diff --git a/package-lock.json b/package-lock.json index f9fc995..960eba3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,6 +13,7 @@ "express": "^4.21.2", "favicon": "^0.0.2", "haraka": "^0.0.33", + "haraka-plugin-dkim": "^1.0.9", "jsonwebtoken": "^9.0.2", "knex": "^3.1.0", "moniker": "^0.1.2", @@ -127,6 +128,28 @@ "node": ">= 0.6" } }, + "node_modules/address-rfc2821": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/address-rfc2821/-/address-rfc2821-2.1.2.tgz", + "integrity": "sha512-lC4ggAV0ioinpB0fYOmE/BEpzCzKz+NcASVNnWgkIAFQTX6Le34V1D8XO4TYXlZVkh85tx34YpxsJl7rZRCVMw==", + "license": "MIT", + "dependencies": { + "nearley": "^2.20.1", + "punycode": "^2.3.1" + }, + "engines": { + "node": ">= 10.23.1" + } + }, + "node_modules/address-rfc2822": { + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/address-rfc2822/-/address-rfc2822-2.2.3.tgz", + "integrity": "sha512-M+tNumDEri308IBqo88uK5Ck2NEdvrCbrUwZfJXD0xkxMK0OrXY/OWyE6/xc1Z7MNBK7KCfZeZzz1QI4UMI+Mw==", + "license": "MIT", + "dependencies": { + "email-addresses": "^5.0.0" + } + }, "node_modules/agent-base": { "version": "6.0.2", "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", @@ -254,6 +277,12 @@ "node": ">=0.8" } }, + "node_modules/async": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz", + "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==", + "license": "MIT" + }, "node_modules/asynckit": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", @@ -581,6 +610,12 @@ "node": ">=8" } }, + "node_modules/discontinuous-range": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/discontinuous-range/-/discontinuous-range-1.0.0.tgz", + "integrity": "sha512-c68LpLbO+7kP/b1Hr1qs8/BJ09F5khZGTxqxZuhzxpmwJKOgRFHJWIb9/KmqnqHhLdO55aOxFH/EGBvUQbL/RQ==", + "license": "MIT" + }, "node_modules/doctrine": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz", @@ -632,6 +667,12 @@ "integrity": "sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==", "license": "MIT" }, + "node_modules/email-addresses": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/email-addresses/-/email-addresses-5.0.0.tgz", + "integrity": "sha512-4OIPYlA6JXqtVn8zpHpGiI7vE6EQOAg16aGnDMIAlZVinnoZ8208tW1hAbjWydgN/4PLTT9q+O1K6AH/vALJGw==", + "license": "MIT" + }, "node_modules/emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", @@ -647,6 +688,15 @@ "node": ">= 0.8" } }, + "node_modules/encoding-japanese": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/encoding-japanese/-/encoding-japanese-2.2.0.tgz", + "integrity": "sha512-EuJWwlHPZ1LbADuKTClvHtwbaFn4rOD+dRAbWysqEOXRc2Uui0hJInNJrsdH0c+OhJA4nrCBdSkW4DD5YxAo6A==", + "license": "MIT", + "engines": { + "node": ">=8.10.0" + } + }, "node_modules/es-define-property": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", @@ -1093,6 +1143,88 @@ "deprecated": true, "license": "MIT" }, + "node_modules/haraka-config": { + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/haraka-config/-/haraka-config-1.4.2.tgz", + "integrity": "sha512-mlhnUqGLaXmIAVVo7/Ms3FPPQJrNWiwa/OVGIvoj0aZQDacLWIyDwHYZx35ka2zBy4iW0VGY/KjannbMEPD+7g==", + "license": "MIT", + "dependencies": { + "js-yaml": "^4.1.0" + }, + "engines": { + "node": ">=16" + }, + "optionalDependencies": { + "hjson": "^3.2.2" + } + }, + "node_modules/haraka-email-message": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/haraka-email-message/-/haraka-email-message-1.2.4.tgz", + "integrity": "sha512-nlpimtr4ggo7aIZZN4t6n0RKsoyKqkmFX6xqUReJQZBqV7QYlUws6055Bh31jEEmo5rd2AFCYdKgtK40CxtGRQ==", + "license": "MIT", + "dependencies": { + "haraka-config": "^1.1.0", + "haraka-message-stream": "^1.2.1", + "iconv": "^3.0.1", + "libmime": "^5.3.4", + "libqp": "^2.1.0" + } + }, + "node_modules/haraka-message-stream": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/haraka-message-stream/-/haraka-message-stream-1.2.2.tgz", + "integrity": "sha512-2Tzjgu16zh9BH7Qbm/ktikaqvm/sse8J63U4HnPEVDfgd7Cw0dgqZ5BwfdHRzNdnKPlVx1k8sFDAHBr4JI1NFw==", + "license": "MIT" + }, + "node_modules/haraka-plugin-dkim": { + "version": "1.0.9", + "resolved": "https://registry.npmjs.org/haraka-plugin-dkim/-/haraka-plugin-dkim-1.0.9.tgz", + "integrity": "sha512-PRYBUqzwo+c8bnmX3J9Rr5fWv/IXCXmBvWWf667HbBFcK6GpBQwqiFUArAzYxF4GJl1pSFcb1uCO2U0gs8a6uw==", + "license": "MIT", + "dependencies": { + "address-rfc2821": "^2.1.2", + "address-rfc2822": "^2.2.2", + "async": "^3.2.5", + "haraka-email-message": "^1.2.3", + "haraka-utils": "^1.1.3", + "nopt": "^7.2.1" + }, + "bin": { + "dkim_key_gen.sh": "config/dkim_key_gen.sh", + "dkimverify": "bin/dkimverify" + } + }, + "node_modules/haraka-plugin-dkim/node_modules/abbrev": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-2.0.0.tgz", + "integrity": "sha512-6/mh1E2u2YgEsCHdY0Yx5oW+61gZU+1vXaoiHHrpKeuRNNgFvS+/jrwHiQhB5apAf5oB7UB7E19ol2R2LKH8hQ==", + "license": "ISC", + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + } + }, + "node_modules/haraka-plugin-dkim/node_modules/nopt": { + "version": "7.2.1", + "resolved": "https://registry.npmjs.org/nopt/-/nopt-7.2.1.tgz", + "integrity": "sha512-taM24ViiimT/XntxbPyJQzCG+p4EKOpgD3mxFwW38mGjVUrfERQOeY4EDHjdnptttfHuHQXFx+lTP08Q+mLa/w==", + "license": "ISC", + "dependencies": { + "abbrev": "^2.0.0" + }, + "bin": { + "nopt": "bin/nopt.js" + }, + "engines": { + "node": "^14.17.0 || ^16.13.0 || >=18.0.0" + } + }, + "node_modules/haraka-utils": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/haraka-utils/-/haraka-utils-1.1.3.tgz", + "integrity": "sha512-Muu8eBTY1TBaASJtwIlUdmHFXOB0j2+k+VnWMBxVy1B+9Utda4EDVmtmqTW2w0HrDQfGZR8jBvWrlF9rZfpcww==", + "license": "MIT" + }, "node_modules/has-symbols": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", @@ -1123,6 +1255,16 @@ "node": ">= 0.4" } }, + "node_modules/hjson": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/hjson/-/hjson-3.2.2.tgz", + "integrity": "sha512-MkUeB0cTIlppeSsndgESkfFD21T2nXPRaBStLtf3cAYA2bVEFdXlodZB0TukwZiobPD1Ksax5DK4RTZeaXCI3Q==", + "license": "MIT", + "optional": true, + "bin": { + "hjson": "bin/hjson" + } + }, "node_modules/http-errors": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", @@ -1190,6 +1332,16 @@ "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", "license": "MIT" }, + "node_modules/iconv": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/iconv/-/iconv-3.0.1.tgz", + "integrity": "sha512-lJnFLxVc0d82R7GfU7a9RujKVUQ3Eee19tPKWZWBJtAEGRHVEyFzCtbNl3GPKuDnHBBRT4/nDS4Ru9AIDT72qA==", + "hasInstallScript": true, + "license": "ISC", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/iconv-lite": { "version": "0.4.24", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", @@ -1453,6 +1605,42 @@ "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", "license": "MIT" }, + "node_modules/libbase64": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/libbase64/-/libbase64-1.3.0.tgz", + "integrity": "sha512-GgOXd0Eo6phYgh0DJtjQ2tO8dc0IVINtZJeARPeiIJqge+HdsWSuaDTe8ztQ7j/cONByDZ3zeB325AHiv5O0dg==", + "license": "MIT" + }, + "node_modules/libmime": { + "version": "5.3.6", + "resolved": "https://registry.npmjs.org/libmime/-/libmime-5.3.6.tgz", + "integrity": "sha512-j9mBC7eiqi6fgBPAGvKCXJKJSIASanYF4EeA4iBzSG0HxQxmXnR3KbyWqTn4CwsKSebqCv2f5XZfAO6sKzgvwA==", + "license": "MIT", + "dependencies": { + "encoding-japanese": "2.2.0", + "iconv-lite": "0.6.3", + "libbase64": "1.3.0", + "libqp": "2.1.1" + } + }, + "node_modules/libmime/node_modules/iconv-lite": { + "version": "0.6.3", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", + "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==", + "license": "MIT", + "dependencies": { + "safer-buffer": ">= 