9 releases (5 stable)
| 1.2.2 | Jan 30, 2022 |
|---|---|
| 1.2.0 | Aug 4, 2021 |
| 1.1.0 | Feb 6, 2021 |
| 1.0.1 | Aug 24, 2020 |
| 1.0.1-snapshot | Aug 13, 2020 |
#244 in Email
76 downloads per month
60KB
334 lines
samotop-server 1.2.2-dev
You can run your own privacy focussed, resource efficient mail server. Samotop docker image is available for your convenience.
Status
General
- Tiny docker image - only contains statically compiled samotop and openssl, no OS clutter.
Common (MDA/MTA/MSA)
- The server will receive mail and write it to a given maildir folder. Another program can pick the folder and process it further.
- STARTTLS can be configured if you provide a cert and identity file.
Mail delivery agent (MDA)
- Encryption at rest
- Accounts
- LMTP
- Sockets
Mail transfer agent (MTA)
- Mail relaying
- Antispam features:
- SPF - refuse mail with failing SPF check
- Greylisting
Mail submission agent (MSA)
- Authentication
Installation
- Using cargo:
cargo install samotop-server - Using docker:
docker pull brightopen/samotop
Usage
- locally, run
samotop-server --helpfor command-line reference. - in docker, run
docker run --rm -ti samotop
Both should produce a usage information not too different from this:
samotop 1.2.0
USAGE:
samotop-server [FLAGS] [OPTIONS] --cert-file <cert file path> --identity-file <identity file path>
FLAGS:
-h, --help Prints help information
--no-tls Disable TLS suport
-V, --version Prints version information
OPTIONS:
-n, --name <SMTP service name> Use the given name in SMTP greetings, or if absent, use hostname
-b, --base-dir <base dir path> What is the base dir for other relative paths? [default: .]
-c, --cert-file <cert file path> Use this cert file for TLS. Disabled with --no-tls. If a relative path
is given, it will be relative to base-dir
--banner_delay <delay> Should we enforce prudent banner deleay? Delay is in miliseconds
-i, --identity-file <identity file path> Use this identity file for TLS. Disabled with --no-tls. If a relative
path is given, it will be relative to base-dir
-m, --mail-dir <mail dir path> Where to store incoming mail? If a relative path is given, it will be
relative to base-dir [default: inmail]
-p, --port <port>... SMTP server address:port, such as 127.0.0.1:25 or localhost:12345. The
option can be set multiple times and the server will start on all given
ports. If no ports are given, the default is to start on localhost:25
--command_timeout <timeout> Should we enforce prudent command timeout? Timeout is in miliseconds
TLS
You can run these openssl commands in docker as well. This will run an openssl with the current folder mounted under /data and that is also the work dir:
docker run --rm -ti -v "$PWD:/data/" -w "/data/" --entrypoint openssl samotop help
Generate a cert and ID with openssl:
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out Samotop.crt -keyout Samotop.key
Test STARTTLS:
openssl s_client -connect localhost:25 -starttls smtp
Debug with STARTTLS:
openssl s_client -connect localhost:25 -debug -starttls smtp
Other useful hints for TLS
For native-tls, you'd convert to pfx:
openssl pkcs12 -export -out Samotop.pfx -inkey Samotop.key -in Samotop.crt
Extracting pub key from cert:
openssl x509 -pubkey -noout -in Samotop.crt > Samotop.pem
License
MIT OR Apache-2.0
Contribution
Unless you explicitly state otherwise, any contribution submitted for inclusion in samotop projects by you, as defined in the Apache-2.0 license, shall be licensed as above, without any additional terms or conditions.
Dependencies
~23–38MB
~706K SLoC