Updated configuration files

2024-09-20 07:16:18 +08:00 · 2024-01-19 19:10:31 +01:00 · 2024-01-19 19:10:31 +01:00 · d7d27063d8
parent 02faa04e27
commit d7d27063d8
10 changed files with 98 additions and 90 deletions
--- a/crates/directory/src/backend/ldap/lookup.rs
+++ b/crates/directory/src/backend/ldap/lookup.rs
@ -327,6 +327,13 @@ impl LdapMappings {
    fn entry_to_principal(&self, entry: SearchEntry) -> Principal<String> {
        let mut principal = Principal::default();
        tracing::debug!(
            context = "ldap",
            event = "fetch_princpal",
            entry = ?entry,
            "LDAP entry"
        );
        for (attr, value) in entry.attrs {
            if self.attr_name.contains(&attr) {
                principal.name = value.into_iter().next().unwrap_or_default();
--- a/crates/utils/src/config/utils.rs
+++ b/crates/utils/src/config/utils.rs
@ -481,11 +481,11 @@ impl ParseValue for Canonicalization {
 impl ParseValue for IpLookupStrategy {
    fn parse_value(key: impl AsKey, value: &str) -> super::Result<Self> {
        Ok(match value.to_lowercase().as_str() {
-            "ipv4-only" => IpLookupStrategy::Ipv4Only,
+            "ipv4_only" => IpLookupStrategy::Ipv4Only,
-            "ipv6-only" => IpLookupStrategy::Ipv6Only,
+            "ipv6_only" => IpLookupStrategy::Ipv6Only,
-            //"ipv4-and-ipv6" => IpLookupStrategy::Ipv4AndIpv6,
+            //"ipv4_and_ipv6" => IpLookupStrategy::Ipv4AndIpv6,
-            "ipv6-then-ipv4" => IpLookupStrategy::Ipv6thenIpv4,
+            "ipv6_then_ipv4" => IpLookupStrategy::Ipv6thenIpv4,
-            "ipv4-then-ipv6" => IpLookupStrategy::Ipv4thenIpv6,
+            "ipv4_then_ipv6" => IpLookupStrategy::Ipv4thenIpv6,
            _ => {
                return Err(format!(
                    "Invalid IP lookup strategy {:?} for property {:?}.",
--- a/resources/config/smtp/auth.toml
+++ b/resources/config/smtp/auth.toml
@ -4,25 +4,25 @@
 #############################################
 [auth.iprev]
-verify = [ { if = "listener", eq = "smtp", then = "relaxed" }, 
+verify = [ { if = "listener = 'smtp'", then = "relaxed" }, 
           { else = "disable" } ]
 [auth.dkim]
 verify = "relaxed"
-sign = [ { if = "listener", ne = "smtp", then = ["rsa"] }, 
+sign = [ { if = "listener != 'smtp'", then = "['rsa']" }, 
-         { else = [] } ]
+         { else = false } ]
 [auth.spf.verify]
-ehlo = [ { if = "listener", eq = "smtp", then = "relaxed" }, 
+ehlo = [ { if = "listener = 'smtp'", then = "relaxed" }, 
         { else = "disable" } ]
-mail-from = [ { if = "listener", eq = "smtp", then = "relaxed" }, 
+mail-from = [ { if = "listener = 'smtp'", then = "relaxed" }, 
              { else = "disable" } ]
 [auth.arc]
 verify = "relaxed"
-seal = ["rsa"]
+seal = "['rsa']"
 [auth.dmarc]
-verify = [ { if = "listener", eq = "smtp", then = "relaxed" }, 
+verify = [ { if = "listener = 'smtp'", then = "relaxed" }, 
           { else = "disable" } ]
--- a/resources/config/smtp/milter.toml
+++ b/resources/config/smtp/milter.toml
@ -3,7 +3,7 @@
 #############################################
 #[session.data.milter."rspamd"]
-#enable = [ { if = "listener", eq = "smtp", then = true }, 
+#enable = [ { if = "listener = 'smtp'", then = true }, 
 #           { else = false } ]
 #hostname = "127.0.0.1"
 #port = 11332
--- a/resources/config/smtp/queue.toml
+++ b/resources/config/smtp/queue.toml
@ -7,15 +7,15 @@ path = "%{BASE_PATH}%/queue"
 hash = 64
 [queue.schedule]
-retry = ["2m", "5m", "10m", "15m", "30m", "1h", "2h"]
+retry = "[2m, 5m, 10m, 15m, 30m, 1h, 2h]"
-notify = ["1d", "3d"]
+notify = "[1d, 3d]"
 expire = "5d"
 [queue.outbound]
 #hostname = "%{HOST}%"
