schleuder 3.5.0 → 4.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49f682bc409302cde8907906dbbbab0238d4e404748874b5c3b263806b70abbe
-  data.tar.gz: c47b37fc7c1dede5b95bd396ceef0642cf5061af574a589b84497e01d1f7dcf8
+  metadata.gz: 71fae6520fb76978d0292533c7e4b1d4ed72cd881ba81be71eacd2ab1811d5e2
+  data.tar.gz: 5542044280bcd7bb2875bdc443c37146c490fe186a16c9d2449d8d9dab8131c9
 SHA512:
-  metadata.gz: 42706627c3b2ea15d6e735cc28fcaa34a4bcd4cf58bb6789edd5ce83ba8033e10259a16cd61e06d5d2a25f01aa55a25f9a03073a5a03683cab2dc093a04e1103
-  data.tar.gz: b5b784eafd81435118bac61ce089d36e45e0932c46816aa46ae3da199fa96f9cd9c4e31c9dea58eba93d37de707d121a3ee69949388096c8b4330b7498b9a4ad
+  metadata.gz: 8c724133f39be4c6af72c61d6f26e95bcf4f1a99f6184ac845d55a36d53eaea60fc78273950609f3bbae7fc4faec72005adf9324ab5186d505be58495cb58582
+  data.tar.gz: 608978e0555f93ab3e4f7aefb67063df9e0fd8f7b06b28d20ea8f869384ba7ed0e08ba0d071ca81fccd2f269656907413b82fce930c6535aff30f60ef8ad4f95

data/README.md

@@ -10,19 +10,20 @@ For more details see <https://schleuder.org/docs/>.
 
 Requirements
 ------------
-* ruby >=2.1
-* gnupg 2.0.x, or >=2.1.16
+* ruby >=2.5
+* gnupg >=2.2
 * gpgme
 * sqlite3
 * openssl
+* icu
 
-*If you use Debian stretch or CentOS 7, please have a look at the [installation docs](https://schleuder.org/docs/#installation). We do provide packages for those platforms, which simplify the installation a lot.*
+*If you use Debian buster or CentOS 7, please have a look at the [installation docs](https://schleuder.org/schleuder/docs/server-admins.html#installation). We do provide packages for those platforms, which simplify the installation a lot.*
 
 *🛈 A note regarding Ubuntu: All Ubuntu versions up to and including 17.10 don't meet the requirements with their packaged versions of gnupg! To run Schleuder on Ubuntu you currently have to install a more recent version of gnupg manually. Only Ubuntu 18.04 ("bionic") provides modern enough versions of Schleuder's requirements.*
 
-On systems that base on Debian 9 ("stretch"), install the dependencies via
+On systems that base on Debian 10 ("buster"), install the dependencies via
 
-    apt-get install ruby-dev gnupg2 libgpgme-dev libsqlite3-dev libssl-dev build-essential
+    apt-get install ruby-dev gnupg2 libgpgme-dev libsqlite3-dev libssl-dev build-essential libicu-dev
 
 
 We **recommend** to also run a random number generator like [haveged](http://www.issihosts.com/haveged/). This ensures Schleuder won't be blocked by lacking entropy, which otherwise might happen especially during key generation.
@@ -47,15 +48,15 @@ Additionally these **rubygems** are required (will be installed automatically un
 Installing Schleuder
 ------------
 
-1. Download [the gem](https://schleuder.org/download/schleuder-3.5.0.gem) and [the OpenPGP-signature](https://schleuder.org/download/schleuder-3.5.0.gem.sig) and verify:
+1. Download [the gem](https://schleuder.org/download/schleuder-4.0.0.gem) and [the OpenPGP-signature](https://schleuder.org/download/schleuder-4.0.0.gem.sig) and verify:
    ```
    gpg --recv-key 0xB3D190D5235C74E1907EACFE898F2C91E2E6E1F3
-   gpg --verify schleuder-3.5.0.gem.sig
+   gpg --verify schleuder-4.0.0.gem.sig
    ```
 
