haraka 0.0.33 → 3.3.1

package/config/connection.ini

@@ -0,0 +1,79 @@
+; 
+[main]
+
+; Spooling
+; Save memory by spooling large messages to disk
+; directory to create temporary spool files in (default: /tmp - see https://github.com/haraka/message-stream)
+; spool_dir=/var/spool/haraka
+; Specify -1 to never spool to disk (default)
+; Specify 0 to always spool to disk
+; Otherwise specify a size in bytes, once reached the
+; message will be spooled to disk to save memory.
+; spool_after=
+
+; Require senders to conform to RFC 1869 and RFC 821 when sending the MAIL FROM and RCPT TO commands. In particular, the inclusion of spurious spaces or missing angle brackets will be rejected.
+; strict_rfc1869 = false
+
+; Liberal envelope parsing. See @haraka/email-address for what postel mode relaxes.
+; postel = false
+
+; Advertise support for SMTPUTF8 (RFC-6531)
+; smtputf8=true
+
+
+[haproxy]
+; Bool: enable HAProxy PROXY protocol support and SMTPS pre-parsing.
+; enabled=true
+
+; Array: hosts or CIDRs that Haraka should enable the PROXY protocol from. See docs/HAProxy for format
+hosts[] =
+; hosts[] = 192.0.2.4
+; hosts[] = 192.0.2.5
+; hosts[] = [2001:db8::1]
+; hosts[] = [2001:db8::2]
+
+
+[headers]
+; add_received=true
+; clean_auth_results=true
+
+; show_version=true
+
+max_lines=1000
+
+max_received=100
+
+
+[max]
+; Integer. The maximum SIZE of an email
+bytes=26214400
+
+; Integer. Limit a potential denial of service in potentially hostile emails.
+mime_parts=1000
+
+; Integer. The maximum length of lines in SMTP session commands (e.g. RCPT, HELO etc). Defaults to 512 (bytes) as mandated by RFC 5321 §4.5.3.1.4. Clients exceeding this limit will be immediately disconnected with a "521 Command line too long" error.
+line_length=512
+
+; Integer. The maximum length of lines in the DATA section of emails. Defaults to 992 (bytes), the limit set by Sendmail. When this limit is exceeded the three bytes "\r\n " (0x0d 0x0a 0x20) are inserted into the stream to "fix" it. This has the potential to "break" some email, but makes it more likely to be accepted by upstream/downstream services, and is the same behaviour as Sendmail. Also when the data line length limit is exceeded `transaction.notes.data_line_length_exceeded` is set to `true`.
+data_line_length=992
+
+
+[message]
+; Array. The greeting used when a client connects.
+; greeting[]=My Custom
+; greeting[]=Greeting Message
+
+helo=Haraka is at your service.
+
+; String. Override the default connection close message.
+close=closing connection. Have a jolly good day.
+
+
+[uuid]
+; integer, how many UUID chars to show.
+; 0 = none, 6 is enough to be unique per day, 40 will include the
+;     full connection and transaction UUID
+banner_chars=6
+
+; include N characters of the uuid (in brackets) at the start of each line of the deny message
+deny_chars=0

package/config/delay_deny.ini

@@ -0,0 +1,7 @@
+
+; excluded plugins: a list of denials that are to be excluded (ie, all the immediate rejection)
+; Examples: <plugin>
+;           <plugin>:<hook>
+;           <plugin>:<hook>:<function name>
+; 
+;excluded_plugins=spf,lookup_rdns_strict

package/config/host_list

@@ -0,0 +1,3 @@
+# add hosts in here we want to accept mail for
+haraka.local
+

package/config/host_list_regex

@@ -0,0 +1,6 @@
+# Add regexes in here we want to accept mail for.
+# Specifies the list of regexes that are local to this server.  Note
+# all these regexes are anchored with ^regex$. One can not choose not to
+# anchor with .* and that there is a good potential for bad regexes being
+# over permissive if we don't do this.
+

package/config/http.ini

@@ -0,0 +1,11 @@
+
+; listen: the HTTP address:port(s) to listen on
+; default: [::]:80 (port 80 on all IPv4 and IPv6 addresses)
+; listen=[::]:80
+
+; listen can also be a unix socket path, with an optional 3-digit permission mask
+; e.g. listen=/path/to/some.sock or listen=/path/to/some.sock:777
+; if no mask is specified, the default permissions are determined by the umask.
+
+; docroot: the directory where web content is served from
+;docroot=/usr/local/haraka/html

