crockery/README.md

Crockery - simple email hosting

What

• SMTP + IMAP email, plus bundled HTTP webmail client
• Devoted to the task of serving email for a single domain
• Can get its own valid TLS certificates via LE, or use supplied ones
• Built-in anti-spam & anti-virus measures
• Built-in DKIM support
• Built-in DMARC support
• Can tell you what DNS records you need, and check them for validity
• Multiple email accounts for your domain
• A "master" wildcard account (if desired)
• Simple import from GMail, etc
• Simple export to GMail, etc
• Nice fast search
• Interact with crockery with simple, natural-ish emails to do things
  • SMTP TLS verification - enabled by default
  • Try to email foo@shady.net - verification fails, email marked pending, fail in 7 days
  • Crockery emails user, "Yo. We can't send this email securely. Here are your options:"
  • User hits reply-to (goes to unique email address on same domain) saying what to do:
    • Cancel
    • Retry
    • Send just this email
    • Whitelist shady.net (pins certificate)
  • What other interactions might we like?

What not

• JMAP. Not today.
• Maildir/mbox support. Imports and exports via IMAP, backups by "copy this file"
• Bring your own X (where X is MTA, IMAP server, database, etc, etc)
• Multiple-domain support (maybe later)
• CalDAV/Carddav (yet)
• Externally sourced accounts (yet)
• Sending email without having an account
• Managesieve (for now)

Why

Email architecture is really complicated, and setting up a mail server of your own is painful. Various projects exist to try to make it easier, eg:

• iRedMail
• docker-mailserver
• symbiosis
• ...

(Personally, I had some ansible recipes: )

Even among people who run their own websites, it's rare to run your own email. It's just too painful. Much of this pain is caused by ultra-configurable components that need to be orchestrated. Each has its own (remarkably obtuse) configuration language, and each can do far more than the common case for a small, single-domain site.

So, let's make a single binary where all you have to do is:

• Register a domain
• Upload some DNS records
• Run the binary

and it gives you a sensible email setup without any additional configuration!

If it has to share the domain with a HTTP server (quite common), allow the HTTP-specific parts of mail to be served via reverse proxying. This includes:

• activesync push notifications
• autodiscovery

Probably other stuff. Email is big, and just keeps getting bigger.

How

Initialize a new database

crockery init -domain example.com

You'll be prompted to enter a password for the postmaster@example.com master account, or you can provide on the command line: -adminPassword x, or in an environment variable: CROCKERY_PASSWORD=x.

You can provide a custom database name with -db <filename>

Run the server

./crockery

Again, you can use -db <filename> if the default of ./crockery.db doesn't suit.

Configuration

Mostly non-existent, aside from that listed above.

We'll need to have a few offline commands baked into the crockery binary, apart from init as detailed above. Some ideas:

$ crockery change x y z (domain, user password, etc)
$ crockery reindex (throw away existing indexes, regenerate)
$ crockery whitelist tls <domain> (allow the domain to be sent to with insecure/no TLS)
$ crockery whitelist receipt <domain> (bypass antispam for this domain)
$ crockery blacklist receipt <domain> (no emails to be permitted from this domain

It's inconvenient for some of these functions to require the server to be offline, so we'll need to provide another configuration interface too.

I like sending emails to it.

Since we're going to need a HTTP server anyway, we could expose admin functions using that, if logged in as postmaster. It could also expose an API that the crockery X commands could connect to, rather than hitting the store directly. We can use the .well-known integration to avoid the need to configure there, too.