 2. If all went well install the gem:
    ```
-   gem install schleuder-3.5.0.gem
+   gem install schleuder-4.0.0.gem
    ```
 
 3. Set up schleuder:
@@ -112,7 +113,7 @@ To execute the test suite run:
 
     bundle exec rspec
 
-Please note: Some of the specs use 'pgrep'. On systems that base on Debian 9 ("stretch") install it via 
+Please note: Some of the specs use 'pgrep'. On systems that base on Debian 10 ("buster") install it via 
 
     apt-get install procps
 
@@ -145,4 +146,4 @@ GNU GPL 3.0. Please see [LICENSE.txt](LICENSE.txt).
 Alternative Download
 --------------------
 
-Alternatively to the gem-files you can download the latest release as [a tarball](https://schleuder.org/download/schleuder-3.5.0.tar.gz) and [its OpenPGP-signature](https://schleuder.org/download/schleuder-3.5.0.tar.gz.sig).
+Alternatively to the gem-files you can download the latest release as [a tarball](https://schleuder.org/download/schleuder-4.0.0.tar.gz) and [its OpenPGP-signature](https://schleuder.org/download/schleuder-4.0.0.tar.gz.sig).

data/Rakefile

@@ -3,11 +3,11 @@ require_relative "lib/#{project}.rb"
 
 @version = Schleuder::VERSION
 @tagname = "#{project}-#{@version}"
-@gpguid = 'team@schleuder.org'
+@gpguid = 'B3D190D5235C74E1907EACFE898F2C91E2E6E1F3'
 @filename_gem = "#{@tagname}.gem"
 @filename_tarball = "#{@tagname}.tar.gz"
 
-load "active_record/railties/databases.rake"
+load 'active_record/railties/databases.rake'
 
 # Configure ActiveRecord
 ActiveRecord::Tasks::DatabaseTasks.tap do |config|
@@ -19,7 +19,7 @@ ActiveRecord::Tasks::DatabaseTasks.tap do |config|
 end
 
 # ActiveRecord requires this task to be present
-Rake::Task.define_task("db:environment")
+Rake::Task.define_task('db:environment')
 
 namespace :db do
   # A shortcut.
@@ -42,7 +42,7 @@ end
 task :publish_gem => :website
 task :git_tag => :check_version
 
-desc "Build new version: git-tag and gem-file"
+desc 'Build new version: git-tag and gem-file'
 task :new_version => [
     :check_version,
     :edit_readme, :edit_changelog,
@@ -57,12 +57,12 @@ task :new_version => [
   ] do
 end
 
-desc "Edit CHANGELOG.md"
+desc 'Edit CHANGELOG.md'
 task :edit_changelog do
   edit_and_add_file('CHANGELOG')
 end
 
-desc "Edit README"
+desc 'Edit README'
 task :edit_readme do
   edit_and_add_file('README')
 end
@@ -72,12 +72,12 @@ task :git_tag do
   `git tag -u #{@gpguid} -s -m "Version #{@version}" #{@tagname}`
 end
 
-desc "Add changed version to git-index"
+desc 'Add changed version to git-index'
 task :git_add_version do
   `git add lib/#{project}/version.rb`
 end
 
-desc "Commit changes as new version"
+desc 'Commit changes as new version'
 task :git_commit do
   `git commit -m "Version #{@version}"`
 end
@@ -111,10 +111,10 @@ desc 'Publish gem-file to rubygems.org'
 task :publish_gem do
   puts "Really push #{@filename_gem} to rubygems.org? [yN]"
   if $stdin.gets.match(/^y/i)
-    puts "Pushing..."
+    puts 'Pushing...'
     `gem push #{@filename_gem}`
   else
-    puts "Not pushed."
+    puts 'Not pushed.'
   end
 end
 
