Skip to content

Commit

Permalink
v0.8.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@willbrowningme
willbrowningme committed Jul 20, 2021
1 parent 7b9a95c commit 193b325
Show file tree
Hide file tree
Showing 49 changed files with 2,241 additions and 709 deletions.
5 changes: 4 additions & 1 deletion .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,12 @@ REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379

MAIL_DRIVER=sendmail
MAIL_FROM_NAME=Example
MAIL_FROM_ADDRESS=[email protected]
MAIL_DRIVER=smtp
MAIL_HOST=mail.example.com
MAIL_PORT=25
MAIL_ENCRYPTION=tls

ANONADDY_RETURN_PATH=[email protected]
ANONADDY_ADMIN_USERNAME=johndoe
Expand Down
1 change: 0 additions & 1 deletion .husky/.gitignore
View file

This file was deleted.

30 changes: 30 additions & 0 deletions .husky/_/husky.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#!/bin/sh
if [ -z "$husky_skip_init" ]; then
debug () {
[ "$HUSKY_DEBUG" = "1" ] && echo "husky (debug) - $1"
}

readonly hook_name="$(basename "$0")"
debug "starting $hook_name..."

if [ "$HUSKY" = "0" ]; then
debug "HUSKY env variable is set to 0, skipping hook"
exit 0
fi

if [ -f ~/.huskyrc ]; then
debug "sourcing ~/.huskyrc"
. ~/.huskyrc
fi

export readonly husky_skip_init=1
sh -e "$0" "$@"
exitCode="$?"

if [ $exitCode != 0 ]; then
echo "husky - $hook_name hook exited with code $exitCode (error)"
exit $exitCode
fi

exit 0
fi
25 changes: 15 additions & 10 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,15 +143,13 @@ Yes there is an [open-source](https://github.com/anonaddy/browser-extension) bro

## Is there an Android app?

There is not an official Android app that I have made myself as I am not familiar with mobile development.
Yes, there is an excellent [open-source](https://gitlab.com/Stjin/anonaddy-android) Android app created by [Stjin](https://twitter.com/Stjinchan) that is available to download from the [Play Store](https://play.google.com/store/apps/details?id=host.stjin.anonaddy) (paid) and [F-Droid](https://f-droid.org/packages/host.stjin.anonaddy) (free). The developer of this app has put in a lot of time and effort so if you would like to support him please purchase the Play Store version.

There is however an excellent [open-source](https://gitlab.com/Stjin/anonaddy-android) Android app created by [Stjin](https://twitter.com/Stjinchan) that is available to download from the [Play Store](https://play.google.com/store/apps/details?id=host.stjin.anonaddy) (paid) and [F-Droid](https://f-droid.org/packages/host.stjin.anonaddy) (free). The developer of this app has put in a lot of time and effort so if you would like to support him please purchase the Play Store version.

There is also another unofficial [open-source](https://github.com/KhalidWar/anonaddy) Android app created by [KhalidWar](https://twitter.com/RealKhalidWar) available on the [Play Store](https://play.google.com/store/apps/details?id=com.khalidwar.anonaddy).
There is also another [open-source](https://github.com/KhalidWar/anonaddy) Android app created by [KhalidWar](https://twitter.com/RealKhalidWar) available on the [Play Store](https://play.google.com/store/apps/details?id=com.khalidwar.anonaddy).

## Is there an iOS app?

Yes, [KhalidWar's](https://twitter.com/RealKhalidWar) unofficial [open-source](https://github.com/KhalidWar/anonaddy) app from above is also available on the [App Store](https://apps.apple.com/us/app/addymanager/id1547461270).
Yes, [KhalidWar's](https://twitter.com/RealKhalidWar) [open-source](https://github.com/KhalidWar/anonaddy) app from above is also available on the [App Store](https://apps.apple.com/us/app/addymanager/id1547461270).

## How do I add my own GPG/OpenPGP key for encryption?

Expand All @@ -178,7 +176,7 @@ If you're concerned that your aliases are all linked by your username e.g. @john

## Where is the server located?

The server is located in Amsterdam, Netherlands with [Greenhost.net](https://greenhost.net/). Greenhost focuses greatly on privacy and security and their servers run entirely on Dutch wind energy.
The server is located in Amsterdam, Netherlands with [Greenhost.net](https://greenhost.net/). Greenhost focuses greatly on privacy and security and their servers run entirely on Dutch wind energy. The backup mail server is located in Warsaw, Poland with [UpCloud](https://upcloud.com).

