1
0
forked from k-space/kube
kube/wildduck
2024-08-15 09:37:24 +03:00
..
.gitignore wildduck: Clean up configs 2023-08-27 20:24:36 +03:00
certificate.yaml Migrate the rest of Wildduck stack 2023-08-24 19:53:07 +03:00
clamav.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
dns.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
haraka.yaml wildduck: Use recreate strategy to avoid Kube scheduling deadlock 2024-08-15 09:24:16 +03:00
loadbalancer.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
README.md wildduck: Clean up configs 2023-08-27 20:24:36 +03:00
rspamd.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
sessions.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
srs.yaml wildduck: Clean up configs 2023-08-27 20:24:36 +03:00
webmail.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
wildduck-exporter.yaml migrate wildduck to external mongo 2024-08-13 20:18:47 +03:00
wildduck-operator-rbac.yaml wildduck: migrate to dragonfly, disable network policies, upgrade wildduck-operator 2024-07-28 20:22:08 +03:00
wildduck-operator.yaml wildduck: migrate to dragonfly, disable network policies, upgrade wildduck-operator 2024-07-28 20:22:08 +03:00
wildduck.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
wildflock.yaml wildduck: Cleanups 2024-08-15 09:37:24 +03:00
zonemta.yaml wildduck: Use recreate strategy to avoid Kube scheduling deadlock 2024-08-15 09:24:16 +03:00

Wildduck stack

This application is managed by ArgoCD

The mail stack consists of several moving parts:

  • Haraka with several plugins
    • Wildduck plugin to handle incoming mail on port 25 of mail.k-space.ee
    • Fight spam with Rspamd
    • Fight viruses with ClamAV
  • Wildduck
    • Provide API for interfacing with other systems such as Wildduck webmail, Wildflock e-mail alias generator and Wildduck Kubernetes operator which deals with account provisioning
    • Provide IMAP endpoint for accessing mailbox with traditional MUA (mail user agents): Android, iPhone, Thunderbird, Evolution etc
  • ZoneMTA for handling outbound mail
    • Including mail submission from MUA with the help of Wildduck plugin

Outside Kubernetes there is NAT rule on the Mikrotik router which rewrites source IP of any TCP port 25 headed traffic to originate from the IP address of the mail exchange.

TODO: Figure out how to automate DH parameters generation:

openssl dhparam -out dhparams.pem 2048
kubectl create secret generic -n wildduck dhparams --from-file=dhparams.pem