Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • TPA team TPA team
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 174
    • Issues 174
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • TPA
  • TPA teamTPA team
  • Issues
  • #30608

Closed
Open
Created May 24, 2019 by David Goulet@dgoulet🔆18 of 18 tasks completed18/18 tasks

Have a SMTP out only server

I do use my @tpo email address for many communications outside torproject lists or @tpo people.

Lately, I discovered that many of my emails were silent drop by the remote server or put in SPAM. And that was because the person came back to me asking where was my email. For instance, gmail sometimes put it in the SPAM still because we lack DKIM/SPF so it hurts our reputation.

Th reason why is quite simple: I use my own SMTP server to send the emails while forging the From address.

It would honestly be of a great help if we could simply have an authenticated SMTP server that I could use with let say my LDAP account for sending emails with my @tpo and not being worried that it gets dropped...


The steps required for this change are:

  1. create a new field (emailPassword?) in the LDAP schema (done)
  2. setup a separate email server to accept submissions and keep mail servers aware that not only eugeni sends email
  3. hook up the password field in ud-generate
  4. document the schema and files changes in howto/ldap
  5. hook up the generated password file in dovecot (only for SASL auth)
  6. hook up dovecot in postfix
  7. test with TPA users that can modify their own password directly through LDAP
  8. update the web interface to support password changes (requires upgrading to latest upstream #40182 (closed))
  9. optionally, update the mail gateway to support changes to the field
  10. add DNS records for autoconfiguration
  11. add onion service
  12. add TLS-only service (port 465)
  13. do tests with the users in this ticket, and if this works, propagate to all current LDAP users
  14. create submit-02 at sunet, compare
  15. create LDAP accounts for more users who want to use the system see #40536 (closed)
  16. add monitoring loops, with (say) Google, Hotmail, Yahoo and Riseup to ensure delivery works across servers that is now an entire milestone, %improve mail services
  17. complete design documentation in howto/submission
  18. upload new ud-ldap debian packages
Edited Dec 02, 2021 by anarcat
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking