software/email
Laptop Setup
offlineimap synchronization to maildir, notmuch indexing, mutt-kr client.
What I want when online:
- instant (less than 1 second) email send
- with MUA open, instant (less than 1 second) email receive (IMAP IDLE)
- with MUA closed, regular (15 minute) imap synchronization, and single command to quickly synchronize and send any queued messages
What I want when offline:
- full email archive to search over, sort, reply, etc
- cache send messages to an outbox folder, to be sent later (or deleted before connecting)
Compile mutt-kr:
$ sudo aptitude install offlineimap notmuch libgpgme11-dev libnotmuch-dev \
libsasl2-dev libdb-dev
$ # in mutt-kr checkout:
$ ./prepare
$ ./configure --enable-dependency-tracking --enable-notmuch \
--enable-gpgme --enable-hcache --enable-imap --enable-smtp \
--with-ssl --with-gnutls --with-sasl --with-curses --with-regexInstall and configure offlineimap:
$ sudo aptitude install offlineimapFetch cacert a la:
$ openssl s_client -CApath /etc/ssl/certs -connect ${hostname}:imaps -showcerts \
| perl -ne 'print if /BEGIN/../END/; print STDERR if /return/' > $sslcacertfile
^D
$ # copy resulting file to /etc/ssl/certs
$ # test with:
$ openssl s_client -CAfile $sslcacertfile -connect ${hostname}:imaps 2>&1 </dev/nullTODO: use notmuch-mutt package
Android Setup
K-9 mail client. No GPG configured.
Server Setup
Dovcot and postfix, installed mostly following “linode library” instructions.
Set dovecot’s mail_max_userip_connections to ~40 or more
if using K-9 mail, or you’ll get errors about “AUTHENTICATE PLAIN” This
is because K-9 makes many parallel connections.
mailman for mailing lists. or enemies-of-carlotta.
setup SPF records.
References:
- need for high (40+) mail_max_userip_connections in dovecot
- write up of contemporary (2012) techniques
http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
Postfix Domain Blacklist
At some point I started getting >= one spam message per second
from a qq.com spoofer. I blacklisted that sender domain
using these
directions:
Edit /etc/postfix/sender_access:
qq.com DISCARDRun:
sudo postmap /etc/postfix/sender_accessEdit /etc/postfix/main.cf:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_accessRestart postfix.
