umbrellixbsd:mxf

MXF/NightmareMail is a fork of Notqmail.

Changes to notqmail that make notqmail NightmareMail are licenced to you, the user, as termed in doc/LICENCE.mxf. This is similar to the CDDL, except there is a resumptibility clause.

Notqmail itself appears to be available under the Unlicense.

NightmareMail (service resource locator: net.umbrellix.mail.mxf) is a mailer daemon for the 21st century operating system integrator. It's small, it's light on system resources, and stable tags are backed by a USD50* security guarantee from ellenor at site umbrellix.net if you can prove that the bug comes from NightmareMail or our upstream notqmail. Other than the amount and the provider, the terms of the guarantee are identical to the security guarantee that was provided with qmail.

Nightmare Mail is also known as MxF, as it'll be included in New Vision, the working codename for the Falsix operating system, and is our default Mail eXchanger Service. (Mail eXchanger for Falsix)

* Void where prohibited by law. Bitcoin is used as the payment method. If the value of 1/6 of my savings account is higher than USD50, you will receive the higher amount for successfully triggering a security guarantee payment. Local holes experienced by sealed servers will receive 1/2 the guaranteed amount. Shell server users are backed by the full guarantee. Only the first reporter of a specific bug may get the guaranteed amount.

Over and above notqmail? None yet.

We plan on adding, in the future:

  • 21st-century RBL support, with IPv4 and IPv6. Most RBLs in the 21st century use an A record to indicate that an address is listed, not a TXT record as they did in 1997. rblsmtpd, part of Dan Bernstein's ucspi-tcp program, isn't set up to handle this. It also rejects rbl'd users who may be rbl'd because they're on dialup. “Dialup” in MTA admin terms nowadays can mean fibre-optic access, but it's still dialup. We've received a licence from the developer of qmail-dnsbl which permits us to integrate and modify that patch for this purpose.
  • Modern, pure BSD-make build system, for inclusion in the New Vision integration New Vision is Umbrellix' fork of HardenedBSD. As its name suggests, we intend to pursue a New Vision in BSD system design. Many of the programs we wish to use to do that currently have build systems written in GNU Make. We do not include GPL'd software in the base system, for licensing reasons (many FreeBSD components are under the CDDL). As far as I know, MxF is currently built with a djb custom build system, which is inflexible to the needs of modern sites. Our recommended startTLS frontend, from the venerable Laurent Bercot from skarnet.org, uses GNU Make too. GNU-free build systems will be part of the New Vision project.
  • mxf-lmtpc - QMQP client, but speaking LMTP instead of QMQP. In the modern day, many sites use local delivery solutions from Dovecot or other IMAP servers, which also support Maildir. These LDAs as they're called often speak LMTP, which is a protocol used for intra-site email delivery similar to QMQP. Easing the transition away from Postfix for sites like this - sites like Umbrellix - is a high priority of NightmareMail.
  • QMQP over SSH. QMQP is an intrasite protocol like LMTP. It doesn't use transport security and shouldn't be exposed to anonymous hosts. Hey! That's something ssh can alleviate. ssh provides both transport security and public key authentication to front the qmqp server. Support for firing off a QMQP over SSH connection, analogous to UUCP over SSH used in many satellite site configurations, will be added, perhaps via a generic pipe mechanism.
  • mxf-configengine - single-file configuration compilation Let's face it: qmail control files are a bit harder to work with than the kinds of configuration files you may be used to. Luckily, most are one line long, and all are flat-formatted. We can use this to our advantage by reading a file in rough .ini format, and writing the values in that file to mxf control files, should you prefer single file configuration over control files. configengine will optionally be able to signal net.umbrellix.mail.mxf services to change state through (s6-)svc if a configuration option they only read at boot, or only read on hangup, has been changed. This'll make your life as an email admin much easier.
  • umbrellixbsd/mxf.txt
  • Last modified: 3 weeks ago
  • by ellenor2000