package/config/lmtp.ini

@@ -0,0 +1,7 @@
+;
+; [main]
+; host=127.0.0.1
+
+; [example.com]
+; host=mail.example.com
+; port=24

package/config/log.ini

@@ -0,0 +1,11 @@
+[main]
+
+; level=data, protocol, debug, info, notice, warn, error, crit, alert, emerg
+level=info
+
+; prepend timestamps to log entries? This setting does NOT affect logs emitted
+; by logging plugins (like syslog).
+timestamps=false
+
+;  format=default, logfmt, json
+format=default

package/config/outbound.bounce_message

@@ -0,0 +1,18 @@
+Received: (Haraka {pid} invoked for bounce); {date}
+Date: {date}
+From: MAILER-DAEMON@{me}
+To: {to}
+Auto-Submitted: auto-replied
+Subject: failure notice
+Message-Id: {msgid}
+
+Hi. This is the Haraka Mailer program at {me}.
+I'm afraid I wasn't able to deliver your message
+    "{subject}"
+to the following addresses.
+This is a permanent error; I've given up. Sorry it didn't work out.
+
+Intended Recipients: {recipients}
+Failure Reason: {reason}
+
+{extended_reason}

package/config/outbound.bounce_message_html

@@ -0,0 +1,36 @@
+<html>
+<head>
+<style>
+* {
+font-family:Roboto, "Helvetica Neue", Helvetica, Arial, sans-serif;
+}
+</style>
+</head>
+<body>
+<table cellpadding="0" cellspacing="0" class="email-wrapper" style="padding-top:32px;background-color:#ffffff;"><tbody>
+<tr><td>
+<table cellpadding=0 cellspacing=0><tbody>
+<tr><td style="max-width:560px;padding:24px 24px 32px;background-color:#fafafa;border:1px solid #e0e0e0;border-radius:2px">
+<img style="padding:0 24px 16px 0;float:left" width=72 height=72 alt="Foutpictogram" src="cid:icon.png">
+<table style="min-width:272px;padding-top:8px"><tbody>
+<tr><td><h2 style="font-size:20px;color:#212121;font-weight:bold;margin:0">
+Message not delivered
+</h2></td></tr>
+<tr><td style="padding-top:20px;color:#757575;font-size:16px;font-weight:normal;text-align:left">
+A problem has occurred when trying to deliver your mail to <a style='color:#212121;text-decoration:none'><b>{recipients}</b></a> . Look below for the technical details.
+</td></tr>
+</tbody></table>
+</td></tr>
+</tbody></table>
+</td></tr>
+<tr style="border:none;background-color:#fff;font-size:12.8px;width:90%">
+<td align="left" style="padding:48px 10px">
+Reaction of the server: <br/>
+<p style="font-family:monospace">
+{reason}
+</p>
+</td>
+</tr>
+</tbody></table>
+</body>
+</html>