@@ -125,7 +125,7 @@ end
 
 desc 'Describe manual release-tasks'
 task :website do
-  puts "Please remember to publish the release-notes on the website and on schleuder-announce."
+  puts 'Please remember to publish the release-notes on the website and on schleuder-announce.'
 end
 
 desc 'Check if version-tag already exists'
@@ -133,7 +133,7 @@ task :check_version do
   # Check if Schleuder::VERSION has been updated since last release
   if `git tag`.match?(/^#{@tagname}$/)
     $stderr.puts "Warning: Tag '#{@tagname}' already exists. Did you forget to update lib/#{project}/version.rb?"
-    $stderr.print "Delete tag to continue? [yN] "
+    $stderr.print 'Delete tag to continue? [yN] '
     if $stdin.gets.match(/^y/i)
       `git tag -d #{@tagname}`
     else

data/bin/schleuder

@@ -4,7 +4,7 @@
 # error-message.
 $VERBOSE=nil
 
-trap("INT") { exit 1 }
+trap('INT') { exit 1 }
 
 
 begin

data/db/migrate/20140501103532_create_lists.rb

@@ -1,4 +1,4 @@
-class CreateLists < ActiveRecord::Migration
+class CreateLists < ActiveRecord::Migration[4.2]
   def up
     if ! table_exists?(:lists)
       create_table :lists do |t|

data/db/migrate/20140501112859_create_subscriptions.rb

@@ -1,4 +1,4 @@
-class CreateSubscriptions < ActiveRecord::Migration
+class CreateSubscriptions < ActiveRecord::Migration[4.2]
   def up
     if ! table_exists?(:subscriptions)
       create_table :subscriptions do |t|

data/db/migrate/{201508092100_add_language_to_lists.rb → 20150809210000_add_language_to_lists.rb}

@@ -1,4 +1,4 @@
-class AddLanguageToLists < ActiveRecord::Migration
+class AddLanguageToLists < ActiveRecord::Migration[4.2]
   def up
     if ! column_exists?(:lists, :language)
       add_column :lists, :language, :string, default: 'en'

data/db/migrate/20150812165700_change_keywords_admin_only_defaults.rb

@@ -1,4 +1,4 @@
-class ChangeKeywordsAdminOnlyDefaults < ActiveRecord::Migration
+class ChangeKeywordsAdminOnlyDefaults < ActiveRecord::Migration[4.2]
   def up
     change_column_default :lists, :keywords_admin_only, "[\"subscribe\", \"unsubscribe\", \"delete-key\"]"
   end

data/db/migrate/20150813235800_add_forward_all_incoming_to_admins.rb

@@ -1,4 +1,4 @@
-class AddForwardAllIncomingToAdmins < ActiveRecord::Migration
+class AddForwardAllIncomingToAdmins < ActiveRecord::Migration[4.2]
   def up
     if ! column_exists?(:lists, :forward_all_incoming_to_admins)
       add_column :lists, :forward_all_incoming_to_admins, :boolean, default: false

data/db/migrate/{201508141727_change_send_encrypted_only_default.rb → 20150814172700_change_send_encrypted_only_default.rb}

@@ -1,4 +1,4 @@
-class ChangeSendEncryptedOnlyDefault < ActiveRecord::Migration
+class ChangeSendEncryptedOnlyDefault < ActiveRecord::Migration[4.2]
   def up
     change_column_default :lists, :send_encrypted_only, true
   end

data/db/migrate/{201508222143_add_logfiles_to_keep_to_lists.rb → 20150822214300_add_logfiles_to_keep_to_lists.rb}

@@ -1,4 +1,4 @@
-class AddLogfilesToKeepToLists < ActiveRecord::Migration
+class AddLogfilesToKeepToLists < ActiveRecord::Migration[4.2]
   def up
     if ! column_exists?(:lists, :logfiles_to_keep)
       add_column :lists, :logfiles_to_keep, :integer, default: 2

data/db/migrate/{201508261723_rename_delivery_disabled_to_delivery_enabled_and_change_default.rb → 20150826172300_rename_delivery_disabled_to_delivery_enabled_and_change_default.rb}

