SMLMP - Simple Mailing List Management Program ============================================== SMLMP is a simple mailing list management program designed to be used on the same system as a Postfix MTA. It is written in the Python programming language, but is currently incomplete and under development. WARNING: This program is currently in pre-alpha development quality. Do not use it in important production environments. It also hasn't got any security audits. Use the most recent tag if you actually want to run the program; the HEAD is doomed to be unstable. Configuration requirements -------------------------- TODO: Write this part in more detail. Dependencies ------------ * dkimpy (python3-dkim on Debian) * Python 3.10 or above This means that this program will not work on Debian 11 bullseye or older. Upgrade your system. Implemented features -------------------- * Forward bounces to the postmaster * Basic forwarding of incoming mail that match configured lists * Sender validation: Allow lists to configure if they accept emails from everyone, just list members, or just moderators * List-related headers * DMARC: Carefully track header changes, never touch message content * Archive option sends things over to public-inbox Untested features ----------------- * Action addresses: example+unsubscribe@example.org, example+subscribe@example.org Developing features ------------------- None at the moment. Future features --------------- * Web interface for subscribers (flask?) * Allow emails to be put on a moderation queue, and allow moderators to interact with these emails. * Anti-spam * Allow reading alternate configuration file via a command-line option Bugs ---- * CRITICAL: "Relay access denied" * What sendmail() options should we use? * The flock is automatically released when the Python process that creates it dies. If the process dies in the middle of writing, it might leave a corrupted file, and since the lock is released we won't be able to detect that. * Potential race condition when writing the database? * Currently, the domain-part of all handled mailing lists must match the domain-part of the email address that smlmp directly handles. I don't think this is a protocol limitation, it's an artefact of how I pass around mailing list names. * Vulnerability surrouding public-inbox: A malicious user who wishes to inject content into the list archive's public-inbox may directly send an email to public-inbox's user, setting the List-ID header to one that public-inbox expects. This is not a problem with SMLMP but arises in common configurations. * Check for edge cases everywhere! License ------- This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program, it should be a file called "LICENSE" in the same directory as this "README". If you don't have the license file for some reason, you may find the license on https://www.gnu.org/licenses/. This program incorporates some code from other programs, by other copyright holders, under a permissive license compatible with the GNU AGPL. This includes: * The parse_dkim_header function in smlmp/common.py. In this case, my modifications in that function is still licensed under the relevant permissive license, which I have put in the comments of the function's source.