package/config/outbound.bounce_message_image

@@ -0,0 +1,106 @@
+Content-Type: image/png; name="icon.png"
+Content-Disposition: attachment; filename="icon.png"
+Content-Transfer-Encoding: base64
+Content-ID: <icon.png>
+
+iVBORw0KGgoAAAANSUhEUgAAAJAAAACQCAYAAADnRuK4AAAAAXNSR0IArs4c6QAAFi1JREFUeAHt
+XUmMHVcVrfo9eYgUWDBsEsAxCQQFFCkSzsQgBQeMQGIBScSwYFoghg0CNoAlhgWjWLBhB0gMYsEO
+Z7AgQOwECRRCxBBwOwwLIGwwsdPt7v9/cc6571ZVO2771++q/6uq37N/1Xt3elX3nn9fVfXt6iSJ
+LXogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHog
+eiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHqgux5Iu3vozRx5dvTo4PRD9909TrIjmOF6zZIm
+vx9k6bEDt935g/To0XEzM3fTagRQKW6n7rz19dl49M0ky15eIhfdNP1jspB86KX3PvJgQdzdvQig
+EP9Thw/dlWXZd5IsWb4kJNJkI03T9xy8/5EfXlJulzAjgBBogicZZ9/PkmQif0AoSwbpPRFEEzqs
+z1+m00duedF4Y/QYwHNllfMEiM4MlhdedeAnJ/9WRa9vsoO+nVCV8+EFM8Dz3arg4RzUkS5sVJmz
+b7K7+uRXT9z3AQDh9mmDSt3Vk8feP61+H/QmWvP7cKIXnsPqHXdcOU7P/gV3XM+7kFdpnKb/GWRX
+vPSa48fPVNLrifCuzUDjwdNHdwweggAAlK2eAKLqaezKDHT6jbdeNxoOH4ezlqo6bBv5zYXFxRsO
+3HviiW34vSXvygw0Ho2+jojWBR6CYynY7C1QtjuxXQeg1TtueTMeGL5pO4dMS6dN2p5Wv6t6uwpA
+2Qc/uJQlo682FSza5hxN2W+j3V0FoNXTj38Mt97XNRUI2uYcTdlvo91dcxF96vAtz0/Goz8jyJWe
+OFcNGhx6JhksXHvw/pNPVdXtovyuyUBZNv5i0+AhADgH5+oiGKY55l2Rgf76pptvHA7Hv87wI9Bp
+nFRVJ02T8eLi4KYXH3v40aq6XZOfiUPn7ZTh5vgbswIPz5Vzcc55n/cs5u89gFbfcPM9WFam/nnX
+tEHgnJx7Wv2u6PV6CfvH22/ee/6/4yeQEa6aR0CwlP1j5TmD66760cNr85h/FnP2OgOt/3f8qXmB
+h8Hj3DyGWQRyXnP0NgOt3nHb1Vky/FOWZHvn5VzOmybpWposvuya4w/9fZ7H0dTcvc1A43T4lXmD
+h0HjMWTp8MtNBXDednuZgU7feevto9HwF/N2bnn+hYXF1xy478Qvy7Q+9HuXgVimOhqNWncLzWPi
+sfUBNOVz6N0JWYlpdmP5JNvRz27sY/lrr5aw2spUm0JcD8tfe5WBxsnZz9ZSptoUgFj+ymPsUetN
+BmqgTLWpMPeq/LU3GaiBMtWmAMTy1681ZXzWdnsBoKbKVJsKBspfj/Sl/LXzAGq6TLUxEPWk/LXz
+AFp98rGP4iffjZWpNgcglL/i2JuyPyu7nb6InlWZalPBgPM7X/7a6Qw0qzLVpgCEzNn58tfOZqBZ
+l6k2BaKul792NgPNuky1KQB1vfy1kwA6dfjVd7NktKmgztouz4XnNOt565ivc0vYvMtU63D6xWx0
+tfy1cxlo3mWqFwt+HbSulr92KgM1WaZ68IFHKuHg96+/KVlZXKykcznhLpa/dioDsTS0DWWqBMLZ
+zfVkczS8HCYq8btY/toZALFMFT9DekeliDQpjDXnf5vnk426QYRz5Lk2eeh12u4EgNpZporVf4zq
