zangtumb/README.md

123 lines
4.2 KiB
Markdown

Futuristic SMTP INBOUND-only server for home usage.
Inspired by Marinetti's RFC (AKA _Manifesto of Futurism_).
It only serves a precise list of email address. No aliases.
Everything else will be apparently accepted, and then discarded.
So that, spammers will waste their time (and money).
# REQUIREMENTS:
- Golang version >= 1.13
- git
# INSTALLATION
First download the code into the folder you want to use with Golang
```
git clone https://git.keinpfusch.net/loweel/zangtumb.git
go build -mod=vendor
./zangtumb to start the daemon , after setting the environment strings.
```
# CONFIGURATION
zangtumb is designed be easy to dockerize.
A reference pseudo-dockerfile could be:
```dockerfile
FROM debian:stable-slim
##MAIN
ENV KEYFILE "/certs/"mydomain.key"
ENV CERTFILE "/certs/mydomain.crt"
ENV DOMAINNAME "mydomain.tld"
ENV LISTEN ":5025"
##SESSION
ENV RECIPIENTS "recipients.conf"
ENV MAILFOLDER "/zangmail"
##MAIN
ENV USETLS="true"
## HERE WE GO
RUN useradd -ms /bin/bash zangtumb
RUN mkdir -p /opt/zangtumb
RUN mkdir -p /zangmail
COPY . /opt/zangtumb/
RUN chown -R zangtumb:zangtumb /opt/zangtumb
RUN chown -R zangtumb:zangtumb /zangmail
EXPOSE 5025
USER zangtumb
WORKDIR /opt/zangtumb
ENTRYPOINT ["/opt/zangtumb/zangtumb"]
```
everything is configured using ENV strings , as follows
| ENV STRING | Example value | Meaning |
| ---------- | --------------------- | ------------------------------------------------------------ |
| KEYFILE | "/certs/mydomain.key" | Path for private key. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
| CERTFILE | "/certs/mydomain.crt" | Path for certificate. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? |
| DOMAINNAME | "mydomain.tld" | will declare this value on the banner. No impact on recipients. Used as CN in self-signed certificates |
| LISTEN | ":5025" | Address to listen in golang format. This example will listen to port 5025 on all interfaces. You may specify a specific interface like "1.2.3.4:5025" |
| RECIPIENTS | "recipients.conf" | File containing a list with email to serve. One mail address per line. Please notice, that pippo@pluto.com and pippo@paperino.com will end in the same mailbox, "pippo". |
| MAILFOLDER | "/zangmail" | Root of mailfolder. Mail is stored in the default dovecot Maildir format, meaning in the example "/zangmail/%u/Maildir" . |
| USETLS | "true" | Whether to force all to use TLS or not. yes. Do it. |
Of course , if you put your certificatesinto /certs, (likethe example), this folder MUST exist.
That's it.
# FAQ
- _This TLS behavior is violating RFC 2487_
- To give a shit of RFCs is a *de facto standard*. Zangtumb works, and no spammer will ever buy a certificate per each spambot.
- _The minimal amount of recipients by RFC 5321 is 100. You reduced it._
- Yes. The reason is, we allow the ones we need. No more. This server is supposed to run inside a Raspberry, if needed. Call the RFC police, if you don't like.
- _The example dockerfile is way too big. Why no multistage?_
- This is because is an example. An example must be easy to understand. An example must be _simple_. Even you should be able to understand it. Well.... ok. Let's say, even _Bob_ should.
- _Why don't you use opensmtpd?_
- To make this server took less than dockerizing opensmtpd in a decent way.
- _Why don't you use postfix/sendmail/qmail/courier_
- I serve 4 mailboxes in total. Why should I deploy all that complexity? Complexity != security.
- _Silently discarrding email after pretending you've accepted is not nice. Perhaps, this will make your server to look like an open relay._
- Unfortunately, English cannot translate the correct answer, which is "esticazzi non ce lo scriviamo?". So I can't properly answer you.
- _This golang code is not idiomatic. And there is no graphene, no quantum computing, no UI/UX and no horizontal scaling of Internet of Things with Artificial Intelligence of Big Data._
- Please, bring me a Frappuccino.