Wonderbolt LDA ============== Wonderbolt is a config based email modifier, acting as local delivery agent and resubmitting emails via SMTP after modification. Wonderbolt's main purpose is to enable simple email lists with external management of subscribers. - Depends: python >= 3.4 - Recommends: python3-systemd Command-Line Options -------------------- --config file Required. This option takes one or more paths to config files. Later config files overwrite values from earlier ones. --sasl-username username Optional. See config option ``require_sasl_username``. Configuration Options --------------------- All configuration options are optional. However, you probably want to change an option like ``envelope_rcpt_to`` to avoid loops. :bounce_from: *string* or ``null`` The *From* header that is used for bounce messages generated by Wonderbolt. If not specified or ``null``, the header is set to *Mail Delivery System *, where *hostname* is replaced by the configured ``hostname``. :envelope_mail_from: *string* or ``null`` Bounce address for the new delivery of the email. If this setting is ``null``, it will be derived from the *From* email header. :envelope_rcpt_to: *list of strings* or ``null`` Recipients for new delivery of the email. If this setting is ``null``, it will be derived from the *To* email header. :header_add: *mapping* Adds header values without removing/changing existing header lines. Performed after ``header_replace`` and ``header_add_if_missing``. Therefore, ``header_add`` adds a header a second time if key overlaps with ``header_replace`` and/or ``header_add_if_missing`` are present. :header_add_if_missing: *mapping* Adds header values only if header with the given key does not exist. Performed after ``header_replace``, but before ``header_add``. Therefore, ``header_add`` adds a header a second time if key overlaps with ``header_add_if_missing`` are present. :header_replace: *mapping* Removes all existing headers with the given keys and adds the new values. :hostname: *string* The configured hostname is used in the content of bounce messages generated by Wonderbolt and is part of the default value for the ``bounce_from`` option. :reject_msg_requirements: *string* Error message used if emails are rejected by Wonderbolt due to violated ``require_`` configurations. This message is usually contained in a bounce message generated by the MTA and delivered to the sender afterwards. :require_from: *list of strings* or ``"envelope_rcpt_to"`` or ``false`` Enables to reject mails if the *From* email header does not fulfill a condition. - *list of strings*: *From* must be contained in this list. - ``"envelope_rcpt_to"``: *From* must be contained in the ``envelope_rcpt_to`` list. If this option is set, ``envelope_rcpt_to`` must be set and not ``null``. - ``false``: Disables checks (default). :require_sasl_username: *list of strings* or ``"envelope_rcpt_to"`` or ``false`` Enables to reject mails if the SASL username does not fulfill a condition. Same parameters as for ``require_from``. For this feature to work, ``--sasl-username`` has to be specified on delivery. .. note:: While this feature is named after the SASL (Simple Authentication and Security Layer), there is no aspect of the implementation that limits the functionality to this exact authentication protocol. :sasl_recipient_delimiter: *string* Recipient delimiters only affect the interpretation of ``envelope_rcpt_to`` if ``require_sasl_username`` is set to this value. The local part of all recipients is stripped from all characters occurring after a first delimiter for comparing with the SASL username. This option should be set to the same value as the ``recipient_delimiter`` option of the postfix server. Every character in the string is treated as a delimiter. An empty string (default) corresponds to no delimiters. :smtp_server: *string* SMTP server via which the email is submitted. Default is "localhost:25". Configuration Examples ---------------------- Example of a wonderbolt config without a specific use case. .. code:: json { "reject_msg_requirements": "Rejected due to unprivileged SASL user", "header_add": { "X-Header-1": 1, "X-Header-3": "Value 3" }, "header_replace": { "X-Header-1": "Value 1", "X-Header-2": "Value 2" }, "envelope_mail_from": "Bounce To ", "envelope_rcpt_to": [ "User Name ", "user2@example.org" ], "require_from": false, "require_sasl_username": "envelope_rcpt_to", "smtp_server": "mail.example.com:25" } Complete Mailing List under Postfix ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *master.cfg* .. code:: wonderbolt unix - n n - - pipe flags=Ohu user=wonderbolt:wonderbolt argv=/usr/local/bin/wonderbolt.py --config /etc/wonderbolt/${nexthop}.json --sasl-username ${sasl_username} *main.cfg* .. code:: cfg wonderbolt_destination_recipient_limit = 1 */etc/wonderbolt/list@example.org.json* .. code:: json { "envelope_mail_from": "list+bounce@example.org", "envelope_rcpt_to": [ "listadmin@example.org", "user1@example.com", "user2_lists@example.com" ], "header_add_if_missing": { "List-Id": "", "List-Post": "", "Precedence": "bulk" }, "header_replace": { "List-Help": "", "List-Owner": "", "List-Subscribe": "", "List-Unsubscribe": "" }, "require_sasl_username": "envelope_rcpt_to", "sasl_recipient_delimiter": "_" } .. note:: The choice of which headers are kept and which are replaced is made such that the list should conform with all currently applicable RFCs. This configuration follows `RFC 2919 `__ by not removing the *List-Id* of a *"parent" mailing list* by not removing any *List-Id*. Since it is hard to tell what an *unexpected source* for such a header is, it does pass a given *List-Id* through to the list in any case, which violates a *SHOULD NOT* of this RFC. It further follows `RFC 2369 `__ by replacing the *List-Help*, *List-Owner*, *List-Subscribe* and *List-Unsubscribe* headers. The *List-Post* header could also be replaced. *maps/aliases* (postfix ``virtual_alias_maps``) :: list+bounce@example.org listadmin@example.org .. note:: This aliasing of the list-admin address is done to use it as an envelope sender, which does not conflict with any sender policies defined by via the SPF and similar mechanisms. *maps/transport* (postfix ``transport_maps``) :: list@example.org wonderbolt:list@example.org See also -------- `pipe(8) `__, Postfix delivery to external command Dedication ---------- :: ooooooo oO0.....00OOOoo oO0...........0Oo oO000000000000000000o o00Ooo000000000000000000OoOOo 0....000000000000000000000o ...........0000000000000000o 0...............000..00000000o oOoO0OO..................O..0Oo0oooooo O........0.....0OOooo..O0....O 0O 00OO0.......000....00o ooO.::.......o O............000.....00o O.:.......0 O...........000000......0......00oo o0.........000000000...........0o o0........0000000.......0OOoo OOOO0.......0O0000000......0o oooo O............0OO000000.......O o0....0O oO...........0OO000000.......00OO........0o oO.........0OO00.00..............00....0o o0.......OOO0..0............0oo......0 O........0OO.................o 0......o O0.......00.................0 O0...0 ooooooooo oo0.......................o ooo oOOOOOOOOOOO000OOOoo 0::...................... OOOOOOOOO000000000000000...0.............Oo0....O OOOOOOO000000...........................Oo oOOo oO oOOO00000.::..00OOoooO00...........0o 0OO00000::.000Oo 0.............0o 0OO0000.:.0000 o............0o OOO0000.:.0000o o..........0 OOO0000.:.00OOo O..........o OOO0000::.00ooo o..........0 oOO0000.:.00O o...........O OO0000.:.000o oO0.........O oO00000.:.OOO 0.......0o oO0000.:.ooOo oO00....0o oO000.:.o oO oOO0.:0 o o O.0 Oo GitLab Thumbnail Copyright `BlackGryph0n `__ Licensed under `CC BY-NC 3.0 `__