-next-hop = [ { if = "rcpt-domain", in-list = "%{DEFAULT_DIRECTORY}%/domains", then = "local" }, 
+next-hop = [ { if = "is_local_domain('%{DEFAULT_DIRECTORY}%', rcpt_domain)", then = "'local'" }, 
             { else = false } ]
-ip-strategy = "ipv4-then-ipv6"
+ip-strategy = "ipv4_then_ipv6"
 [queue.outbound.tls]
 dane = "optional"
@ -24,8 +24,8 @@ starttls = "require"
 allow-invalid-certs = false
 #[queue.outbound.source-ip]
-#v4 = ["10.0.0.10", "10.0.0.11"]
+#v4 = "['10.0.0.10', '10.0.0.11']"
-#v6 = ["a::b", "a::c"]
+#v6 = "['a::b', 'a::c']"
 [queue.outbound.limits]
 mx = 7
@ -42,12 +42,12 @@ data = "10m"
 mta-sts = "2m"
 [[queue.quota]]
-#match = {if = "sender-domain", eq = "foobar.org"}
+#match = "sender_domain = 'foobar.org'"
 #key = ["rcpt"]
 messages = 100000
 size = 10737418240 # 10gb
 [[queue.throttle]]
-key = ["rcpt-domain"]
+key = ["rcpt_domain"]
 #rate = "100/1h"
 concurrency = 5
--- a/resources/config/smtp/report.toml
+++ b/resources/config/smtp/report.toml
@ -13,45 +13,45 @@ forward = true
 #store = "%{BASE_PATH}%/incoming"
 [report.dsn]
-from-name = "Mail Delivery Subsystem"
+from-name = "'Mail Delivery Subsystem'"
-from-address = "MAILER-DAEMON@%{DEFAULT_DOMAIN}%"
+from-address = "'MAILER-DAEMON@%{DEFAULT_DOMAIN}%'"
-sign = ["rsa"]
+sign = "['rsa']"
 [report.dkim]
-from-name = "Report Subsystem"
+from-name = "'Report Subsystem'"
-from-address = "noreply-dkim@%{DEFAULT_DOMAIN}%"
+from-address = "'noreply-dkim@%{DEFAULT_DOMAIN}%'"
-subject = "DKIM Authentication Failure Report"
+subject = "'DKIM Authentication Failure Report'"
-sign = ["rsa"]
+sign = "['rsa']"
-send = "1/1d"
+send = "[1, 1d]"
 [report.spf]
-from-name = "Report Subsystem"
+from-name = "'Report Subsystem'"
-from-address = "noreply-spf@%{DEFAULT_DOMAIN}%"
+from-address = "'noreply-spf@%{DEFAULT_DOMAIN}%'"
-subject = "SPF Authentication Failure Report"
+subject = "'SPF Authentication Failure Report'"
-send = "1/1d"
+send = "[1, 1d]"
-sign = ["rsa"]
+sign = "['rsa']"
 [report.dmarc]
-from-name = "Report Subsystem"
+from-name = "'Report Subsystem'"
-from-address = "noreply-dmarc@%{DEFAULT_DOMAIN}%"
+from-address = "'noreply-dmarc@%{DEFAULT_DOMAIN}%'"
-subject = "DMARC Authentication Failure Report"
+subject = "'DMARC Authentication Failure Report'"
-send = "1/1d"
+send = "[1, 1d]"
-sign = ["rsa"]
+sign = "['rsa']"
 [report.dmarc.aggregate]
-from-name = "DMARC Report"
+from-name = "'DMARC Report'"
-from-address = "noreply-dmarc@%{DEFAULT_DOMAIN}%"
+from-address = "'noreply-dmarc@%{DEFAULT_DOMAIN}%'"
-org-name = "%{DEFAULT_DOMAIN}%"
+org-name = "'%{DEFAULT_DOMAIN}%'"
 #contact-info = ""
 send = "daily"
 max-size = 26214400 # 25mb
-sign = ["rsa"]
+sign = "['rsa']"
 [report.tls.aggregate]
-from-name = "TLS Report"
+from-name = "'TLS Report'"
-from-address = "noreply-tls@%{DEFAULT_DOMAIN}%"
+from-address = "'noreply-tls@%{DEFAULT_DOMAIN}%'"
-org-name = "%{DEFAULT_DOMAIN}%"
+org-name = "'%{DEFAULT_DOMAIN}%'"
 #contact-info = ""
 send = "daily"
 max-size = 26214400 # 25 mb
-sign = ["rsa"]
+sign = "['rsa']"
--- a/resources/config/smtp/session.toml
+++ b/resources/config/smtp/session.toml
@ -8,38 +8,38 @@ transfer-limit = 262144000 # 250 MB
 duration = "10m"
 [session.connect]
-#script = "connect.sieve"
+#script = "'connect'"
 [session.ehlo]
 require = true
-reject-non-fqdn = [ { if = "listener", eq = "smtp", then = true},
+reject-non-fqdn = [ { if = "listener = 'smtp'", then = true},
                    { else = false } ]
-#script = "ehlo"
+#script = "'ehlo'"
 [session.extensions]
 pipelining = true
 chunking = true
 requiretls = true
 no-soliciting = ""
-dsn = [ { if = "authenticated-as", ne = "", then = true},
+dsn = [ { if = "!is_empty(authenticated_as)", then = true},
        { else = false } ]
-expn = [ { if = "authenticated-as", ne = "", then = true},
