This is a work in progress implementation of RFC 5321 (SMTP) and some other standards that make the current E-mail safe and usable. It should not be used in production at this point. This software can receive and relay mails with open relay blocking and has support for AUTH and STARTTLS.
For now this software works only on Linux. To build it you need to have the Rust toolchain installed, as well as PAM development libraries. To build it run
cargo build --release
cargo build --bin pam_helper --releaseCreate user patine and group mailwriters. Add patine to
mailwriters. In your sudoers file add the following line:
patine ALL=(ALL) NOPASSWD: /absolute/location/to/pam_helper
this will allow Patine to authenticate using PAM.
To run this program you will need to get TLS certificates.
You can use Let's Encrypt.
Place the certificates in certs folder located at the same level as
the Patine binary. Name the certificate cert.pem and the private
key cert.key.pem.
There are 5 required environment variables you will need to set:
MAILDIR_ROOT- Where each user's mails are storedDOMAIN- The domain of the mailRELAY_PORT- Relaying port (Strongly recommend 25)SUBMISSION_PORT- Submission port (Strongly recommend 587)PAM_HELPER_PATH- Absolute location of thepam_helper
Patine utilises PAM (Pluggable Authentication Modules). That means that the AUTH command authenticates submission mail if the supplied login and password can be used to log in to a Linux account.
The create-mailbox.shand remove-mailbox.sh will create
or remove the user with the supplied name and password,
as well as create the mail directory in the
Maildir standard. This defaults to /var/mail/$username.
Once all setup is complete run
tmux
sudo -u patine ./patineRemember to allow SUBMISSION_PORT and RELAY_PORT in
your firewall.
I recommend using Dovecot, this will definetly work. You will need to use Maildir. Dovecot also uses PAM, which is convenient. You can use the same certificates as earlier for TLS. I recommend IMAP over POP3.