@@ -1,4 +1,4 @@
-class RenameDeliveryDisabledToDeliveryEnabledAndChangeDefault < ActiveRecord::Migration
+class RenameDeliveryDisabledToDeliveryEnabledAndChangeDefault < ActiveRecord::Migration[4.2]
   def up
     if column_exists?(:subscriptions, :delivery_disabled)
       rename_column :subscriptions, :delivery_disabled, :delivery_enabled

data/db/migrate/{201508261815_strip_gpg_passphrase.rb → 20150826181500_strip_gpg_passphrase.rb}

@@ -1,4 +1,4 @@
-class StripGpgPassphrase < ActiveRecord::Migration
+class StripGpgPassphrase < ActiveRecord::Migration[4.2]
   def up
     if column_exists?(:lists, :gpg_passphrase)
       remove_column :lists, :gpg_passphrase

data/db/migrate/{201508261827_remove_default_mime.rb → 20150826182700_remove_default_mime.rb}

@@ -1,4 +1,4 @@
-class RemoveDefaultMime < ActiveRecord::Migration
+class RemoveDefaultMime < ActiveRecord::Migration[4.2]
   def up
     remove_column :lists, :default_mime
   end

data/db/migrate/20160501172700_fix_headers_to_meta_defaults.rb

@@ -1,4 +1,4 @@
-class FixHeadersToMetaDefaults < ActiveRecord::Migration
+class FixHeadersToMetaDefaults < ActiveRecord::Migration[4.2]
   def up
     change_column_default :lists, :headers_to_meta, '["from", "to", "date", "cc"]'
   end

data/db/migrate/20170713215059_add_internal_footer_to_list.rb

@@ -1,4 +1,4 @@
-class AddInternalFooterToList < ActiveRecord::Migration
+class AddInternalFooterToList < ActiveRecord::Migration[4.2]
   def up
     if ! column_exists?(:lists, :internal_footer)
       add_column :lists, :internal_footer, :text, default: ''

data/db/migrate/20180110203100_add_sig_enc_to_headers_to_meta_defaults.rb

@@ -1,4 +1,4 @@
-class AddSigEncToHeadersToMetaDefaults < ActiveRecord::Migration
+class AddSigEncToHeadersToMetaDefaults < ActiveRecord::Migration[4.2]
   def up
     change_column_default :lists, :headers_to_meta, '["from", "to", "cc", "date", "sig", "enc"]'
     list_klass = create_list_klass

data/db/migrate/20180723173900_add_deliver_selfsent_to_list.rb

@@ -1,4 +1,4 @@
- class AddDeliverSelfsentToList < ActiveRecord::Migration
+class AddDeliverSelfsentToList < ActiveRecord::Migration[4.2]
   def up
     if ! column_exists?(:lists, :deliver_selfsent)
       add_column :lists, :deliver_selfsent, :boolean, default: true

data/db/migrate/20190906194820_add_autocrypt_header_to_list.rb

@@ -1,4 +1,4 @@
-class AddAutocryptHeaderToList < ActiveRecord::Migration
+class AddAutocryptHeaderToList < ActiveRecord::Migration[4.2]
   def up
     if ! column_exists?(:lists, :include_autocrypt_header)
       add_column :lists, :include_autocrypt_header, :boolean, default: true

