Age | Commit message (Collapse) | Author |
|
|
|
- Resolves: #7271
|
|
|
|
--use-leap-wheels sets --trusted-host (remove it when we have a proper
cert) and WHEELHOUSE to https://ftp.lizard.leap.se
Until we get ftp.lizard cname, use lizard as the wheels server.
|
|
|
|
- Resolves: #5959
|
|
- Closes: #6859
- Related: #6942
|
|
- Related: #7565
|
|
|
|
- Resolves: #7272
|
|
Some refactor on the couchdb usage was needed to be able to mock
couchdb.
- Resolves: #7435
|
|
- Resolves: #7439
|
|
currently, mx services are being bound to all the interfaces.
- Resolves: #7348
|
|
generate_wheels uses $WHEELHOUSE to generate and store the wheels for
requirements.pip and requirements-testing.pip (if it exists).
pip_install_requirements.sh installs requirements.pip from them if
possible (if not, then it fetches them from pypi) or, if passed the
--testing flag, it installs requirements-testing.pip.
- Related: 7327
|
|
|
|
|
|
- update pip
- install base reqs
|
|
this is part of a process to make the setup of the development mode less
troublesome. from now on, setting up a virtualenv in pure development
mode will be as easy as telling pip to just install the external
dependencies::
pip install -r pkg/requirements.pip
and traversing all the leap repos for the needed leap dependencies doing::
python setup.py develop
- Related: #7288
|
|
Currently, we don't want to log to syslog, because the platform has to be
modified before we can do that (see #6942). In the future, we might want to
log to syslog only, or make it optional depending on the contents of
/etc/default/leap_mx. For now we just remove twistd's --syslog option from the
initscript.
Closes: #6937.
|
|
|
|
Change the virtual alias map and the access recipien access checker log
messages so they match postfix's configuration statements.
|
|
There are some reasons to remove the initscript from the python package:
1. To include the initscript it in the python package it is necessary to
assume a lot of things about the system in which the package would be
installed.
2. The debian packaging system will correctly create an initscript by
itself.
3. We don't have to maintain 2 different setup.py files (one in
master/develop branch and another in debian package branches).
|
|
Releases: 0.6.2
|
|
|
|
|
|
I'm updating (1) some very outdated doc from when the program was not yet
written, and (2) some small stuff inside classes docstrings.
|
|
If we do not adhere to the standads, we may have a lot of problems when
bouncing a message. This commit implements a bounce message according to:
* RFC 6522 - The Multipart/Report Media Type for the Reporting of Mail
System Administrative Messages
* RFC 3834 - Do not bounce for unknown or invalid addresses.
* RFC 3464 - An Extensible Message Format for Delivery Status Notification.
Closes: #6858.
|
|
Before this commit, the mail receiver system used to compare the domain of the
delivery addresses found in the "Delivered-To" header to find out the final
delivery address. If we assume that the mail server delivery to the spool mail
directory was correct, then we have two facts: (1) the topmost "Delivered-To"
header is the one that indicates the correct final delivery address; and (2)
we should expect the address to be <uuid>@<domain> because of the earlier
alias resolve query made by the mail server.
Another problem is that the domain comparison would compare whatever is in the
"Delivered-To" header with whatever the python's socket module would return,
which depends on the values on /etc/hosts and the order of the values in that
file. This was causing problems whenever the platform made changes in
/etc/hosts.
So this commit eliminates the domain check and gets the uuid from the first
"Delivered-To" header found in the message.
Related: #6858.
|
|
This commit changes the bounce message sender address to be
MAILER-DAEMON@domain, instead of bounce@domain.
Related: #6858.
|
|
This fixes a bug introduced on b0ef529cc882a96903597fb5279919969fa286c3, when
the alias resolver was modified to return the user's address instead of the
uuid.
In order to fix this, I had to revert one of the changes made by the commit
above, which is to don't make use of reduced view for the uuid query. The
pgp public key query remains reduced, as implemented in the commit above.
We also refactor the code a bit to allow for log messages specific to each of
tcp map's sublasses.
Related: #6858.
|
|
The bounce message was using the original message's "From:" header instead of
the "To:" header to indicate the original recipient. This commit fixes that.
Closes: #6854.
Releases: 0.6.2, 0.7.0
|
|
The way uuid and pgp key were being queried by means of couch views was not
efficient because they weren't using the reduce function and were filtering
the views results in the python code. Also, the uuid is not actually needed to
find out either if the address exists or if there's a pgp public key for that
address. This commit refactors the couch helper to make use of the reduce
functions in queried views and to get rid of the intermediate uuid querying.
|
|
In order to minimize the number of couchdb queries and the number of mx
lookups in case of junk mail this commit restricts the pgp key lookup to the
access check server (and removes it from the alias server).
Closes: #6795.
|
|
Because in CDO we trust.
|
|
Separate the common tcp map server code, used for both alias resolver and
recipient access checker, to its own file.
|
|
Implement a PGP key lookup in the postfix smtp recipient restriction and
virtual alias mapping levels. If no PGP key is found, then the address is
rejected with a temporary error.
Closes: #6795
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
_build_key_from_gpg in keymanager has changed
|
|
|
|
|
|
develop
|
|
|
|
|