GitLab

I do use my @tpo email address for many communications outside torproject lists or @tpo people.

Lately, I discovered that many of my emails were silent drop by the remote server or put in SPAM. And that was because the person came back to me asking where was my email. For instance, gmail sometimes put it in the SPAM still because we lack DKIM/SPF so it hurts our reputation.

Th reason why is quite simple: I use my own SMTP server to send the emails while forging the From address.

It would honestly be of a great help if we could simply have an authenticated SMTP server that I could use with let say my LDAP account for sending emails with my @tpo and not being worried that it gets dropped...

---

The steps required for this change are:

1. create a new field (emailPassword?) in the LDAP schema (done)
2. setup a separate email server to accept submissions and keep mail servers aware that not only eugeni sends email
3. hook up the password field in ud-generate
4. document the schema and files changes in howto/ldap
5. hook up the generated password file in dovecot (only for SASL auth)
6. hook up dovecot in postfix
7. test with TPA users that can modify their own password directly through LDAP
8. update the web interface to support password changes (requires upgrading to latest upstream #40182 (closed))
9. optionally, update the mail gateway to support changes to the field
10. add DNS records for autoconfiguration
11. add onion service
12. add TLS-only service (port 465)
13. do tests with the users in this ticket, and if this works, propagate to all current LDAP users
14. create submit-02 at sunet, compare
15. create LDAP accounts for more users who want to use the system see #40536 (closed)
16. add monitoring loops, with (say) Google, Hotmail, Yahoo and Riseup to ensure delivery works across servers that is now an entire milestone, %improve mail services
17. complete design documentation in howto/submission
18. upload new ud-ldap debian packages