software/email

Laptop Setup

offlineimap synchronization to maildir, notmuch indexing, mutt-kr client.

What I want when online:

  • instant (less than 1 second) email send
  • with MUA open, instant (less than 1 second) email receive (IMAP IDLE)
  • with MUA closed, regular (15 minute) imap synchronization, and single command to quickly synchronize and send any queued messages

What I want when offline:

  • full email archive to search over, sort, reply, etc
  • cache send messages to an outbox folder, to be sent later (or deleted before connecting)

Compile mutt-kr:

$ sudo aptitude install offlineimap notmuch libgpgme11-dev libnotmuch-dev \
    libsasl2-dev libdb-dev
$ # in mutt-kr checkout:
$ ./prepare
$ ./configure --enable-dependency-tracking --enable-notmuch \
        --enable-gpgme --enable-hcache --enable-imap --enable-smtp \
        --with-ssl --with-gnutls --with-sasl --with-curses --with-regex

Install and configure offlineimap:

$ sudo aptitude install offlineimap

Fetch cacert a la:

$ openssl s_client -CApath /etc/ssl/certs -connect ${hostname}:imaps -showcerts \
   | perl -ne 'print if /BEGIN/../END/; print STDERR if /return/' > $sslcacertfile
   ^D
$ # copy resulting file to /etc/ssl/certs
$ # test with:
$ openssl s_client -CAfile $sslcacertfile -connect ${hostname}:imaps 2>&1 </dev/null

TODO: use notmuch-mutt package

Android Setup

K-9 mail client. No GPG configured.

Server Setup

Dovcot and postfix, installed mostly following “linode library” instructions.

Set dovecot’s mail_max_userip_connections to ~40 or more if using K-9 mail, or you’ll get errors about “AUTHENTICATE PLAIN” This is because K-9 makes many parallel connections.

mailman for mailing lists. or enemies-of-carlotta.

setup SPF records.

References:

http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/

Postfix Domain Blacklist

At some point I started getting >= one spam message per second from a qq.com spoofer. I blacklisted that sender domain using these directions:

Edit /etc/postfix/sender_access:

qq.com DISCARD

Run:

sudo postmap /etc/postfix/sender_access

Edit /etc/postfix/main.cf:

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access

Restart postfix.