+expn = [ { if = "!is_empty(authenticated_as)", then = true},
        { else = false } ]
-vrfy = [ { if = "authenticated-as", ne = "", then = true},
+vrfy = [ { if = "!is_empty(authenticated_as)", then = true},
        { else = false } ]
-future-release = [ { if = "authenticated-as", ne = "", then = "7d"},
+future-release = [ { if = "!is_empty(authenticated_as)", then = "7d"},
                   { else = false } ]
-deliver-by = [ { if = "authenticated-as", ne = "", then = "15d"},
+deliver-by = [ { if = "!is_empty(authenticated_as)", then = "15d"},
               { else = false } ]
-mt-priority = [ { if = "authenticated-as", ne = "", then = "mixer"},
+mt-priority = [ { if = "!is_empty(authenticated_as)", then = "mixer"},
                { else = false } ]
 [session.auth]
-mechanisms = [ { if = "listener", ne = "smtp", then = ["plain", "login"]},
+mechanisms = [ { if = "listener != 'smtp'", then = "[plain, login]"},
-               { else = [] } ]
+               { else = false } ]
-directory = [ { if = "listener", ne = "smtp", then = "%{DEFAULT_DIRECTORY}%" }, 
+directory = [ { if = "listener != 'smtp'", then = "'%{DEFAULT_DIRECTORY}%'" }, 
           { else = false } ]
-require = [ { if = "listener", ne = "smtp", then = true},
+require = [ { if = "listener != 'smtp'", then = true},
            { else = false } ]
 allow-plain-text = false
@ -49,29 +49,25 @@ wait = "5s"
 [session.mail]
 #script = "mail-from"
-#rewrite = [ { all-of = [ { if = "listener", ne = "smtp" },
+#rewrite = [ { if = "listener != 'smtp' & matches('^([^.]+)@([^.]+)\.(.+)$', rcpt)", then = "$1 + '@' + $3" },
 #                         { if = "rcpt", matches = "^([^.]+)@([^.]+)\.(.+)$"}, 
 #                       ], then = "${1}@${3}" }, 
 #            { else = false } ]
 [session.rcpt]
 #script = "greylist"
-relay = [ { if = "authenticated-as", ne = "", then = true }, 
+relay = [ { if = "!is_empty(authenticated_as)", then = true }, 
          { else = false } ]
-#rewrite = [ { all-of = [ { if = "rcpt-domain", in-list = "%{DEFAULT_DIRECTORY}%/domains" },
+#rewrite = [ { if = "is_local_domain('%{DEFAULT_DIRECTORY}%', rcpt_domain) & matches('^([^.]+)\.([^.]+)@(.+)$', rcpt)", then = "$1 + '+' + $2 + '@' + $3" },
 #                         { if = "rcpt", matches = "^([^.]+)\.([^.]+)@(.+)$"}, 
 #                       ], then = "${1}+${2}@${3}" }, 
 #            { else = false } ]
 max-recipients = 25
-directory = "%{DEFAULT_DIRECTORY}%"
+directory = "'%{DEFAULT_DIRECTORY}%'"
 [session.rcpt.errors]
 total = 5
 wait = "5s"
 [session.data]
-script = [ { if = "authenticated-as", eq = "", then = "spam-filter"},
+script = [ { if = "is_empty(authenticated_as)", then = "'spam-filter'"},
-           { else = "track-replies" } ]
+           { else = "'track-replies'" } ]
 [session.data.limits]
 messages = 10
@ -79,24 +75,24 @@ size = 104857600
 received-headers = 50
 [session.data.add-headers]
-received = [ { if = "listener", eq = "smtp", then = true }, 
+received = [ { if = "listener = 'smtp'", then = true }, 
             { else = false } ]
-received-spf = [ { if = "listener", eq = "smtp", then = true }, 
+received-spf = [ { if = "listener = 'smtp'", then = true }, 
                 { else = false } ]
-auth-results = [ { if = "listener", eq = "smtp", then = true }, 
+auth-results = [ { if = "listener = 'smtp'", then = true }, 
                 { else = false } ]
-message-id = [ { if = "listener", eq = "smtp", then = false }, 
+message-id = [ { if = "listener = 'smtp'", then = false }, 
               { else = true } ]
-date = [ { if = "listener", eq = "smtp", then = false }, 
+date = [ { if = "listener = 'smtp'", then = false }, 
         { else = true } ]
 return-path = false
