[tor-commits] [bridgedb/main] How to set up the email distributor

meskio at torproject.org meskio at torproject.org
Thu May 13 13:53:53 UTC 2021 

commit 9b5a6884127dd640292c60c483531f63d3f3e017
Author: meskio <meskio at torproject.org>
Date:   Wed May 12 13:52:59 2021 +0200

    How to set up the email distributor
    
    Document how to use postfix as relay with an external account.
---
 doc/HACKING.md | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/doc/HACKING.md b/doc/HACKING.md
index 449b3d1..54e97f2 100644
--- a/doc/HACKING.md
+++ b/doc/HACKING.md
@@ -21,6 +21,67 @@ Ideally, even more descriptors should be generated, somewhere in the realm of
 2000, as certain bugs do not emerge until BridgeDB is processing thousands of
 descriptors.
 
+## Running an email distributor
+
+### Configure postfix as relay
+
+Let's start installing postfix, in debian derivates we can do it using apt:
+
+    $ sudo apt install postfix
+
+Configure postfix to use it in ```/etc/postfix/main.cf```:
+
+    smtpd_relay_restrictions = permit_sasl_authenticated
+        permit_mynetworks
+        reject_unauth_destination
+    relayhost = [smtp.example.com]:587'
+    local_recipient_maps =
+    # enable SASL authentication
+    smtp_sasl_auth_enable = yes
+    # disallow methods that allow anonymous authentication.
+    smtp_sasl_security_options = noanonymous
+    # where to find sasl_passwd
+    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+    # Enable STARTTLS encryption
+    smtp_use_tls = yes
+    # where to find CA certificates
+    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+
+We'll use postfix to relay all the email over an existing smtp account in an email
+provider. Let's add the smtp account into ```/etc/postfix/sasl_passwd```:
+
+    [smtp.example.com]:587 user:password
+
+Set the rights correctly and postmap it so postfix can use it:
+
+    $ sudo chown root:root /etc/postfix/sasl_passwd
+    $ sudo chmod 600 /etc/postfix/sasl_passwd
+    $ sudo postmap /etc/postfix/sasl_passwd
+
+And restart postfix:
+
+    $ sudo systemctl restart postfix
+
+### Configure bridgedb.conf
+
+    EMAIL_DIST = True
+    EMAIL_FROM_ADDR = "user at example.com"
+    EMAIL_SMTP_FROM_ADDR = "user at example.com"
+    EMAIL_SMTP_HOST = "127.0.0.1"
+    EMAIL_SMTP_PORT = 25
+    EMAIL_DOMAIN_RULES = {'my.email.provider': ["ignore_dots"]}
+    EMAIL_BIND_IP = "127.0.0.1"
+    EMAIL_PORT = 6725
+
+### Send bridge request to our local bridgedb
+
+We use swaks to request bridges:
+
+    echo "get transport obfs4" | swaks --to user at example.com --from my.account at my.email.provider --server 127.0.0.1:6725 --body - --header 'Subject: gimme'
+
+And bridgedb will send us an email to ```my.accout at my.email.provider``` using
+```smtp.example.com``` as smtp with the bridges.
+
 ## Making a release
 
 ### Updating dependencies

More information about the tor-commits mailing list