data/db/migrate/20200118170110_add_set_reply_to_to_sender_and_munge_from.rb

@@ -0,0 +1,15 @@
+class AddSetReplyToToSenderAndMungeFrom < ActiveRecord::Migration[4.2]
+  def up
+    if ! column_exists?(:lists, :set_reply_to_to_sender)
+      add_column :lists, :set_reply_to_to_sender, :boolean, default: false
+    end
+    if ! column_exists?(:lists, :munge_from)
+      add_column :lists, :munge_from, :boolean, default: false
+    end
+  end
+
+  def down
+    remove_column(:lists, :set_reply_to_to_sender)
+    remove_column(:lists, :munge_from)
+  end
+end

data/db/schema.rb

@@ -1,64 +1,64 @@
-# encoding: UTF-8
 # This file is auto-generated from the current state of the database. Instead
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
 #
-# Note that this schema.rb definition is the authoritative source for your
-# database schema. If you need to create the application database on another
-# system, you should be using db:schema:load, not running all the migrations
-# from scratch. The latter is a flawed and unsustainable approach (the more migrations
-# you'll amass, the slower it'll run and the greater likelihood for issues).
+# This file is the source Rails uses to define your schema when running `rails
+# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20190906194820) do
+ActiveRecord::Schema.define(version: 2020_01_18_170110) do
 
   create_table "lists", force: :cascade do |t|
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.string   "email",                                       limit: 255
-    t.string   "fingerprint",                                 limit: 255
-    t.string   "log_level",                                   limit: 255, default: "warn"
-    t.string   "subject_prefix",                              limit: 255, default: ""
-    t.string   "subject_prefix_in",                           limit: 255, default: ""
-    t.string   "subject_prefix_out",                          limit: 255, default: ""
-    t.string   "openpgp_header_preference",                   limit: 255, default: "signencrypt"
-    t.text     "public_footer",                                           default: ""
-    t.text     "headers_to_meta",                                         default: "[\"from\", \"to\", \"cc\", \"date\", \"sig\", \"enc\"]"
-    t.text     "bounces_drop_on_headers",                                 default: "{\"x-spam-flag\":\"yes\"}"
-    t.text     "keywords_admin_only",                                     default: "[\"subscribe\", \"unsubscribe\", \"delete-key\"]"
-    t.text     "keywords_admin_notify",                                   default: "[\"add-key\"]"
-    t.boolean  "send_encrypted_only",                                     default: true
-    t.boolean  "receive_encrypted_only",                                  default: false
-    t.boolean  "receive_signed_only",                                     default: false
-    t.boolean  "receive_authenticated_only",                              default: false
-    t.boolean  "receive_from_subscribed_emailaddresses_only",             default: false
-    t.boolean  "receive_admin_only",                                      default: false
-    t.boolean  "keep_msgid",                                              default: true
-    t.boolean  "bounces_drop_all",                                        default: false
-    t.boolean  "bounces_notify_admins",                                   default: true
-    t.boolean  "deliver_selfsent",                                        default: true
-    t.boolean  "include_list_headers",                                    default: true
-    t.boolean  "include_openpgp_header",                                  default: true
-    t.integer  "max_message_size_kb",                                     default: 10240
-    t.string   "language",                                    limit: 255, default: "en"
-    t.boolean  "forward_all_incoming_to_admins",                          default: false
-    t.integer  "logfiles_to_keep",                                        default: 2
-    t.text     "internal_footer",                                         default: ""
-    t.boolean  "include_autocrypt_header",                                default: true
+    t.string "email", limit: 255
+    t.string "fingerprint", limit: 255
+    t.string "log_level", limit: 255, default: "warn"
+    t.string "subject_prefix", limit: 255, default: ""
+    t.string "subject_prefix_in", limit: 255, default: ""
+    t.string "subject_prefix_out", limit: 255, default: ""
+    t.string "openpgp_header_preference", limit: 255, default: "signencrypt"
+    t.text "public_footer", default: ""
+    t.text "headers_to_meta", default: "[\"from\", \"to\", \"cc\", \"date\", \"sig\", \"enc\"]"
+    t.text "bounces_drop_on_headers", default: "{\"x-spam-flag\":\"yes\"}"
+    t.text "keywords_admin_only", default: "[\"subscribe\", \"unsubscribe\", \"delete-key\"]"
+    t.text "keywords_admin_notify", default: "[\"add-key\"]"
+    t.boolean "send_encrypted_only", default: true
+    t.boolean "receive_encrypted_only", default: false
+    t.boolean "receive_signed_only", default: false
+    t.boolean "receive_authenticated_only", default: false
+    t.boolean "receive_from_subscribed_emailaddresses_only", default: false
+    t.boolean "receive_admin_only", default: false
+    t.boolean "keep_msgid", default: true
+    t.boolean "bounces_drop_all", default: false
+    t.boolean "bounces_notify_admins", default: true
+    t.boolean "include_list_headers", default: true
+    t.boolean "include_openpgp_header", default: true
+    t.integer "max_message_size_kb", default: 10240
+    t.string "language", limit: 255, default: "en"
+    t.boolean "forward_all_incoming_to_admins", default: false
+    t.integer "logfiles_to_keep", default: 2
+    t.text "internal_footer", default: ""
+    t.boolean "deliver_selfsent", default: true
+    t.boolean "include_autocrypt_header", default: true
+    t.boolean "set_reply_to_to_sender", default: false
+    t.boolean "munge_from", default: false
   end
 