 [[session.throttle]]
-#match = {if = "remote-ip", eq = "10.0.0.1"}
+#match = "remote_ip = '10.0.0.1'"
-key = ["remote-ip"]
+key = ["remote_ip"]
 concurrency = 5
 #rate = "5/1h"
 [[session.throttle]]
-key = ["sender-domain", "rcpt"]
+key = ["sender_domain", "rcpt"]
 rate = "25/1h"
--- a/tests/resources/scripts/create_test_env.sh
+++ b/tests/resources/scripts/create_test_env.sh
@ -10,6 +10,11 @@ DOMAIN="example.org"
 STORE="rocksdb"
 FTS_STORE="rocksdb"
 BLOB_STORE="rocksdb"
 #STORE="sqlite"
 #FTS_STORE="sqlite"
 #BLOB_STORE="sqlite"
 FEATURES="foundationdb postgres mysql rocks elastic s3 redis"
 #FEATURES="sqlite"
 # Directories
 DIRECTORY="internal"
@ -59,5 +64,5 @@ mkdir -p $BASE_DIR/etc/dkim
 openssl genpkey -algorithm RSA -out $BASE_DIR/etc/dkim/$DOMAIN.key
 # Create admin user
-SET_ADMIN_USER="admin" SET_ADMIN_PASS="secret" cargo run -p mail-server --no-default-features --features "foundationdb postgres mysql rocks elastic s3 redis" -- --config=/tmp/stalwart-test/etc/config.toml
+SET_ADMIN_USER="admin" SET_ADMIN_PASS="secret" cargo run -p mail-server --no-default-features --features "$FEATURES" -- --config=/tmp/stalwart-test/etc/config.toml
-cargo run -p mail-server --no-default-features --features "foundationdb postgres mysql rocks elastic s3 redis" -- --config=/tmp/stalwart-test/etc/config.toml
+cargo run -p mail-server --no-default-features --features "$FEATURES" -- --config=/tmp/stalwart-test/etc/config.toml
--- a/tests/src/imap/mod.rs
+++ b/tests/src/imap/mod.rs
@ -93,9 +93,9 @@ certificate = "default"
 reject-non-fqdn = false
 [session.rcpt]
-relay = [ { if = "authenticated-as", ne = "", then = true }, 
+relay = [ { if = "!is_empty(authenticated_as)", then = true }, 
          { else = false } ]
-directory = "auth"
+directory = "'auth'"
 [session.rcpt.errors]
 total = 5
@ -113,8 +113,8 @@ hash = 64
 type = "system"
 [queue.outbound]
-next-hop = [ { if = "rcpt-domain", in-list = "local/domains", then = "local" }, 
+next-hop = [ { if = "key_exists('local/domains', rcpt_domain)", then = "'local'" }, 
-             { if = "rcpt-domain", in-list = "local/remote-domains", then = "mock-smtp" },
+             { if = "key_exists('local/remote-domains', rcpt_domain)", then = "'mock-smtp'" },
             { else = false } ]
 [remote."mock-smtp"]
@ -127,7 +127,7 @@ implicit = false
 allow-invalid-certs = true
 [session.extensions]
-future-release = [ { if = "authenticated-as", ne = "", then = "99999999d"},
+future-release = [ { if = "!is_empty(authenticated_as)", then = "99999999d"},
                   { else = false } ]
 [store."sqlite"]
--- a/tests/src/jmap/mod.rs
+++ b/tests/src/jmap/mod.rs
@ -105,9 +105,9 @@ fail2ban = "101/5s"
 reject-non-fqdn = false
 [session.rcpt]
-relay = [ { if = "authenticated-as", ne = "", then = true }, 
+relay = [ { if = "!is_empty(authenticated_as)", then = true }, 
          { else = false } ]
-directory = "auth"
+directory = "'auth'"
 [session.rcpt.errors]
 total = 5
@ -125,8 +125,8 @@ hash = 64
 type = "system"
 [queue.outbound]
-next-hop = [ { if = "rcpt-domain", in-list = "local/domains", then = "local" }, 
+next-hop = [ { if = "key_exists('local/domains', rcpt_domain)", then = "'local'" }, 
-             { if = "rcpt-domain", in-list = "local/remote-domains", then = "mock-smtp" },
+             { if = "key_exists('local/remote-domains', rcpt_domain)", then = "'mock-smtp'" },
             { else = false } ]
 [remote."mock-smtp"]
@ -139,7 +139,7 @@ implicit = false
 allow-invalid-certs = true
 [session.extensions]
-future-release = [ { if = "authenticated-as", ne = "", then = "99999999d"},
+future-release = [ { if = "!is_empty(authenticated_as)", then = "99999999d"},
                   { else = false } ]
 [store."sqlite"]