From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from oat.nine.sirjofri.de ([5.45.105.127]) by ewsd; Mon Oct  5 01:15:31 -0400 2020
Received: from sirjofri.de ([94.222.62.23]) by oat; Mon Oct  5 07:14:03 CES 2020
Date: Mon, 5 Oct 2020 05:15:15 +0000 (UTC)
From: sirjofri+ml-9front@sirjofri.de
To: 9front@9front.org
Message-ID: <3066e7d9-bac5-4952-aad8-8260b6668da2@sirjofri.de>
In-Reply-To: <8B0E324EB486017F84E81FD02A1C4D2D@eigenstate.org>
References:  <8B0E324EB486017F84E81FD02A1C4D2D@eigenstate.org>
Subject: Re: [9front] /mail/lib: cleanup proposal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Correlation-ID: <3066e7d9-bac5-4952-aad8-8260b6668da2@sirjofri.de>
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: secure responsive ORM package module database 

Hey ori,

> I've also rewritten remotemail, so that it uses factotum to figure
> out where to send to. That means that configuring mail is adding
>
> upasname=3Duser@server.com
>
> to your environment, and adding an 'email=3Duser@server.com' to your
> smtp factotum key so we can decide which smtp server to use:
>
> echo 'key proto=3Dpass server=3Dserver.com ' \
> 'service=3Dsmtp user=3Duser >>email=3Duser@server.com<< !password=3D12345=
'
>
> Here's the rewritten remotemail:
>
> #!/bin/rc
>
> # allow users to do their own mail setup
> if(test -x $home/lib/mail/remotemail)
> exec $home/mail/lib/remotemail
>
> sender=3D$2
> svcpat=3D'[=C2=A0=C2=A0 ]service=3Dsmtp[=C2=A0 ]'
> addrpat=3D'[=C2=A0 ]email=3D'$2'[=C2=A0 ]'
> config=3D`{grep -e $svcpat -e $addrpat /mnt/factotum/ctl}
> if(~ $#config 0)
> exit 'no server'
> for(kv in $config){
> parts=3D`'=3D'{echo -n $kv}
> switch($parts(1)){
> case server;=C2=A0 server=3D$parts(2)
> case user;=C2=A0 login=3D$parts(2)
> }
> }
>
> exec /bin/upas/smtp -as -u $login $server $addr $sender $*(4-)

I like the changes. Also may I suggest that you add my patch for smtp?=20
Then unrecognized certificates during smtp can be ignored using a flag=20
resulting in encrypted mails. Modern providers like this, although it=20
makes mails somewhat unsecure (mails are encrypted which is more secure,=20
but no one can ensure you're talking to the right server). Otherwise we=20
need to handle certificates better (maybe trust on first use?)

Also since my patch provides a flag server admins can choose which=20
security feature they want.

sirjofri