## What if I don't trust you?

Expand Down Expand Up @@ -364,7 +362,7 @@ You can add 1 additional username as a Lite user and up to 3 additional username

## I'm not receiving any emails, what's wrong?

Please make sure to add [email protected], [email protected] and any other aliases you use to your address book and also to check your spam folder. Make sure to mark emails from us as safe if they turn up in spam.
Please make sure to add [email protected], [email protected] and any other aliases you use to your address book and also to check your spam folder. Make sure to mark emails from AnonAddy as safe if they turn up in spam.

If an alias has been previously deleted and you try to send email to it, the emails will be rejected with an error message - "554 5.7.1 Recipient address rejected: Access denied".

Expand All @@ -374,13 +372,20 @@ The sender of the email may be failing SPF, DMARC or DNS blacklist checks result

If you are forwarding emails to an icloud.com email address some users are having issues with a small number of emails being rejected (often those from Facebook).

For some reason Apple seems to think these emails are spam and returns this error message:
For some reason Apple seems to think these emails are spam/phishing and returns this error message:

> Diagnostic-Code: smtp; 550 5.7.1 [CS01] Message rejected due to local policy.
I have contacted Apple multiple times about this but they have not yet responded.

If you are having issues with emails being rejected as "possibly spammy" by Google, iCloud or Microsoft then try adding a GPP key and **enabling encryption**. This will prevent the email's content being scanned and reduce the change of it being rejected.
If you are having issues with emails being rejected as "possibly spammy" by Google, iCloud or Microsoft then please try the following steps if you can:

1. **Replace the email subject** by going to your settings in AnonAddy
2. Try adding a GPP key and **enabling encryption**. This will prevent the email's content being scanned and reduce the change of it being rejected.

I will also soon be adding an option to change the format of the display from part of the "From:" header.

If neither of the above options work then please try changing to another recipient so that you can continue to receive emails.

If you still aren't receiving emails please contact me.

Expand Down Expand Up @@ -417,7 +422,7 @@ For any other questions just send an email to - [[email protected]](mailto:co
## Software Requirements

* Postfix (3.0.0+) (plus postfix-mysql for database queries and postfix-pcre)
* PHP (7.4+) and the [php-mailparse](https://pecl.php.net/package/mailparse) extension, the [php-gnupg](https://pecl.php.net/package/gnupg) extension if you plan to encrypt forwarded emails, the [php-imagick](https://pecl.php.net/package/imagick) extension for generating 2FA QR codes
* PHP (8.0+) and the [php-mailparse](https://pecl.php.net/package/mailparse) extension, the [php-gnupg](https://pecl.php.net/package/gnupg) extension if you plan to encrypt forwarded emails, the [php-imagick](https://pecl.php.net/package/imagick) extension for generating 2FA QR codes
* Port 25 unblocked and open
* Redis (4.x+) for throttling and queues
* FQDN as hostname e.g. mail.anonaddy.me
Expand Down
37 changes: 12 additions & 25 deletions SELF-HOSTING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,16 +247,7 @@ sudo postconf myhostname

You'll see warnings that the mysql-... files do not exist. You should see mail.example.com, if you don't edit `/etc/postfix/main.cf` and update the myhostname value.

Open up `/etc/postfix/master.cf` and update this line at the top of the file:

```
smtp inet n - - - - smtpd
-o content_filter=anonaddy:dummy
```

This should be the only line for smtp.

Then add these lines to the bottom of the file:
Open up `/etc/postfix/master.cf` and add these lines to the bottom of the file:

```
anonaddy unix - n n - - pipe
Expand All @@ -269,15 +260,7 @@ This command will pipe the email through to our applicaton so that we can determ

## Installing Nginx

On Ubuntu 20.04 Nginx is included in the default repositories so we can simply run:

```bash
sudo apt update
sudo apt install nginx
sudo nginx -v
```

If you're on Ubuntu 18.04 you will need to add the following signing key and repo.
To install Nginx add the following signing key and repo.

Import the nginx signing key and the repository.

Expand All @@ -294,7 +277,7 @@ sudo apt install nginx
sudo nginx -v
```

At the time of writing this I have `nginx version: nginx/1.19.10`.
At the time of writing this I have `nginx version: nginx/1.21.1`.

Create the directory for where the application will be stored.

Expand Down Expand Up @@ -479,15 +462,17 @@ To install the certificate run:

Make sure to change example.com to your domain.

You might see the following error message "Run reload cmd: service nginx force-reload nginx.service is not active, cannot reload.", this can be ignored.

You can now type `exit` to go back to the `johndoe` user instead of `root`.

## Installing MariaDB

At the time of writing this the latest stable release is v10.5. Make sure to check for any newer releases.
At the time of writing this the latest stable release is v10.6. Make sure to check for any newer releases.