+HoBoczSqMyZJl8pfOwGgNpapYrnhr+ygfi1LnsZyVm8m6k75a+sBxDLVJEs/V+tXvA5jeHiTN4Do
+7OZGvSDCOevc80na2Wk9gFgCim/581vnPqxghqGAJIJoiOVsXM9yxnPuQvlrqwHEMlWE6cOtA8+W
+A/InIQAS/hDU2Y36QMRzNx9smbBVg1YDKJR+tvidgwBNSED6syPCUpac26jtFr/15a+tBVAoU+Uf
+fWtl87yz5eAIJmEqTc4NN2p5ToSlrNXlr60EUBfKVC3xAEZpnoIMS0QWrof4eWa4mWyMd/6wsc1v
+f20lgLpTpkqgADH86LY+ZCCSwBrjOdEzm5s7vrCGqdaWv7YOQCpTzZJP29e5vVtCRk0dAkn/sePz
+ISSmsEmZiXCLv+OHjfCJfBOmbcuudQBKsvEXEItGX8Vbh/NxjGhACTs5WAicQAMdjxn1oFHL2Qgg
+2sEtvnwC32jaFm1aBSCWqSIi722RfyY7FESXONKHaxcxJBxhA0CRjj+pmawzE2FZm75l7zUfTW+h
+bs1WAahLZar8MYZBxkLCa2ktWx4hoYbLmS1pRNUY4Frbwc/OoN66t7+2BkBdK1PltY5SDXHELBPw
+5CCyvZiWgXJgIRONpr+wxqytKn9tBYBYpgovf8l93IW9ZSDkIGUaYMiXLlu7AmhymOGUIEg8sYdl
+bB23+FNfE8FX8pmZm+u2FQBaP5N9Ev6/aq6eqDq5JRdp4WGfspBhhKDBuMBLYRk0vyaizjoeNg5H
+1a+J6Cv6rDA8v97cAcQy1XScfGJ+LphyZoKGIMFaFRKLMowwAgqXMPbZtA9rG4FDHaqTsYa7s9EU
+F9b0GX2nCea4mTuA2lSmWj0OQACRIEBY5vGLawGEQHKjBAwGPg54gjp+doZMNKp4i4/ZWvH217kC
+qHVlqh7sSfdEAREhEHFvijlsiC8ShRYOgkBQobL+gbw2HCbDqiBqQfnr3ADUzjJVA8Ak2xwKxIVw
+xA1v2gWZkgnQHTiedsC1rkkbBnlNRBBVuyaad/nr3AC0+tC974NnW/g21VLsL9Fl0NWIm4AmwkcJ
+xxkceBNKMDC0iMonRPxXSGXJBu7OqoEI5a/ypU80233uh1lOy1LNLD37Z6z/rak0PIcHfOdQDJY3
+LUvmHndS/mMKEPxCeKCsw6xhYKA+v5UGCtCELvLQ3JBkA5bQt28xjUJLuzTZg985WxgsUOuyDcfy
+VJpdce01x4+fuaxwzQJzyUBtLFPdv7SS8JO30nLjNF7wEhp6toy+L0NFCiEnLGFiUj6ghjtTNwr6
+HLLZPjBJhyyL9EfZZMsZv4jzKn8NZ2cnMott29+myizEbMRwDgSHMbaFm5R5xLPAi4fMUciUeiUQ
+Fngq8WXX4EM0+reZFM7DWVcWl5KF1DkgbN/m8vbXiY5s+2Ouzml7mer+5ZCJmAkEI4Qx4Ich1cqG
+0xZkGGTx7DrGQh4AQRkIW9bSwJYnWmX2kg3OYMa5elGTH9mRbpKcn/yaaC7lrzMF0OobXn0Ezmtt
+mSpip0YQXbGy7EOLKkeINQHjIGK02Q8sDC38AVWWRQwfUqasA8+0aM8MSJddG0qedjjkr1BPcmFN
+39LHbnsW+5kBSGWqWdKZ9yPvX9oTrolCRIWcAB6ByKONfUBRjhVHVc4KNggL8FyTiMz0U1gygrZA
+4xKAG22AvYHffh253UsgAyJfo68vIVIra2YA6k6ZauFfLWfLeywpMPCIsYWZnRBwiocuA11uGaMv
+Xmnpo2pJqNwXVDCPLYXkmDAhh2IQ3OLjwvoyz4kw43WnnvzdR0pTNNrdevwNTdX1t6nyd73W8OMG
++4k7XEakBM9pBRpYyI2IYPOiNweCwcpv+1PIsvECnYbI5bdYJkOWIziVecCwb7jp+JXWMm/xL3Fh
+DemZvf3Vjg8n0GjrSJnqdj64AtdE+xbtFl9wCIFWWD3oUPYAa0kD3TIQpCz+Ms+uDS2vSJ0bdWCd
