Futuristic SMTP INBOUND-only server for home usage. Inspired by Marinetti's RFC (AKA _Manifesto of Futurism_). It only serves a precise list of email address. No aliases. Everything else will be apparently accepted, and then discarded. So that, spammers will waste their time (and money). # REQUIREMENTS: - Golang version >= 1.13 - git # INSTALLATION First download the code into the folder you want to use with Golang ``` git clone https://git.keinpfusch.net/loweel/zangtumb.git go build -mod=vendor ./zangtumb to start the daemon , after setting the environment strings. ``` # CONFIGURATION zangtumb is designed be easy to dockerize. A reference pseudo-dockerfile could be: ```dockerfile FROM debian:stable-slim ##MAIN ENV KEYFILE "/certs/"mydomain.key" ENV CERTFILE "/certs/mydomain.crt" ENV DOMAINNAME "mydomain.tld" ENV LISTEN ":5025" ##SESSION ENV RECIPIENTS "recipients.conf" ENV MAILFOLDER "/zangmail" ##MAIN ENV USETLS="true" ## HERE WE GO RUN useradd -ms /bin/bash zangtumb RUN mkdir -p /opt/zangtumb RUN mkdir -p /zangmail COPY . /opt/zangtumb/ RUN chown -R zangtumb:zangtumb /opt/zangtumb RUN chown -R zangtumb:zangtumb /zangmail EXPOSE 5025 USER zangtumb WORKDIR /opt/zangtumb ENTRYPOINT ["/opt/zangtumb/zangtumb"] ``` everything is configured using ENV strings , as follows | ENV STRING | Example value | Meaning | | ---------- | --------------------- | ------------------------------------------------------------ | | KEYFILE | "/certs/mydomain.key" | Path for private key. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? | | CERTFILE | "/certs/mydomain.crt" | Path for certificate. Only needed when using TLS. Which means, well... it's your email. So you don't want to send it in clear, isn't it? | | DOMAINNAME | "mydomain.tld" | will declare this value on the banner. No impact on recipients. Used as CN in self-signed certificates | | LISTEN | ":5025" | Address to listen in golang format. This example will listen to port 5025 on all interfaces. You may specify a specific interface like "1.2.3.4:5025" | | RECIPIENTS | "recipients.conf" | File containing a list with email to serve. One mail address per line. Please notice, that pippo@pluto.com and pippo@paperino.com will end in the same mailbox, "pippo". | | MAILFOLDER | "/zangmail" | Root of mailfolder. Mail is stored in the default dovecot Maildir format, meaning in the example "/zangmail/%u/Maildir" . | | USETLS | "true" | Whether to force all to use TLS or not. yes. Do it. | Of course , if you put your certificatesinto /certs, (likethe example), this folder MUST exist. That's it. # FAQ - _This TLS behavior is violating RFC 2487_ - To give a shit of RFCs is a *de facto standard*. Zangtumb works, and no spammer will ever buy a certificate per each spambot. - _The minimal amount of recipients by RFC 5321 is 100. You reduced it._ - Yes. The reason is, we allow the ones we need. No more. This server is supposed to run inside a Raspberry, if needed. Call the RFC police, if you don't like. - _The example dockerfile is way too big. Why no multistage?_ - This is because is an example. An example must be easy to understand. An example must be _simple_. Even you should be able to understand it. Well.... ok. Let's say, even _Bob_ should. - _Why don't you use opensmtpd?_ - To make this server took less than dockerizing opensmtpd in a decent way. - _Why don't you use postfix/sendmail/qmail/courier_ - I serve 4 mailboxes in total. Why should I deploy all that complexity? Complexity != security. - _Silently discarrding email after pretending you've accepted is not nice. Perhaps, this will make your server to look like an open relay._ - Unfortunately, English cannot translate the correct answer, which is "esticazzi non ce lo scriviamo?". So I can't properly answer you. - _This golang code is not idiomatic. And there is no graphene, no quantum computing, no UI/UX and no horizontal scaling of Internet of Things with Artificial Intelligence of Big Data._ - Please, bring me a Frappuccino.