   create_table "subscriptions", force: :cascade do |t|
-    t.integer  "list_id"
-    t.string   "email",            limit: 255
-    t.string   "fingerprint",      limit: 255
-    t.boolean  "admin",                        default: false
-    t.boolean  "delivery_enabled",             default: true
+    t.integer "list_id"
+    t.string "email", limit: 255
+    t.string "fingerprint", limit: 255
+    t.boolean "admin", default: false
+    t.boolean "delivery_enabled", default: true
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.index ["email", "list_id"], name: "index_subscriptions_on_email_and_list_id", unique: true
+    t.index ["list_id"], name: "index_subscriptions_on_list_id"
   end
 
-  add_index "subscriptions", ["email", "list_id"], name: "index_subscriptions_on_email_and_list_id", unique: true
-  add_index "subscriptions", ["list_id"], name: "index_subscriptions_on_list_id"
-
 end

data/etc/list-defaults.yml

@@ -131,3 +131,21 @@ forward_all_incoming_to_admins: false
 # Disabling this only works for signed e-mails; any e-mail that is unsigned
 # sent to the list is treated as coming from an unknown source
 deliver_selfsent: true
+
+# Set reply-to header to original sender's reply-to? 
+# Enabling this will set the reply-to-header of emails sent by schleuder
+# to the original sender's reply-to-header. If the original sender
+# did not supply a reply-to-header, the original from-header will be used.
+# This option can enabled for improved usability since this affect
+# mail client's reply-to button to reply to the original sender instead of
+# the whole list.
+set_reply_to_to_sender: false
+
+# Munge from-header?
+# Enabling this option will add the original sender to the from-header.
+# To avoid DMARC issues, we still use the list's address as from-address.
+# However the sender's address will be included as displayed name.
+# For example: "sender@sender.org via list@list.org" <list@list.org>
+# This option can enabled for improved usability since this affect
+# mail client's displayed name.
+munge_from: false

data/etc/postfix/schleuder_sqlite.cf

@@ -15,7 +15,7 @@
 # it is not recommended to use this table for more powerful
 # configuration options (e.g. transport_maps) because it could give
 # the schleuder user (which can write the given sqlite database) the
-# power to change settings for for other mail handled by this Postfix
+# power to change settings for other mail handled by this Postfix
 # instance.
 
 dbpath = /var/lib/schleuder/db.sqlite

data/etc/schleuder-weekly-key-maintenance.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Schleuder weekly key maintenance
+After=local-fs.target network.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/schleuder refresh_keys
+ExecStart=/usr/local/bin/schleuder check_keys
+User=schleuder