+XUr6Hl2DGYnWbDnb/hYfVvDr4LMpf9Wx+oE1se/L21TpG97es0BeWacUYGYXa0ZkPuKdljILScSF
+ZMDBgAuSeNgb6IK2ywRrBCsTFvecQTZoC/0MsssLC9tmIrDHi4uDm1587OFHId5YazwDdalM9XJe
+toeNuDsjKCDMwLJp7xvsdZsuMFCOoKE0G8ATLpopnpPJ4oBEAI8f53OYa7MfxAi8S2Ui4pe+p+km
+W6MAOnX40F0459ubPIFZ296Hp9V78GGArYWIamChFjACCAw0xSKk23ZX5t7RQX329SHsiiZxB550
+mOFM4pIgUvnrobsKS/X3ysdZq/WuvU216jsSH7n1FcoYlkWYZcx9eegNRSUgcNkqFiz1ICM1bgCM
+fJkj+MCzZY508rEBwZdDA5XQJNBtt5xhhr+vPDd92VU/enit1gAHY41loE6WqVb0sAfc1ASFosu1
+B812xrM8ZPQS4grwBFZILtL3ayYJuc1gWMASuPw50bMvrDHn1U2WvzYCoM6WqSpkVTaMuEedey4t
+BA0ziBIDNhZhbi3fYCsSBYM6COxaOrLnQKZFGfQEHOwhR7qadMgjWdrbXhOx/PXU4dc0UnPeCICy
+ZPgluHCvn2sf9wqkkJCH1ACBkyVZVMWVgDAWM5D6Fm8TcgJoQVzuchH3naaijMtzHqEHNAoHBT1s
+vOCn+IrFeOPLbqvOfe0AUplqkjV64VanA6a1pZgxcgwoGq9ZlHV8HHjKGSG4RJZ3hTJFHsrQMdDR
+hhnwrQBD+5yKRBpAh5Z4IS2Lpqw+l9WLXVhD+q4m3v5aK4C6XqaK0FRqCrIjAhHWk2qMLbAGFrId
+BOIj8HYnJiTYfMGGZShuQYBxWQg8YsTxRiX1SaNgYHBePUIA9WIgaqL8tVYAdb1M1aJZYcuoWrgB
+CoYbH1yPKPBgkWsh9h6G1hVH/YAjYsBYQRaEPBsJPaaSS0FM8wQk+ZzMTtvf4tdf/lobgPRG0TT5
+vJ/mrth78BBMe3iIoDILEAriWbhDEoFLSCeL0WegNdQYFO0tCwXvBRscKSuxwwvmQNc8sKM7NdgU
+iMgzYzLOTDQuXxMhRnW+/bU2ACXp2c/Aia2pcaavZ9IYLLQ8ZspARrElJQi4EIYKNMdoDHvoCAiC
+gWTAY+YhG6AIUugbTRgSVgLkQHZgyn4AFm2fH7IUxG7xFSPESnPWsKkFQCxTxZsnZlZCUMN512OC
+AfaEoICFeJPon3CLzYxjpCJDGMmWPAJCoJDBQlQ6VKWwGgUJLn4AHgJKADO7BI/T8kwIkfI1EWNV
+19tfawFQ28tUg+fr31ksLUkocLbQWFYJAWeA2YgOgYljfAIgOAJHNnKMhLERMWCjUKkJcLJDYjGH
+ZSGSbEnLbUK/BKLayl93DKCulKmWfF9PF5GxxYPAwH9HAfbsFi2MGEnnWaqxMWgWagwdbAEPskl1
+6pHGvnZhSRMPG5qmgNBiGU06oGkqitAYBg4iLGW1lL+GQ7UDq7pl6eTq6ccex6F17u+2X3iu/tsY
+ZTrOS8HVNUXOsPzCeKkojHHDP4HJFBhPaWrrKYByOR8DRlY8k+Y3WWwbimddhxd1SCaVkmjoF8dG
+sLhNsOyI8r3kNYF6KgVZTAdPXHPgVTek3/rWplGrb3eUgVg6iWPqPHjotvy3MUo+9Oc2+hYTFqXg
+qcsgKZbYoKMsoZBZ6Gmq4GPgsSfRDEhacoHNvk2DTCJl2ibVVTgIGYg9ZhlaIRmKYSQ6iZIUk+xg
+CGNmomE23nH5a3GmmL9K63qZ6nbnWs5EikmIOkOjwDG6IVhug5ycTCL4zBRyLhmmIBmyt/BFsI00
+8jSFUZhHdtQnHDTKwRKwYfMbgn0CGSWg2PzaiGP2dQEOWyuLC2cWBkvXHrz/5FMSrLjZQQYafx6H
+1vq3qVb0x0UyEQNgH209YqAJG/keMfXJjCEt24QwUhf/7aEjrbFZzmCP8c8BUprHliZKWKMms5Pg
