mirror of
https://github.com/mjl-/mox.git
synced 2025-07-10 09:54:40 +03:00
add config options to disable a domain and to disable logins for an account
to facilitate migrations from/to other mail setups. a domain can be added in "disabled" mode (or can be disabled/enabled later on). you can configure a disabled domain, but incoming/outgoing messages involving the domain are rejected with temporary error codes (as this may occur during a migration, remote servers will try again, hopefully to the correct machine or after this machine has been configured correctly). also, no acme tls certs will be requested for disabled domains (the autoconfig/mta-sts dns records may still point to the current/previous machine). accounts with addresses at disabled domains can still login, unless logins are disabled for their accounts. an account now has an option to disable logins. you can specify an error message to show. this will be shown in smtp, imap and the web interfaces. it could contain a message about migrations, and possibly a URL to a page with information about how to migrate. incoming/outgoing email involving accounts with login disabled are still accepted/delivered as normal (unless the domain involved in the messages is disabled too). account operations by the admin, such as importing/exporting messages still works. in the admin web interface, listings of domains/accounts show if they are disabled. domains & accounts can be enabled/disabled through the config file, cli commands and admin web interface. for issue #175 by RobSlgm
This commit is contained in:
@ -760,6 +760,19 @@ See https://pkg.go.dev/github.com/mjl-/sconf for details.
|
||||
Domains:
|
||||
x:
|
||||
|
||||
# Disabled domains can be useful during/before migrations. Domains that are
|
||||
# disabled can still be configured like normal, including adding addresses using
|
||||
# the domain to accounts. However, disabled domains: 1. Do not try to fetch ACME
|
||||
# certificates. TLS connections to host names involving the email domain will
|
||||
# fail. A TLS certificate for the hostname (that wil be used as MX) itself will be
|
||||
# requested. 2. Incoming deliveries over SMTP are rejected with a temporary error
|
||||
# '450 4.2.1 recipient domain temporarily disabled'. 3. Submissions over SMTP
|
||||
# using an (envelope) SMTP MAIL FROM address or message 'From' address of a
|
||||
# disabled domain will be rejected with a temporary error '451 4.3.0 sender domain
|
||||
# temporarily disabled'. Note that accounts with addresses at disabled domains can
|
||||
# still log in and read email (unless the account itself is disabled). (optional)
|
||||
Disabled: false
|
||||
|
||||
# Free-form description of domain. (optional)
|
||||
Description:
|
||||
|
||||
@ -1028,6 +1041,12 @@ See https://pkg.go.dev/github.com/mjl-/sconf for details.
|
||||
# retire time. E.g. 168h (1 week). (optional)
|
||||
KeepRetiredWebhookPeriod: 0s
|
||||
|
||||
# If non-empty, login attempts on all protocols (e.g. SMTP/IMAP, web interfaces)
|
||||
# is rejected with this error message. Useful during migrations. Incoming
|
||||
# deliveries for addresses of this account are still accepted as normal.
|
||||
# (optional)
|
||||
LoginDisabled:
|
||||
|
||||
# Default domain for account. Deprecated behaviour: If a destination is not a full
|
||||
# address but only a localpart, this domain is added to form a full address.
|
||||
Domain:
|
||||
|
Reference in New Issue
Block a user