Proto commits in albertito/chasquid

These 32 commits are when the Protocol Buffers files have changed:

2025-05-06

Make the max queue size and give up time configurable Today, the maximum number of items in the queue, as well as how long we keep attempting to send each item, is hard-coded and not changed by end users. While they are totally adequate for chasquid's main use cases, it can still be useful for some users to change them. So this patch adds two new configuration options for those settings. Thanks to Lewis Ross-Jones <lewis_r_j@hotmail.com> for suggesting this improvement, and help with testing it.

2025-05-02

Make the max queue size and give up time configurable Today, the maximum number of items in the queue, as well as how long we keep attempting to send each item, is hard-coded and not changed by end users. While they are totally adequate for chasquid's main use cases, it can still be useful for some users to change them. So this patch adds two new configuration options for those settings.

2025-04-12

aliases: Implement "via" aliases This patch implements "via" aliases, which let us explicitly select a server to use for delivery. This feature is useful in different scenarios, such as a secondary MX server that forwards all incoming email to a primary. For now, it is experimental and the syntax and semantics are subject to change.

2023-12-03

userdb: Add support for receive-only users Some use cases, like receive-only MTAs, need domain users for receiving emails, but have no real need for passwords since they will never use submission. Today, that is not supported, and those use-cases require the administrator to come up with a password unnecessarily, adding complexity and possibly risk. This patch implements "receive-only users", which don't have a valid password, thus exist for the purposes of delivering mail, but always fail authentication. See https://github.com/albertito/chasquid/issues/44 for more details and rationale. Thanks to xavierg who suggested this feature on IRC.

The documentation is generated from this commit.

2023-10-03

Auto-format protobuf files This patch runs clang-format on the protobuf files, and also adds a Makefile target for auto-formatting code (Go and protobuf) for convenience.

2022-01-21

config: Support "" values for `drop_characters` and `suffix_separators` If the `drop_characters` or `suffix_separators` options are set to "", currently instead of the empty string, their default value is used instead. This is a bug, and it also happens on other config options, but because the others have to be set in order for chasquid to function, it's not a problem in practice. Thanks Björn Busse (bbusse@github) for finding and reporting this problem, on irc and in https://github.com/albertito/chasquid/issues/25. This patch fixes the problem by marking these fields explicitly optional, which enables presence testing, as described in the protobuf documentation: https://github.com/protocolbuffers/protobuf/blob/master/docs/field_presence.md.

2020-11-13

Implement HAProxy protocol support This patch implements support for incoming connections wrapped in the HAProxy protocol v1. This is useful when running chasquid behind a HAProxy server, as it needs the original source IP to perform SPF checks. This patch is a reimplementation of one originally provided by Denys Vitali in pull request #15, except the logic for the protocol handling is moved to a new package, and the smtpsrv.Conn handling of the source IP is simplified. It is marked as experimental for now, since we want to give it a bit more exposure just in case the option/api needs adjustment. Thanks a lot to Denys Vitali (@denysvitali in github) for sending the original patch for this, and helping test it!

2020-09-12

queue: Remove dependency on external protobuf package The queue protobuf definition currently uses the well-known timestamp protobuf package. This adds a build-time dependency on it, which is fairly harmless when building from source (since the golang protobuf compiler includes it already), but adds overhead for packaging on distributions. Since this is the only external proto dependency we have, and the protobuf message itself is trivial, this patch removes it an instead embeds a compatible definition. That way we remove the dependency and simplify packaging, with almost negligible code overhead. The change is fully backwards compatible and has no functional changes.

2020-05-24

maillog: Support logging to stdout and stderr This patch adds support for writing maillog to stdout and stderr, which can be desirable in certain environments. Thanks to Denys Vitali <denys@denv.it> who sent an alternative patch for this functionality.

2020-05-16

Update protobuf library to v2 There is a new protobuf library (and corresponding code generator) for Go: google.golang.org/protobuf. It is fairly compatible with the previous v1 API (github.com/golang/protobuf), but there are some changes. This patch adjusts the code and generated files to the new API. The on-wire/on-disk format remains unchanged so this should be transparent to the users.

2020-05-13

courier: Use the hostname in SMTP HELO The SMTP courier, which handles outgoing connections, uses the domain of the envelope's from as the domain in the HELO/EHLO greeting. This works fine in practice, but ideally the domain used in the greeting should match the reverse DNS record. This used to be more relevant but nowadays it is not really enforced; however, it sometimes comes up in self checks, and might cause some confusion when troubleshooting. So this patch makes it use the configured hostname instead, which is under the users' control and more likely to be compliant. It also simplifies the code. The documentation of the hostname configuration option is also updated to mention this behaviour. Thanks to Jonas Seydel (thor77) for bringing this up.

2018-06-04

dovecot: Remove "experimental" qualifiers dovecot support has been around for a release, has decent testing and seems stable enough to remove the "experimental" qualifier.

2018-02-10

chasquid: Dovecot support (experimental) This patch adds dovecot support to the chasquid daemon, using the internal dovecot library added in previous patches. Dovecot support is still considered EXPERIMENTAL and may be reverted, or changed in backwards-incompatible ways. The patch also adds the corresponding integration test, which brings up a dovecot server with a custom configuration, and tests chasquid's authentication against it. If dovecot is not installed, the test is skipped.