+xEkxn/Vp3MaaF0PSacqugTCWMvd2tLjFvxKvlpn6+Z1ZseOaeKvb9tHwDziYHQBw4unmIljORBYG
+uAqB8gTBQFh9PL/NDIiipOuiENot8jwJOTtstAvBJMeugQhKcbboGsWglavkXgGXAmF+QoldHSv7
+ZAYl8TD2fRBMUJ8/3r+y9/oD9554Ijc7YWcqAOC2/eM4yKl0JzyuuYttvSayEAokiobig2O0UOhg
+PfDk533GjtFjUG2vISkKOC2Ybd8Zn0GnPAVtZ91gAwNqaRp2QFYfOpaJjIat7Pi1T3EIZt/18Yxx
+cG59/eOSr7jh9JXak0de98Lh5vpfcYKlNxFUMtEpYXtrx7oCzYd5AwRLS42CVnIfusUohwUCC5Ah
+cn5NBDVkLpPklmPXU/YhgTTqaY++dzh2tDgNe7+eEZzD0uRGNQeRA3vOd3nOY+bEP7+wnL7k+vt+
+80/RJ9xUziKj4dpbdwt46EMrpN/DyNl1h0cdPH7f7Tt/EW87KhibwFYc2VcqoD45BpSCXFYgFU0G
+KA0et0FfY/A0BMvsmb54opkBjv1C2uXL+shCK8ON7C2UrtIqAwgHcajKBH2Q5XLGYnp9ixkfxZ2R
+s9gSRNbEsC5JFFT6ICkIs+fZJejl+Yri1KEuoqx5iB6MSbLZuJWgAGEg4Jj/qYMOmkASaNQmuHwp
+o2FlIWSrsj6y681SrrCpDCAcTGffKlbBL88SZSYSiBQMsBVgC1YhrMhbnAWEAloKO4GAj2sZKApt
+Mi3wjDw+EgANIDQdEoKBYEgcKdE24IC+AclEXZOzKAMFvlQ0BTd2JNhWjm1lAKFc4dmV2zy6XdD2
+Ly0n+/C78t4Ij+B7xdXoIfBkOAgs+kKOZwi3YYpBljChrAc06CnjkEylYJMsZQ/JeiYxvoAErjKO
+m6Yumqmb9oX6AFvl2FYGEED+tB3K7tzuA4gIJEVCEQkbBV4bRtYagmtdbNEXAAg6/HMRCXNAIGiP
+vqJcyJBFXRejcY4lAdkty1Fuh+CGBpXYAl065X5Jf5BkZ0148m1lAOFIfj65+X5KcikTiHB6nh0s
+wgwraCHajB8DWNyyi7sFCIRB3jz4EguRB5sA4WgLICyVgB7gqHmwISBoMwCDpqQHKuniqU8GD6+k
+nyS/oHyVVhlAePT9HR5rlUn6KLtXyxl/Q9WDgrOUVyxE7BNIwgTjGkJHIQaU8bdm3lS9TyAKcFAM
+5iTPWWxJQo+64HvmUV8TBkAQudK3PVRNlsdAoyI/W39haenb4aAm3lUG0NXHTq7i0eXUj74nPrIO
+CO5bxDWR/5ozgpIHBl2G3zMQT4VjirARAAokg6mOVIs+BfCRSaHI5GiB/9yS9jKqjfTzLCV9SOSs
+0AkWyCjr49nUF69/4Fd/4fFVaW61ig7OOUtXDx/6Ns793ZUUeyrMdwc9s4G3duD8GG9/UEhYKB/J
+y9iA6QG123UjeBD8Fl4PLGXJLcIOujaiTTQSBK5glH0JGGhs2aKgMSxbFXp59iJ/MPjeDT/99bsw
+P4UrtcoZiNY50cEHfvUevMf47TiPSk8uKx1dR4T3IhPt5XMiNIXXg8l4eJyNacFHPyQeUulQfbh0
+MWsRdHkkyWMDQToc8oMB4y1VMCVGAXQwEo9yomNPmimSBvsSTf+FWN79yp/95p3TgAcGZZX7qVt2
+9HWLp0+cfy3+puPbcJA34sBegMX/hTji/VMb7agiM9Ea/kqzoh3OAYEJF9UWQNzp4F/Z8eDza2wB
+zTmUZuPeNWjLaUSGgGaIsynBVsajjtZPGeWAafEc2P8G6194W95vs6WFH99w2/4H06MP7vzvkuuo
+4iZ6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6
+IHogeiB6IHogeiB6IHogeiB6IHogemBaD/wfWl0tzAXA/nAAAAAASUVORK5CYII=

