describe what happens to third-party mail servers

01ae3653 · anarcat · 37aa0aec · 01ae3653 · 01ae3653 · 37aa0aec
Verified Commit 01ae3653 authored 2 years ago by anarcat
--- a/policy/tpa-rfc-15-email-services.md
+++ b/policy/tpa-rfc-15-email-services.md
@@ -368,6 +368,25 @@ Legend:

 ![final mail architecture diagram](architecture-post.png)

+Changes in this diagram:
+
+ * added: `relay`, `mx`, `mailbox`, the hosts defined in steps e, g,
+   and h above
+ * changed:
+   * `eugeni` stops relaying email for all the hosts and stops
+     receiving mail for the `torproject.org` domain, but keeps doing
+     mailman and schleuder work
+   * other TPA hosts: start relaying mail through `relay` instead of
+     `eugeni`
+   * "impersonators": those are external mail relays like gmail or
+     riseup, or individual mail servers operated by TPO personnel
+     which previously could send email as `@torproject.org` but will
+     likely be unable to. they can still receive forwards for those
+     emails, but those will come from the `mx` instead of `eugeni`.
+   * users will start submitting email through the `submission` server
+     (already possible, now mandatory) and read email through the
+     `mailbox` server
+
 ## Timeline

 This timeline is a draft, and will be updated according to when this

--- a/policy/tpa-rfc-15-email-services/architecture-post.dot
+++ b/policy/tpa-rfc-15-email-services/architecture-post.dot
@@ -19,11 +19,13 @@ digraph email {
        mailbox [color="green" label="mailbox\nIMAP, webmail"]
        // external boxes
        dotdotdot [label="internet\nnon TPO mail hosts", shape=ellipse]
+        // other hosts that currently masquerade as us
+        masquerade [label="impersonators\nriseup, gmail, etc"]

        // all relations

        // mx receives email from everywhere and forwards it
-        dotdotdot -> mx -> { mailbox, eugeni, mailhosts }
+        dotdotdot -> mx -> { mailbox, eugeni, mailhosts, masquerade }
        dotdotdot -> mailhosts
        // user interacts with those
        user -> { mailhosts, submission, mailbox, eugeni }
@@ -31,4 +33,5 @@ digraph email {
        { submission, mailhosts, eugeni, relay } -> dotdotdot
        // except those, who still go through the relay
        tpoboxes -> relay
+        masquerade -> dotdotdot [style=tapered color=red]
 }
--- a/policy/tpa-rfc-15-email-services/architecture-post.png
+++ b/policy/tpa-rfc-15-email-services/architecture-post.png
--- a/policy/tpa-rfc-15-email-services/architecture-pre.dot
+++ b/policy/tpa-rfc-15-email-services/architecture-pre.dot
@@ -16,6 +16,8 @@ digraph email {
        eugeni [color=red label="eugeni\nmailman, schleuder\nmx, relay"]
        // external boxes
        dotdotdot [label="internet\nnon TPO mail hosts", shape=ellipse]
+        // other hosts that currently masquerade as us
+        masquerade [label="impersonators\nriseup, gmail, etc"]

        // all relations

@@ -25,7 +27,9 @@ digraph email {
        // users interact with those
        user -> { mailhosts, submission, eugeni }
        // those all relay mail to the outside
-        { submission, mailhosts, eugeni } -> dotdotdot
+        { submission, mailhosts, eugeni, masquerade } -> dotdotdot
        // except those, who still go through the relay
        tpoboxes -> eugeni
+        // eugeni also forwards mails to the impersonators
+        eugeni -> masquerade
 }
--- a/policy/tpa-rfc-15-email-services/architecture-pre.png
+++ b/policy/tpa-rfc-15-email-services/architecture-pre.png