SMLMP - Simple Mailing List Management Program
==============================================
SMLMP is a simple mailing list management program designed to be used on
the same system as a Postfix MTA. It is written in the Python
programming language, but is currently incomplete and under development.
WARNING: This program is currently in pre-alpha development quality.
Do not use it in important production environments. It also hasn't got
any security audits. Use the most recent tag if you actually want to
run the program; the HEAD is doomed to be unstable.
Configuration requirements
--------------------------
TODO: Write this part in more detail.
Dependencies
------------
* dkimpy (python3-dkim on Debian)
* Python 3.10 or above
This means that this program will not work on Debian 11 bullseye or
older. Upgrade your system.
Implemented features
--------------------
* Forward bounces to the postmaster
* Basic forwarding of incoming mail that match configured lists
* Sender validation: Allow lists to configure if they accept emails from
everyone, just list members, or just moderators
* List-related headers
* DMARC: Carefully track header changes, never touch message content
* Archive option sends things over to public-inbox
Untested features
-----------------
* Action addresses:
example+unsubscribe@example.org, example+subscribe@example.org
Developing features
-------------------
None at the moment.
Future features
---------------
* Web interface for subscribers (flask?)
* Allow emails to be put on a moderation queue, and allow moderators to
interact with these emails.
* Anti-spam
* Allow reading alternate configuration file via a command-line option
Bugs
----
* CRITICAL: "Relay access denied"
* What sendmail() options should we use?
* The flock is automatically released when the Python process that
creates it dies. If the process dies in the middle of writing, it
might leave a corrupted file, and since the lock is released we won't
be able to detect that.
* Potential race condition when writing the database?
* Currently, the domain-part of all handled mailing lists must match the
domain-part of the email address that smlmp directly handles. I don't
think this is a protocol limitation, it's an artefact of how I pass
around mailing list names.
* Vulnerability surrouding public-inbox: A malicious user who wishes to
inject content into the list archive's public-inbox may directly send
an email to public-inbox's user, setting the List-ID header to one
that public-inbox expects.
This is not a problem with SMLMP but arises in common configurations.
* Check for edge cases everywhere!
License
-------
This program is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or (at
your option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero
General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program, it should be a file called "LICENSE" in the
same directory as this "README". If you don't have the license file for
some reason, you may find the license on https://www.gnu.org/licenses/.
This program incorporates some code from other programs, by other
copyright holders, under a permissive license compatible with the GNU
AGPL. This includes:
* The parse_dkim_header function in smlmp/common.py.
In this case, my modifications in that function is still licensed under
the relevant permissive license, which I have put in the comments of the
function's source.