package/config/outbound.ini

@@ -0,0 +1,24 @@
+; see http://haraka.github.io/core/Outbound
+;
+; disabled (default: false)
+; disabled=true
+
+; concurrency_max (default: 100)
+; concurrency_max=100
+
+; uncomment to disable tls for outbound mail
+; enable_tls=false
+
+; maxTempFailures (default: 13)
+
+; load_pid_queue
+; flush_queue
+
+; always_split: default: false
+; always_split=true
+
+; received_header (default: "Haraka outbound")
+; received_header=Haraka outbound
+
+; inet_prefer (default: default)
+; inet_prefer=v4

package/config/plugins

@@ -0,0 +1,67 @@
+# This file lists plugins that Haraka will run
+#
+# Plugin ordering often matters, run 'haraka -o -c /path/to/haraka/config'
+# to see the order plugins (and their hooks) will run.
+#
+# To see a list of installed plugins, run 'haraka -l'
+#
+# The plugin registry: https://github.com/haraka/Haraka/blob/master/Plugins.md
+#
+# To see the docs for a plugin, run 'haraka -h plugin.name'
+
+# status
+# process_title
+# syslog
+
+# CONNECT
+# ----------
+# toobusy
+# karma
+# relay
+# access
+# geoip
+# asn
+# fcrdns
+# dns-list
+
+# HELO
+# ----------
+# early_talker
+# helo.checks
+# see 'haraka -h tls' before enabling!
+# tls
+#
+# AUTH plugins require TLS before AUTH is advertised, see
+#     https://github.com/haraka/Haraka/wiki/Require-SSL-TLS
+# ----------
+# auth/flat_file
+# auth/auth_proxy
+
+# MAIL FROM
+# ----------
+mail_from.is_resolvable
+# spf
+
+# RCPT TO
+# ----------
+# At least one rcpt_to plugin is REQUIRED for inbound email.
+rcpt_to.in_host_list
+# qmail-deliverable
+
+# DATA
+# ----------
+# attachment
+# bounce
+# clamd
+# dkim
+# headers
+# limit
+# rspamd
+# spamassassin
+# uribl
+
+# QUEUE
+# ----------
+# queues: discard  qmail-queue  quarantine  smtp_forward  smtp_proxy
+# Queue mail via smtp - see config/smtp_forward.ini for where your mail goes
+queue/smtp_forward

package/config/smtp.ini

@@ -0,0 +1,37 @@
+; address to listen on (default: all IPv6 and IPv4 addresses, port 25)
+; use "[::0]:25" to listen on IPv6 and IPv4 (not all OSes)
+;listen=[::0]:25
+
+; Note you can listen on multiple IPs/ports using commas:
+;listen=127.0.0.1:2529,127.0.0.2:2529,127.0.0.3:2530
+
+; public IP address (default: none)
+; If your machine is behind a NAT, some plugins (SPF, GeoIP) gain features
+; if they know the servers public IP. If 'stun' is installed, Haraka will
+; try to figure it out. If that doesn't work, set it here.
+;public_ip=N.N.N.N
+
+; Time in seconds to let sockets be idle with no activity
+;inactivity_timeout=300
+
+; Drop privileges to this user/group
+;user=smtp
+;group=smtp
+
+; Don't stop Haraka if plugins fail to compile
+;ignore_bad_plugins=0
+
+; Run using cluster to fork multiple backend processes
+; Ref: https://github.com/haraka/Haraka/wiki/Performance-Tuning
+;nodes=cpus
+
+; Daemonize
+;daemonize=true
+;daemon_log_file=/var/log/haraka.log
+;daemon_pid_file=/var/run/haraka.pid
+
+; Force Shutdown Timeout
+; - Haraka tries to close down gracefully, but if everything is shut down
+;   after this time it will hard close. 30s is usually long enough to
+;   wait for outbound connections to finish.
+;force_shutdown_timeout=30

package/config/smtp_bridge.ini

@@ -0,0 +1,4 @@
+host=localhost
+#port=
+#auth_type=
+#priority=10

package/config/smtp_forward.ini

@@ -0,0 +1,31 @@
+; host to connect to
+host=localhost
+;
+; port to connect to
+port=2555
+;
+; uncomment to enable TLS to the backend SMTP server
+;enable_tls=true
+;
+; for messages that have multiple RCPT, send a separate message for each RCPT
+; when forwarding.
+;one_message_per_rcpt=true
+;
+; uncomment to use smtp client authorization
+;auth_type=plain
+;auth_user=
+;auth_pass=
+
+; should outbound messages be delivered by smtp_forward?
+; see #1472 and #2795
+; enable_outbound=false
+
+; Options here override the same option in tls.ini [main]
+[tls]
+; rejectUnauthorized=true
+; minVersion=TLSv1.2
+; ciphers=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256
+; key=outbound_tls_key.pem
+; cert=outbound_tls_cert.pem
+; no_tls_hosts[]=10.0.0.5
+; force_tls_hosts[]=mx.example.com

