6c64723d7c
Currently read_password does not verify password length. But further down the chain, passwords are checked to make sure they are longer than four characters. If during initial setup, the user enters a password that is shorter than four characters, this will not be caught here, but when the script actually calls management/mailconfig.py to add the user, it will fail without a chance to correct the short password. The setup script will then continue without an inital user being created and this will confuse users. |
||
---|---|---|
conf | ||
management | ||
setup | ||
tests | ||
tools | ||
.gitignore | ||
CHANGELOG.md | ||
CONTRIBUTING.md | ||
LICENSE | ||
README.md | ||
Vagrantfile |
Mail-in-a-Box
By @JoshData and contributors.
Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.
Please see https://mailinabox.email for the project's website and setup guide!
I am trying to:
- Make deploying a good mail server easy.
- Promote decentralization, innovation, and privacy on the web.
- Have automated, auditable, and idempotent configuration.
- Not be a mail server that the NSA cannot hack.
- Not be customizable by power users.
The long-term goal is to have this be a one-click email appliance with no user-configurable setup options.
For more background, see The Rationale.
This setup is what has been powering my own personal email since September 2013.
The Box
Mail-in-a-Box turns a fresh Ubuntu 14.04 LTS 64-bit machine into a working mail server, including SMTP (postfix), IMAP (dovecot), Exchange ActiveSync (z-push), webmail (Roundcube), spam filtering (spamassassin), greylisting (postgrey), CardDAV/CalDAV (ownCloud), DNS, SPF, DKIM (OpenDKIM), DMARC, DNSSEC, DANE TLSA, SSHFP, and basic system services like a firewall, intrusion protection, and setting the system clock.
The Acknowledgements
This project was inspired in part by the "NSA-proof your email in 2 hours" blog post by Drew Crawford, Sovereign by Alex Payne, and conversations with @shevski, @konklone, and @GregElin.
Mail-in-a-Box is similar to iRedMail and Modoboa.
The History
- In 2007 I wrote a relatively popular Mozilla Thunderbird extension that added client-side SPF and DKIM checks to mail to warn users about possible phishing: add-on page, source.
- Mail-in-a-Box was a semifinalist in the 2014 Knight News Challenge, but it was not selected as a winner.
- Mail-in-a-Box hit the front page of Hacker News in April and September 2014.