2.1.2 < 3.0.0" + }, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/libqp": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/libqp/-/libqp-2.1.1.tgz", + "integrity": "sha512-0Wd+GPz1O134cP62YU2GTOPNA7Qgl09XwCqM5zpBv87ERCXdfDtyKXvV7c9U22yWJh44QZqBocFnXN11K96qow==", + "license": "MIT" + }, "node_modules/lodash": { "version": "4.17.21", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", @@ -1710,6 +1898,12 @@ "node": "*" } }, + "node_modules/moo": { + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/moo/-/moo-0.5.2.tgz", + "integrity": "sha512-iSAJLHYKnX41mKcJKjqvnAN9sf0LMDTXDEvFv+ffuRR9a1MIuXLjMNL6EsnDHSkKLTWNqQQ5uo61P4EbU4NU+Q==", + "license": "BSD-3-Clause" + }, "node_modules/ms": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", @@ -1760,6 +1954,34 @@ "node": ">=12.0.0" } }, + "node_modules/nearley": { + "version": "2.20.1", + "resolved": "https://registry.npmjs.org/nearley/-/nearley-2.20.1.tgz", + "integrity": "sha512-+Mc8UaAebFzgV+KpI5n7DasuuQCHA89dmwm7JXw3TV43ukfNQ9DnBH3Mdb2g/I4Fdxc26pwimBWvjIw0UAILSQ==", + "license": "MIT", + "dependencies": { + "commander": "^2.19.0", + "moo": "^0.5.0", + "railroad-diagrams": "^1.0.0", + "randexp": "0.4.6" + }, + "bin": { + "nearley-railroad": "bin/nearley-railroad.js", + "nearley-test": "bin/nearley-test.js", + "nearley-unparse": "bin/nearley-unparse.js", + "nearleyc": "bin/nearleyc.js" + }, + "funding": { + "type": "individual", + "url": "https://nearley.js.org/#give-to-nearley" + } + }, + "node_modules/nearley/node_modules/commander": { + "version": "2.20.3", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", + "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==", + "license": "MIT" + }, "node_modules/negotiator": { "version": "0.6.3", "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", @@ -2001,6 +2223,25 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/railroad-diagrams": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/railroad-diagrams/-/railroad-diagrams-1.0.0.tgz", + "integrity": "sha512-cz93DjNeLY0idrCNOH6PviZGRN9GJhsdm9hpn1YCS879fj4W+x5IFJhhkRZcwVgMmFF7R82UA/7Oh+R8lLZg6A==", + "license": "CC0-1.0" + }, + "node_modules/randexp": { + "version": "0.4.6", + "resolved": "https://registry.npmjs.org/randexp/-/randexp-0.4.6.tgz", + "integrity": "sha512-80WNmd9DA0tmZrw9qQa62GPPWfuXJknrmVmLcxvq4uZBdYqb1wYoKTmnlGUchvVWe0XiLupYkBoXVOxz3C8DYQ==", + "license": "MIT", + "dependencies": { + "discontinuous-range": "1.0.0", + "ret": "~0.1.10" + }, + "engines": { + "node": ">=0.12" + } + }, "node_modules/range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -2140,6 +2381,15 @@ "node": ">=8" } }, + "node_modules/ret": { + "version": "0.1.15", + "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", + "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "license": "MIT", + "engines": { + "node": ">=0.12" + } + }, "node_modules/rimraf": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", diff --git a/package.json b/package.json index 5d6bfd2..212aebf 100644 --- a/package.json +++ b/package.json @@ -16,6 +16,7 @@ "express": "^4.21.2", "favicon": "^0.0.2", "haraka": "^0.0.33", + "haraka-plugin-dkim": "^1.0.9", "jsonwebtoken": "^9.0.2", "knex": "^3.1.0", "moniker": "^0.1.2", diff --git a/src/email_server/config/dkim_sign.ini b/src/email_server/config/dkim_sign.ini new file mode 100644 index 0000000..bab5667 --- /dev/null +++ b/src/email_server/config/dkim_sign.ini @@ -0,0 +1,16 @@ +[default] +selector=mail +headers_to_sign=from,sender,reply-to,subject,date,message-id,to,cc,mime-version,content-type,content-transfer-encoding + +[domains] +2weekmail.fyi=/etc/haraka/dkim/2weekmail.fyi.private +icantreadpls.top=/etc/haraka/dkim/icantreadpls.top.private +icantreadpls.fyi=/etc/haraka/dkim/icantreadpls.fyi.private +20is20butimnotgay.top=/etc/haraka/dkim/20is20butimnotgay.top.private +20is20butimnotgay.fyi=/etc/haraka/dkim/20is20butimnotgay.fyi.private +20is20butimnotgay.com=/etc/haraka/dkim/20is20butimnotgay.com.private +bigwhitevanfbi.top=/etc/haraka/dkim/bigwhitevanfbi.top.private +bigwhitevanfbi.fyi=/etc/haraka/dkim/bigwhitevanfbi.fyi.private +bigwhitevanfbi.com=/etc/haraka/dkim/bigwhitevanfbi.com.private +idonthaveabig.wang=/etc/haraka/dkim/idonthaveabig.wang.private +idonthaveabigwang.com=/etc/haraka/dkim/idonthaveabigwang.com.private diff --git a/src/email_server/config/plugins b/src/email_server/config/plugins index 4df9da9..e18c002 100644 --- a/src/email_server/config/plugins +++ b/src/email_server/config/plugins @@ -12,7 +12,8 @@ # status # process_title # syslog -# watch +watch +karma # CONNECT # ---------- @@ -42,7 +43,7 @@ # MAIL FROM # ---------- mail_from.is_resolvable -# spf +spf # RCPT TO # ---------- @@ -56,7 +57,8 @@ rcpt_to.in_host_list # attachment # bounce # clamd -# dkim +dkim +tls # headers # limit # rspamd @@ -64,9 +66,7 @@ rcpt_to.in_host_list # uribl # QUEUE -# ---------- -# queues: discard qmail-queue quarantine smtp_forward smtp_proxy -# Queue mail via smtp - see config/smtp_forward.ini for where your mail goes rcpt_to.in_host_list queue/store_message -limit \ No newline at end of file +limit +dkim_sign \ No newline at end of file diff --git a/src/email_server/config/smtp.ini b/src/email_server/config/smtp.ini index b02a15d..0834d5b 100644 --- a/src/email_server/config/smtp.ini +++ b/src/email_server/config/smtp.ini @@ -1,58 +1,7 @@ -; address to listen on (default: all IPv6 and IPv4 addresses, port 25) -; use "[::0]:25" to listen on IPv6 and IPv4 (not all OSes) -listen=[::0]:2525 - -; Note you can listen on multiple IPs/ports using commas: -;listen=127.0.0.1:2529,127.0.0.2:2529,127.0.0.3:2530 - -; public IP address (default: none) -; If your machine is behind a NAT, some plugins (SPF, GeoIP) gain features -; if they know the servers public IP. If 'stun' is installed, Haraka will -; try to figure it out. If that doesn't work, set it here. +listen=[::0]:25 public_ip=0.0.0.0 outbound=false - -; Time in seconds to let sockets be idle with no activity -;inactivity_timeout=300 - -; Drop privileges to this user/group -; user=smtp -; group=smtp - -; Don't stop Haraka if plugins fail to compile -;ignore_bad_plugins=0 - -; Run using cluster to fork multiple backend processes -; Ref: https://github.com/haraka/Haraka/wiki/Performance-Tuning -;nodes=cpus - -; Daemonize -;daemonize=true -;daemon_log_file=/var/log/haraka.log -;daemon_pid_file=/var/run/haraka.pid - -; Spooling -; Save memory by spooling large messages to disk -;spool_dir=/var/spool/haraka -; Specify -1 to never spool to disk -; Specify 0 to always spool to disk -; Otherwise specify a size in bytes, once reached the -; message will be spooled to disk to save memory. -;spool_after= - -; Force Shutdown Timeout -; - Haraka tries to close down gracefully, but if everything is shut down -; after this time it will hard close. 30s is usually long enough to -; wait for outbound connections to finish. -;force_shutdown_timeout=30 - -; SMTP service extensions: https://tools.ietf.org/html/rfc1869 -; strict_rfc1869 = false - -; Advertise support for SMTPUTF8 (RFC-6531) -;smtputf8=true - ; Security & stability daemonize=false daemon_log_file=/var/log/haraka.log