package/config/smtp_proxy.ini

@@ -0,0 +1,27 @@
+; host to connect to
+host=localhost
+;
+; port to connect to
+port=2555
+;
+; uncomment to enable TLS to the backend SMTP server
+; enable_tls=1
+;
+; uncomment to use smtp client authorization
+;auth_type=plain
+;auth_user=
+;auth_pass=
+
+; should outbound messages be delivered by smtp_proxy?
+; see https://github.com/haraka/Haraka/issues/1472
+; enable_outbound=true
+
+; Options here override the same option in tls.ini [main]
+[tls]
+; rejectUnauthorized=true
+; minVersion=TLSv1.2
+; ciphers=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256
+; key=outbound_tls_key.pem
+; cert=outbound_tls_cert.pem
+; no_tls_hosts[]=10.0.0.5
+; force_tls_hosts[]=mx.example.com

package/config/tarpit.timeout

@@ -0,0 +1 @@
+0

package/config/tls.ini

@@ -0,0 +1,83 @@
+; See 'haraka -h tls'
+
+; key=tls_key.pem
+; cert=tls_cert.pem
+; dhparam=dhparams.pem
+
+; ciphers: a list of permitted ciphers
+; The default cipher list is provided by node.js and is considered secure at
+; the time of that versions release. If you have problems with the default cipher
+; list, try enabling this "kinda high but more compatible" setting.
+; ciphers=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
+
+; minimum TLS version (node.js 11.4+ required)
+; Allowed values are 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'
+; The default value is node.js's tls.DEFAULT_MIN_VERSION
+; minVersion=TLSv1
+
+; honorCipherOrder=true
+; rejectUnauthorized=false
+; requestCert=true
+; requestOCSP=false
+
+; rejectUnauthorized above requires verified TLS certs on EVERY TLS connection. When
+; rejectUnauthorized=false (default), you can require verified TLS certs on only the
+; ports you specify.
+; requireAuthorized[]=465
+; requireAuthorized[]=587
+
+; send client certificate(s). If you use this setting and value it, report
+; your use case at https://github.com/haraka/Haraka/issues/2693
+; mutual_tls=false
+
+; haraka will not advertise STARTTLS on these ports it is listening on
+; no_starttls_ports[]=2525
+
+[redis]
+; options in this block require redis to be enabled in config/plugins.
+
+; Remember when a remote fails STARTTLS, the next time they/we connect,
+;     don't offer/use STARTTLS option (so message gets delivered).
+;     pro: increases mail reliability
+;     con: reduces security
+; outbound only warning: **you must restart haraka** after changing this option
+; default: false
+; disable_for_failed_hosts=true
+
+; The following section applies to outbound only:
+; host = 127.0.0.1
+; "TLS NO-GO" db
+; db = 3
+; TLS NO-GO Expiry time in seconds
+; disable_expiry = 604800
+
+; TLS NO-GO Inbound expiry time in seconds
+; disable_inbound_expiry = 3600
+
+
+; no_tls_hosts - disable TLS for servers with broken TLS. (applies to inbound only)
+[no_tls_hosts]
+; 127.0.0.1
+; 192.168.1.1
+; 172.16.0.0/16
+
+
+; hosts that require us to present a cert signed by a CA we both trust
+[mutual_auth_hosts]
+;travel.state.gov                     ; use default TLS cert
+;xo.huggable.gov=special.my-tld.com   ; specify cert by CN
+
+
+; these hosts request mutual TLS and reject our TLS certificate
+[mutual_auth_hosts_exclude]
+;bofh.no-such-agency.gov
+
+
+[outbound]
+; key=tls_key.pem
+; cert=tls_cert.pem
+; dhparam=dhparams.pem
+; no_tls_hosts[]=127.0.0.1
+; no_tls_hosts[]=192.168.1.1
+
+; and other options from [main] section above

package/config/watch.ini

@@ -0,0 +1,12 @@
+; watch - a web interface for viewing Haraka activity
+
+; Sampling:Limit display to 1 connection per second (Default: false)
+; sampling=false
+
+[wss]
+; url (Default: same URL as HTTP client used)
+; The WebSocket client will attempt to connect via the same URI (changing only
+; the scheme) as the initial HTTP connection. WSS is stricter than typical
+; HTTP so the scheme and hostname *must* match else it silently fails.
+;
+; url=wss://mail.example.com/

package/config/xclient.hosts

@@ -0,0 +1,2 @@
+# List of IP addresses that are allowed to use XCLIENT
+127.0.0.1