From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: Building a secure communications server Date: Fri, 19 May 2017 11:01:25 +0200 Message-ID: <8760gxi5ju.fsf@gnu.org> References: <20170513060327.GA20242@thebird.nl> <51f03a37.AEAAKHxcPksAAAAAAAAAAAOtZhgAAAACwQwAAAAAAAW9WABZFu9_@mailjet.com> <87efvs25de.fsf@gnu.org> <20170517115103.GA16553@thebird.nl> <87inkz4qkz.fsf@lassieur.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:39661) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dBdmt-0005GX-AB for guix-devel@gnu.org; Fri, 19 May 2017 05:01:32 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dBdmq-0005BT-8p for guix-devel@gnu.org; Fri, 19 May 2017 05:01:31 -0400 In-Reply-To: <87inkz4qkz.fsf@lassieur.org> (=?utf-8?Q?=22Cl=C3=A9ment?= Lassieur"'s message of "Wed, 17 May 2017 14:26:20 +0200") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: =?utf-8?Q?Cl=C3=A9ment?= Lassieur Cc: guix-devel@gnu.org Hello! Cl=C3=A9ment Lassieur skribis: > Pjotr Prins writes: > >> Plan for a secure E-mail server >> >> The idea is to have a secure setup which can be replicated fast and >> parameterized - i.e., there will be installation options. We'll >> develop this so anyone can fire up a VPS instance and get a secure >> communications environment - especially when people are on one host >> and between hosts using encrypted channels. >> >> The plan is as follows: >> >> Phase 1 >> >> . postfix with some utilities (postgrey, spfmilter) >> . courier-imap >> . web mail server using imap >> >> Phase 2 >> >> . stunnel+sslh - for tunneling ssh/smtp/imap over port 443 >> >> Phase 3 >> >> . Spam/virus filters >> >> Phase 4 >> >> . web based user mail account management >> >> Phase 5 >> >> . mailman support >> >> Phase 6 >> >> . irc support >> . other messaging services >> >> Phase 7 >> >> . voice support - mumble? >> >> My server runs phases 1-3. > > I don't understand how your server can run phases 1 to 3, since Postfix > isn't packaged. I guess you are running a foreign distro, which means > you are still pretty far from you goal. > > My own mail server runs GuixSD with OpenSMTPD, which works very well (I > even have one client!). Is there an important feature OpenSMTPD is > missing? If so, we should package Postfix as a first step. > > Same question with Courier-Imap: why don't you use Dovecot? Its Scheme > configuration is very nice, and it seems much more popular than > Courier-Imap anyway. > > Also, I would push for a Jabber service rather than an IRC service, > because Jabber (XMPP) is decentralized. And there=E2=80=99s also a Prosody service already. It looks like with current GuixSD you could already get a simple =E2=80=98operating-system=E2=80=99 declaration with OpenSMPTD, Dovecot, and= Prosody that does a big chunk of the job! Ludo=E2=80=99.