Daemon which provides TLS client policy for Postfix via socketmap, according to domain MTA-STS policy
Project description
Daemon which provides TLS client policy for Postfix via socketmap, according to domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks some minor features:
Proactive policy fetch
Fetch error reporting
Fetch ratelimit
## Dependencies
Python 3.5.3+
aiodns
aiohttp
pynetstring
PyYAML
(optional) uvloop
pycares>=2.3.0
## Installation
### Method 1. System-wide install
Run in project directory:
`bash python3 -m pip install . `
Package scripts shall be available in standard executable locations upon completion.
### Method 2. Running from project directory
Installing dependencies:
`bash python3 -m pip install -r requirements.txt `
Now script can be run right from source directory.
#### pip user install
Both previous methods can be run with –user option of pip installer. In this case superuser privileges are not required and package shall be installed to user home directory. So, for first method script executabled will appear in ~/.local/bin.
### Method 3. Install into virtualenv
See “Building virtualenv”
## Building virtualenv
Run make in project directory in order to build virtualenv. As result of it, new directory venv shall appear. venv contains interpreter and all required dependencies, i.e. encloses package with depencencies in separate environment. It is possible to specify alternative path where virtualenv directory shall be placed. Specify VENV variable for make command. Example:
`bash make VENV=~/postfix-mta-sts-resolver `
Such virtual environment can be moved to another machine of similar type (as far python interpreter is compatible with new environment). If virtualenv is placed into same location on new machine, application can be runned this way:
`bash venv/bin/mta-sts-daemon `
Otherwise, some hacks required. First option - explicitly call virtualenv interpreter:
`bash venv/bin/python venv/bin/mta-sts-daemon `
Second option - specify new path in shebang of scripts installed in virtualenv. It is recommended to build virtualenv at same location which app shall occupy on target system.
## Configuration
See example config in source code directory. Default config location is: /etc/postfix/mta-sts-daemon.yml
## Postfix configuration
Add line like
` smtp_tls_policy_maps = socketmap:inet:127.0.0.1:8461:postfix `
into your main.cf config.
## Credits
Inspired by [this forum thread](http://postfix.1071664.n5.nabble.com/MTA-STS-when-td95086.html).
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file postfix_mta_sts_resolver-0.2.2.tar.gz.
File metadata
- Download URL: postfix_mta_sts_resolver-0.2.2.tar.gz
- Upload date:
- Size: 8.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.12.4 setuptools/40.4.3 requests-toolbelt/0.8.0 tqdm/4.26.0 CPython/3.5.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 8cbb42ef71d0141990fe8c8a7e187326d2c97537d7afe2fa02bb2d1b2d252904 |
|
| MD5 | 89a10a14e77e6ffd440cc10fd4b10d76 |
|
| BLAKE2b-256 | 3fe33326d80f096fdc46c8172a8532888ad8cc2c1867c49e5e35e28d7313d379 |
File details
Details for the file postfix_mta_sts_resolver-0.2.2-py3-none-any.whl.
File metadata
- Download URL: postfix_mta_sts_resolver-0.2.2-py3-none-any.whl
- Upload date:
- Size: 12.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.12.4 setuptools/40.4.3 requests-toolbelt/0.8.0 tqdm/4.26.0 CPython/3.5.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e4f7c769a30e0c38d599657ed8b703aa9bb79be4e419f3d814949a193b99dba5 |
|
| MD5 | 250b7101438c61bfcb4f3576eae796e8 |
|
| BLAKE2b-256 | c488b2bcf984c77e0b18bb28d7c08db5bc98b2dca206799b2deded71b59dd5bb |
