kube/wildduck/README.md

# Wildduck stack

This application is managed by
[ArgoCD](https://argocd.k-space.ee/applications/argocd/wildduck)

The mail stack consists of several moving parts:

* Haraka with several plugins
  * Wildduck plugin to handle incoming mail on port 25 of mail.k-space.ee
  * Fight spam with Rspamd
  * Fight viruses with ClamAV
* Wildduck
  * Provide API for interfacing with other systems such as
    Wildduck webmail,
    Wildflock e-mail alias generator and
    Wildduck Kubernetes operator which deals with account provisioning
  * Provide IMAP endpoint for accessing mailbox with traditional
    MUA (mail user agents): Android, iPhone, Thunderbird, Evolution etc
* ZoneMTA for handling outbound mail
  * Including mail submission from MUA with the help of Wildduck plugin

Outside Kubernetes there is NAT rule on the Mikrotik router
which rewrites source IP of any TCP port 25 headed traffic to
originate from the IP address of the mail exchange.

TODO: Figure out how to automate DH parameters generation:

```
openssl dhparam -out dhparams.pem 2048
kubectl create secret generic -n wildduck dhparams --from-file=dhparams.pem
```
wildduck: Updates 2023-08-19 07:01:09 +00:00			`# Wildduck stack`
Initial commit 2022-08-16 09:40:54 +00:00
wildduck: Updates 2023-08-19 07:01:09 +00:00			`This application is managed by`
			`[ArgoCD](https://argocd.k-space.ee/applications/argocd/wildduck)`
wildduck: Add README 2023-08-24 17:45:43 +00:00
			`The mail stack consists of several moving parts:`

			`* Haraka with several plugins`
			`* Wildduck plugin to handle incoming mail on port 25 of mail.k-space.ee`
			`* Fight spam with Rspamd`
			`* Fight viruses with ClamAV`
			`* Wildduck`
			`* Provide API for interfacing with other systems such as`
			`Wildduck webmail,`
			`Wildflock e-mail alias generator and`
			`Wildduck Kubernetes operator which deals with account provisioning`
			`* Provide IMAP endpoint for accessing mailbox with traditional`
			`MUA (mail user agents): Android, iPhone, Thunderbird, Evolution etc`
			`* ZoneMTA for handling outbound mail`
			`* Including mail submission from MUA with the help of Wildduck plugin`

			`Outside Kubernetes there is NAT rule on the Mikrotik router`
			`which rewrites source IP of any TCP port 25 headed traffic to`
			`originate from the IP address of the mail exchange.`
wildduck: Clean up configs 2023-08-27 17:24:36 +00:00
			`TODO: Figure out how to automate DH parameters generation:`

			```
			`openssl dhparam -out dhparams.pem 2048`
			`kubectl create secret generic -n wildduck dhparams --from-file=dhparams.pem`
			```