2017-04-10

Support submission (directly) over TLS (submissions/smtps/port 465) This patch adds support for TLS-wrapped submission connections. Instead of clients establishing a connection over plain text and then using STARTTLS to switch over a TLS connection, this new mode allows the clients to connect directly over TLS, like it's done in HTTPS. This is not an official standard yet, but it's reasonably common in practice, and provides some advantages over the traditional submission port. The default port is 465, commonly used for this; chasquid defaults to systemd file descriptor passing as for the other protocols (for now).

2017-03-08

Change the default MDA binary to "maildrop" The current default is "procmail" for historical reasons, but the program has been unmaintained for years and its use is not generally advisable. This patch changes the default MDA binary to "maildrop", which is a more modern and reasonable MDA to use. We keep the courier.Procmail name for now, as that's internal, but it may be changed later. Its documentation is updated to note that the name is just for reference but it actually works with almost any binary.

2016-11-03

queue: Get the DSN domain from the message Picking the domain used in the DSN message "From" header is more complicated than it needs to be, causing confusing code paths and having different uses for the hostname, which should be purely aesthetic. This patch makes the queue pick the DSN "From" domain from the message itself, by looking for a local domain in either the sender or the original recipients. We should find at least one, otherwise it'd be relaying. This allows the code to be simplified, and we can narrow the scope of the hostname option even further.

2016-11-01

etc: Add a skeleton configuration structure This patch adds an "etc" directory, with a basic configuration structure that can be used for an initial installation.

2016-10-21

maillog: Introduce a special-purpose mail logging package The default INFO logs are more oriented towards debugging and can be a bit too verbose when looking for high-level information. This patch introduces a new "maillog" package, used to log messages of particular relevance to mail transmission at a higher level.

queue: Always use the main domain for sending DSNs Today, we pick the domain used to send the DSN from based on what we presented to the client at EHLO time, which itself may be based on the TLS negotiation (which is not necessarily trusted). This is complex, not necessarily correct, and involves passing the domain around through the queue and persisting it in the items. So this patch simplifies that handling by always using the main domain as specified by the configuration.

domaininfo: New package to track domain (security) information This patch introduces a new "domaininfo" package, which implements a database with information about domains. In particular, it tracks incoming and outgoing security levels. That information is used in incoming and outgoing SMTP to prevent downgrades.

2016-10-09

config: Set defaults for suffix_separators and drop_characters This patch sets common and practical defaults for the suffix_separators ("+") and drop_character options (".").

queue: Use a local envelope-from when forwarding If there's an alias to forward email to a non-local domain, using the original From is problematic, as we may not be an authorized sender for it. Some MTAs (like Exim) will do it anyway, others (like gmail) will construct a special address based on the original address. This patch implements the latter approach, which is safer and allows the receiver to properly enforce SPF. We construct a (hopefully) reasonable From based on the local user, and embedding the original From (but transformed for IDNA, as the receiver may not support SMTPUTF8).

queue: Send delivery status notifications on failures When we permanently failed to deliver to one or more recipients, send delivery status notifications back to the sender. To do this, we need to extend a couple of internal structures, to keep track of the original destinations (so we can include them in the message, for reference), and the hostname we're identifying ourselves as (this is arguable but we're going with it for now, may change later).

config: Add a "data_dir" option This patch adds a "data_dir" option, that chasquid will use to store persistent data. It defaults to "/var/lib/chasquid" (for now, at least). Users will come in subsequent patches.

queue: Implement persistency This patch makes the queue read and write items to disk. It uses protobuf for serialization. We serialize to text format to make manual troubleshooting easier, as the performance difference is not very relevant for us.

queue: Support sending to pipes With the introduction of aliases, the queue may now be delivering mail to pipes. This patch implements pipe delivery. It uses a fixed 30s timeout for now, as these commands should really not take much time, and we don't want to overly complicate the configuration for now.

chasquid: Load and resolve aliases This patch integrates the aliases resolution into the daemon and queue. The queue now will resolve aliases at Put time.

protoio: I/O helpers for protobuf messages

userdb: Use protocol buffers instead of our custom format Protocol buffers are a more portable, practical and safe format for the user database.

Distinguish between SMTP and submission ports We want to be able to distinguish between connections for SMTP and connections for submission, so we can make different policy decisions. To do that, we first make the configuration aware of the different kinds of addresses. This is done in this patch in a backwards-incompatible way, but at this point in time it is ok to do so. Then, we extend systemd's socket passing library to support socket naming, so we can tell the different sockets apart. This is done via the LISTEN_FDNAMES/FileDescriptorName mechanism. And finally we make the server and connection types aware of the socket mode.

2016-07-16

courier: Let the users configure the mail delivery agent This patch adds configuration options for the MDA binary and command line arguments, and changes the (soon to be renamed) procmail courier to make use of them.

2015-11-01

Basic configuration This patch introduces a basic on disk configuration, comprised of a main configuration file and per-domain directories. It's still not complete, but will be extended in subsequent patches.