Follow the instructions on this link to install MariaDB (make sure to change to 18.04 if you are using it):

[https://downloads.mariadb.org/mariadb/repositories/#distro=Ubuntu&distro_release=focal--ubuntu_focal&mirror=digital-pacific&version=10.5](https://downloads.mariadb.org/mariadb/repositories/#distro=Ubuntu&distro_release=focal--ubuntu_focal&mirror=digital-pacific&version=10.5)
[https://downloads.mariadb.org/mariadb/repositories/#distro=Ubuntu&distro_release=focal--ubuntu_focal&mirror=nus&version=10.6](https://downloads.mariadb.org/mariadb/repositories/#distro=Ubuntu&distro_release=focal--ubuntu_focal&mirror=nus&version=10.6)

Make sure it is running correctly and check the version

Expand All @@ -496,7 +481,7 @@ sudo systemctl status mariadb
sudo mysql -V
```

At the time of writing this I am using "Ver 15.1 Distrib 10.5.8-MariaDB"
At the time of writing this I am using "Ver 15.1 Distrib 10.6.3-MariaDB"

When running securing mariadb Answer `no` for "Switch to unix_socket authentication" and `yes` for "Change the root password?" (Set a secure MySQL root password and make a note of it somewhere e.g. password manager.). Answer `yes` (default) to the other questions.

Expand Down Expand Up @@ -966,7 +951,7 @@ group "headers" {
"FROM_NEQ_DISPLAY_NAME" {
weight = 0.0;
}
"FORGED_RECIPIENTS" {
weight = 0.0;
}
Expand Down Expand Up @@ -1009,7 +994,7 @@ fi

Make sure node is installed (`node -v`) if not then install it using NVM - [https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-20-04#option-3-%E2%80%94-installing-node-using-the-node-version-manager](https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-20-04#option-3-%E2%80%94-installing-node-using-the-node-version-manager)

At the time of writing this I'm using the latest LTS - v14.15.1
At the time of writing this I'm using the latest LTS - v14.17.3

```bash
cd /var/www/anonaddy
Expand Down Expand Up @@ -1153,6 +1138,8 @@ sudo supervisorctl update
sudo supervisorctl start anonaddy:*
```

Run `sudo service nginx start` to make sure Nginx is running.

## Creating your account

You should now be able to visit `app.example.com` if you've set the correct DNS records.
Expand Down
59 changes: 59 additions & 0 deletions app/Console/Commands/CheckDomainsMxValidation.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
<?php

namespace App\Console\Commands;

use App\Models\Domain;
use App\Notifications\DomainMxRecordsInvalid;
use Illuminate\Console\Command;

class CheckDomainsMxValidation extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'anonaddy:check-domains-mx-validation';

/**
* The console command description.
*
* @var string
*/
protected $description = 'Checks all existing domains to see if they still have valid MX records';

/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
parent::__construct();
}

/**
* Execute the console command.
*
* @return int
*/
public function handle()
{
Domain::all()
->each(function ($domain) {
try {
if (! $domain->checkMxRecords()) {
// Notify user via email only if domain's MX previously were valid
if (!is_null($domain->domain_mx_validated_at)) {
$domain->user->notify(new DomainMxRecordsInvalid($domain->domain));
}

$domain->domain_mx_validated_at = null;
$domain->save();
}
} catch (\Exception $e) {
//
}
});
}
}
59 changes: 59 additions & 0 deletions app/Console/Commands/CheckDomainsSendingVerification.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
<?php

namespace App\Console\Commands;

use App\Models\Domain;
use App\Notifications\DomainUnverifiedForSending;
use Illuminate\Console\Command;

class CheckDomainsSendingVerification extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'anonaddy:check-domains-sending-verification';

/**
* The console command description.
*
* @var string
*/
protected $description = 'Checks all existing domains to see if they are still verified for sending';

/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
parent::__construct();
}

/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
Domain::whereNotNull('domain_sending_verified_at')->get()
->each(function ($domain) {
try {
$result = $domain->checkVerificationForSending();

if ($result->getData()->success === false) {
// Notify user via email, give reason
$domain->user->notify(new DomainUnverifiedForSending($domain->domain, $result->getData()->message));

$domain->domain_sending_verified_at = null;
$domain->save();
}
} catch (\Exception $e) {
//
}
});
}
}
43 changes: 43 additions & 0 deletions app/Console/Commands/ClearFailedDeliveries.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
<?php

namespace App\Console\Commands;

use App\Models\FailedDelivery;
use Illuminate\Console\Command;

class ClearFailedDeliveries extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'anonaddy:clear-failed-deliveries';

/**
* The console command description.
*
* @var string
*/
protected $description = 'Clears failed deliveries that are older than 3 days';

/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
parent::__construct();
}

/**
* Execute the console command.
*
* @return int
*/
public function handle()
{
FailedDelivery::where('created_at', '<=', now()->subDays(3))->delete();
}
}
Loading

0 comments on commit 193b325

Please sign in to comment.