-
Notifications
You must be signed in to change notification settings - Fork 23
[Daemon] mail server
The mail server forwards incoming mails as-is to your personal mail address(es). The server does not by itself store any mail. For communication secrecy, the server supports StartTLS operation and identifies itself with a TLS certificate.
To reduce spam, the mail server filters sending IPs through these popular pre-defined DNS-based blocklists:
- "b.barracudacentral.org",
- "cbl.abuseat.org",
- "dnsbl-1.uceprotect.net",
- "dnsbl-2.uceprotect.net",
- "dnsbl-3.uceprotect.net",
- "spam.dnsbl.sorbs.net",
- "ix.dnsbl.manitu.net",
- "truncate.gbudb.net",
- "zen.spamhaus.org",
- "noptr.spamrats.com",
- "spam.spamrats.com",
- "spam.dnsbl.anonmails.de",
- "psbl.surriel.com",
- "z.mailspike.net",
- "bl.mailspike.net",
- "dnsbl.kempt.net",
Blocked mails will show up in program log instead of being forwarded to your personal mail address(es).
The mail server is also capable of executing password-protected app commands and mail the command response back to the sender.
In order for an Internet user to successfully send mails to your domain names, they must be covered by a DNS hosting service. If the concept sounds unfamiliar, check out this article from Amazon Web Service: What is DNS.
DNS hosting providers usually charge ~ 1 USD per domain name per month. If you are looking for a provider, check out:
After signing up for DNS hosting service, they will give you a set of NS addresses (usually four) for each domain. Then you need to let Domain Registrar know by giving the NS addresses to each domain name's configuration; it takes up to 24 hours for this change to propagate through the Internet.
The laitos DNS server is a DNS relay, it is not a DNS hosting service.
Construct the following JSON object and place it under JSON key MailDaemon
in configuration file:
Property | Type | Meaning | Default value |
---|---|---|---|
MyDomains | array of strings |
Domain names to receive mails for.
Example: ["my-blog.net", "my-homepage.org"]. |
(This is a mandatory property without a default value) |
ForwardTo | array of strings |
Forward incoming mails to these addresses.
Example: ["[email protected]", "[email protected]"]. |
(This is a mandatory property without a default value) |
Address | string | The address network to listen on. | "0.0.0.0" - listen on all network interfaces. |
Port | integer | UDP port number to listen on. | 25 - the well-known port number designated for mail service (SMTP). |
PerIPLimit | integer | Maximum number of mails a client (identified by IP) may deliver to this server in a second. | 4 - good enough to prevent flood of spam |
TLSCertPath | string |
Absolute or relative path to PEM-encoded TLS certificate file.
The file may contain a certificate chain with server certificate on top and CA authority toward bottom. |
(Not enabled by default) |
TLSKeyPath | string | Absolute or relative path to PEM-encoded TLS certificate key. | (Not enabled by default) |
Here is a minimal setup example that enables TLS as well:
{ ... "MailDaemon": { "ForwardTo": ["[email protected]", "[email protected]"], "MyDomains": ["my-home.example.com", "my-blog.example.com"], "TLSCertPath": "/root/example.com.crt", "TLSKeyPath": "/root/example.com.key" }, ... }
The mail server is also capable of executing password-protected app commands and mail the command response back to the sender:
- Follow command processor to construct configuration for
JSON key
MailFilters
. - Follow outgoing mail configuration to construct configuration for sending mail replies.
Here is an example:
{ ... "MailDaemon": { "ForwardTo": ["[email protected]", "[email protected]"], "MyDomains": ["my-home.example.com", "my-blog.example.com"], "TLSCertPath": "/root/example.com.crt", "TLSKeyPath": "/root/example.com.key" }, "MailFilters": { "PINAndShortcuts": { "Passwords": ["VerySecretPassword"], "Shortcuts": { "watsup": ".eruntime", "EmergencyStop": ".estop", "EmergencyLock": ".elock" } }, "TranslateSequences": { "Sequences": [ ["#/", "|"] ] }, "LintText": { "CompressSpaces": false, "CompressToSingleLine": false, "KeepVisible7BitCharOnly": false, "MaxLength": 4096, "TrimSpaces": false }, "NotifyViaEmail": { "Recipients": ["[email protected]"] } }, ... }
Tell laitos to run mail daemon in the command line:
sudo ./laitos -config <CONFIG FILE> -daemons ...,smtpd,...
At your DNS hosting provider, create or modify a DNS "MX" entry for each of MyDomains
. The entry must look like:
- DNS name:
my-domain-name.net
- Record type:
MX
- Time to live (TTL): leave at default or
5 minutes
- Value (preference and mail server):
10 laitos-server-public-IP
Here are couple of examples involving, assuming that laitos server is on 123.234.123.234
:
DNS name | Record type | Time to live (TTL) | Value | Remark |
---|---|---|---|---|
my-domain-name.net | MX | 5 minutes | 10 123.234.123.234 | Domain name example |
my-home.example.com | MX | 5 minutes | 10 123.234.123.234 | Sub-domain example |
my-blog.example.com | MX | 5 minutes | 10 123.234.123.234 | Another sub-domain example |
Wait up to an hour for new DNS records to propagate through the Internet.
Send a test mail with subject, text, and attachments to any name under MyDomains
(e.g. [email protected]
). Wait
a short moment, check the inbox on any of ForwardTo
address (e.g. [email protected]
), the test mail should arrive at
all of the ForwardTo
addresses.
To invoke an app command, compose a plain text email to laitos server using an arbitrary subject text, write down the password PIN and app command in the mail body, and send it to laitos server. A short moment later, the command execution result will be mailed back to the sender.
- Occasionally your mail provider (such as Gmail) may consider legitimate mails forwarded by laitos as spam, therefore please check your spam folders regularly.
- Many Internet domain names use DMARC to protect their business from mail spoofing.
Though laitos usually forwards the verbatim copy of incoming mail to you, DMARC makes an exception - laitos has to change
the sender from
[email protected]
toname@protected-domain-laitos-nodmarc-###.com
where hash is a random digit. Otherwise your mail provider will discard the mail silently - without a trace in spam folder. - Some mail providers and clients (such as Gmail on the web) automatically attaches a plain-text copy of the rich-text mail content when sending it. When receiving this kind of mail, the laitos mail server will be smart enough to pick up the plain-text copy and look for app command to execute there.
Table of Contents
- Home
- Get started
- Component list
- Tips for running on public cloud
- Tips for using apps over satellite
- laitos terminal
Daemon Components
- DNS server
- Mail server
- Web server
- Web proxy server
- Telnet server
- Telegram chat-bot
- Simple IP services server
- SNMP server
- System maintenance
- Phone home telemetry
Web Service Components
- Twilio telephone/SMS hook
- Microsoft chat bot hook
- The Things Network LORA tracker integration
- Recurring commands
- App command form
- Simple app command execution API
- GitLab browser
- Temporary file storage
- Simple web proxy
- Desktop on a page (virtual machine)
- Read telemetry records
- Program health report
- System process explorer
- Prometheus metrics exporter
- HTTP request inspector
- HTTP request logger
Apps