https://github.com/foxcpp/maddy/issues/3 Here is the detailed discussion of problems related to automatic TLS configuration in email world.
Spam, phishing, virus blocking - no builtin measures. It is easy to integrate rspamd (literally adding one line into config). ClamAV can be used via clamav-milter though some configuration is needed - no direct & easy…
IMAP4rev1 is fully and almost [1] correctly implemented. There are some useful protocol extensions supported but some other important ones are missing (e.g. CONDSTORE). There are no known issues with popular clients but…
https://github.com/foxcpp/maddy/issues/243#issuecomment-6556... I guess that needs to be in FAQ...
Some parts of Hetzner IP space are in blacklists. It is a bit of a lottery here. Be sure to check IP you got.
It is definitely possible to configure something like rspamd to scan outbound messages.
>Please say more Default configuration runs everything as a single daemon. This has been done to minimize any management overhead, avoid the complexity and performance overhead introduced by IPC. It is definitely…
No, we are not running migadu. But you probably can give it a try anyway, they look pretty good.
There is no IP whitelisting feature in maddy. I believe it is possible to do it using whatever off-the-shelf firewall you have on your system. Could you elaborate on the reasons it is not a viable way for you?
Currently the license is GPLv3, you can find it in the COPYING file. There are some messy bits related to licensing because it was MIT licensed in the past (back then when I did not take this "little pet project" very…
alps was created by the same person who started maddy, by the way. It is not me. Just wanted to give a little tribute to the amazing person who put a lot of work into email libraries for Go: https://github.com/emersion/
Yes, it is. The project started as "Caddy for email".
My current position is that spam filtering is a whole another problem space so I am not trying to address it now while Maddy is a "single man show". P.S. As far as I am aware, redis is optional for rspamd. I certainly…
There we go, humanity survived for another insert description of time interval
This is actually how usual Postfix+Dovecot setup works in practice. Dovecot runs an LMTP server which is SMTP with some minor modificaitons. Postfix forwards messages to Dovecot's LMTP.
Yes, this is possible. This page shows how to configure maddy to only handle SMTP: https://foxcpp.dev/maddy/tutorials/smtp-only/ You can follow it but swap Dovecot for another maddy instance, configured as shown here:…
If I had an infinite amount if time, I would sure write maddy in Rust. But as practice shows, there are only around 24 hours in a day. That being said, my project greatly benefits from Go concurrency features and simple…
I believe a server wriiten in a memory safe language greatly reduces the risk of running such setup. To the point where it is an acceptable trade-off to get simpler maintenance. Depending on how many targeted attacks…
Your suggestion is to tie everything to the ownership of alternative root KSK. Meaning that you are explicitly blocking the possibility of multiple CAs for the project.
>if you trust a third party CA they can just sign for anybody without limits It is possible for a root certificate to have a name constraint making all certificates issued for other e.g. TLDs invalid. Like it is done in…
Currently it is base IMAP4rev1 specification (RFC 3501) minus /Recent flag plus SASL-IR, APPENDLIMIT, MOVE, CHILDREN, SPECIAL-USE, COMPRESS, UNSELECT and IDLE extensions. Support for CONDSTORE and UIDPLUS extensions is…
Developer here to answer any questions. Also see https://github.com/foxcpp/maddy/wiki/FAQ.
https://github.com/foxcpp/maddy/issues/3 Here is the detailed discussion of problems related to automatic TLS configuration in email world.
Spam, phishing, virus blocking - no builtin measures. It is easy to integrate rspamd (literally adding one line into config). ClamAV can be used via clamav-milter though some configuration is needed - no direct & easy…
IMAP4rev1 is fully and almost [1] correctly implemented. There are some useful protocol extensions supported but some other important ones are missing (e.g. CONDSTORE). There are no known issues with popular clients but…
https://github.com/foxcpp/maddy/issues/243#issuecomment-6556... I guess that needs to be in FAQ...
Some parts of Hetzner IP space are in blacklists. It is a bit of a lottery here. Be sure to check IP you got.
It is definitely possible to configure something like rspamd to scan outbound messages.
>Please say more Default configuration runs everything as a single daemon. This has been done to minimize any management overhead, avoid the complexity and performance overhead introduced by IPC. It is definitely…
No, we are not running migadu. But you probably can give it a try anyway, they look pretty good.
There is no IP whitelisting feature in maddy. I believe it is possible to do it using whatever off-the-shelf firewall you have on your system. Could you elaborate on the reasons it is not a viable way for you?
Currently the license is GPLv3, you can find it in the COPYING file. There are some messy bits related to licensing because it was MIT licensed in the past (back then when I did not take this "little pet project" very…
alps was created by the same person who started maddy, by the way. It is not me. Just wanted to give a little tribute to the amazing person who put a lot of work into email libraries for Go: https://github.com/emersion/
Yes, it is. The project started as "Caddy for email".
My current position is that spam filtering is a whole another problem space so I am not trying to address it now while Maddy is a "single man show". P.S. As far as I am aware, redis is optional for rspamd. I certainly…
There we go, humanity survived for another insert description of time interval
This is actually how usual Postfix+Dovecot setup works in practice. Dovecot runs an LMTP server which is SMTP with some minor modificaitons. Postfix forwards messages to Dovecot's LMTP.
Yes, this is possible. This page shows how to configure maddy to only handle SMTP: https://foxcpp.dev/maddy/tutorials/smtp-only/ You can follow it but swap Dovecot for another maddy instance, configured as shown here:…
If I had an infinite amount if time, I would sure write maddy in Rust. But as practice shows, there are only around 24 hours in a day. That being said, my project greatly benefits from Go concurrency features and simple…
I believe a server wriiten in a memory safe language greatly reduces the risk of running such setup. To the point where it is an acceptable trade-off to get simpler maintenance. Depending on how many targeted attacks…
Your suggestion is to tie everything to the ownership of alternative root KSK. Meaning that you are explicitly blocking the possibility of multiple CAs for the project.
>if you trust a third party CA they can just sign for anybody without limits It is possible for a root certificate to have a name constraint making all certificates issued for other e.g. TLDs invalid. Like it is done in…
Currently it is base IMAP4rev1 specification (RFC 3501) minus /Recent flag plus SASL-IR, APPENDLIMIT, MOVE, CHILDREN, SPECIAL-USE, COMPRESS, UNSELECT and IDLE extensions. Support for CONDSTORE and UIDPLUS extensions is…
Developer here to answer any questions. Also see https://github.com/foxcpp/maddy/wiki/FAQ.