms /bin/bash zangtumb
RUN mkdir -p /opt/zangtumb
RUN mkdir -p /zangmail
COPY . /opt/zangtumb/
RUN chown -R zangtumb:zangtumb /opt/zangtumb
RUN chown -R zangtumb:zangtumb /zangmail
USER zangtumb
WORKDIR /opt/zangtumb
ENTRYPOINT ["/opt/zangtumb/zangtumb"]
everything is configured using ENV strings , as follows
| ENV STRING | Example value | Meaning |
| ---------- | --------------------- | ------------------------------------------------------------ |
| KEYFILE | "/certs/mydomain.key" | Path for private key. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
| CERTFILE | "/certs/mydomain.crt" | Path for certificate. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
2021-07-31 11:31:30 +00:00
| DOMAINNAME | "mydomain.tld" | will declare this value on the banner. No impact on recipients. Used as CN in self-signed certificates |
2020-10-08 20:36:17 +00:00
| LISTEN | ":5025" | Address to listen in golang format. This example will listen to port 5025 on all interfaces. You may specify a specific interface like "" |
| RECIPIENTS | "recipients.conf" | File containing a list with email to serve. One mail address per line. Please notice, that and will end in the same mailbox, "pippo". |
| MAILFOLDER | "/zangmail" | Root of mailfolder. Mail is stored in the default dovecot Maildir format, meaning in the example "/zangmail/%u/Maildir" . |
| USETLS | "true" | Whether to force all to use TLS or not. yes. Do it. |
2021-07-31 11:31:30 +00:00
Of course , if you put your certificatesinto /certs, (likethe example), this folder MUST exist.
2020-10-08 20:36:17 +00:00
That's it.
- _This TLS behavior is violating RFC 2487_
- To give a shit of RFCs is a de facto standard. It works, and no spammer will ever buy a certificate per each spambot.
- _The minimal amount of recipients by RFC 5321 is 100. You reduced it._
- Yes. The reason is, we allow the ones we need. No more. This server is supposed to run inside a Raspberry, if needed. Call the RFC police, if you don't like.
- _The example dockerfile is way too big. Why no multistage?_
- This is because is an example. An example must be easy to understand. An example must be _simple_. Even you should be able to understand it. Well.... ok. Let's say, even _Bob_ should.
- _Why don't you use opensmtpd?_
- To make this server took less than dockerizing opensmtpd in a decent way.
- _Why don't you use postfix/sendmail/qmail/courier_
- I serve 4 mailboxes in total. Why should I deploy all that complexity? Complexity != security.
- _Silently discarrding email after pretending you've accepted is not nice. Perhaps, this will make your server to look like an open relay._
- Unfortunately, English cannot translate the correct answer, which is "esticazzi non ce lo scriviamo?". So I can't properly answer you.
- _This golang code is not idiomatic. And there is no graphene, no quantum computing, no UI/UX and no horizontal scaling of Internet of Things with Artificial Intelligence of Big Data._
- Please, bring me a Frappuccino.