layout: true name: titleslide class: center, middle
.footnote[ ###
@schmonz
####
#pkgsrcCon
[schmonz.com/talk
/2018-pkgsrccon](https://schmonz.com/talk/2018-pkgsrccon/) ] --- layout: true name: footnotelinks .left-column[
] .footnote[ ###
@schmonz
####
#pkgsrcCon
[schmonz.com/talk
/2018-pkgsrccon](https://schmonz.com/talk/2018-pkgsrccon/) ] --- template: titleslide # Maintaining qmail in 2018
## Amitai Schleier ### 2018/07/07 ??? 1. Press 'C' to clone and move it to projector 2. Press 'P' to show these here presenter notes ### 60 minutes If I had an abstract, it could go here. --- layout: false template: footnotelinks .right-column[ # Goals for this talk ## Why do I do this? ## What's new since 2007? ##
But seriously
What's next? ] --- .right-column[ # Code of Conduct - For this conference? - For pkgsrc and NetBSD community? Worth discussing, please ] --- .right-column[ # Why do I do this? - 19 years old, my first real job, the most Unixy thing I learned - Tension: ease and elegance vs. annoying sharp edges - Tension: No upstream vs. evolving needs vs. laziness - [Postfix](http://www.postfix.org) exists, but I'm not ready to switch - These tensions are a source of continued learning - Working with [legacy code](https://www.legacycode.rocks) has become one of my [professional specialties](https://latentagility.com) ] --- .right-column[ # Previously: ca. pkgsrcCon2007 - Popular AUTH and [TLS](http://inoa.net/qmail-tls/) patches recently updated - Several SMTP recipient-checking patches, unfortunately conflicting ([badrcptto](http://patch.be/qmail/), [realrcptto](http://code.dogmap.org/qmail/#realrcptto), [qregex](http://www.arda.homeunix.net/downloads-qmail/)) - Binary package not useful (except perhaps on the system where it built) - Creativity constrained by `djb-nonlicense` and [DJB's rules for distributors](http://cr.yp.to/qmail/dist.html) - 1.03nb13 ] --- .right-column[ # Bombshell: December 2007 - `public-domain`!!!1 - Included: [daemontools](https://cr.yp.to/daemontools.html), [ucspi-tcp](https://cr.yp.to/ucspi-tcp.html), [qmail](http://cr.yp.to/qmail.html) - Not included: [checkpassword](http://cr.yp.to/checkpwd.html) - Creativity constrained by my academic courseload (and then job) ] --- .right-column[ # Interregnum: 2008-2014 - December 2008: Mac mini's drive crashed during final exams, no money or attention to spare - `@schmonz.com` forwarding to Gmail - October 2014: running `mail/qmail` again (this time on a VPS)! ] --- .right-column[ # Oops: June 2011 - Added what my commit message claimed to be "DESTDIR support" ] --- .right-column[ # Oops: April 2016 - `USE_DESTDIR` rapture: now all packages are binary packages - Cool, no problem, I totally already took care of that ] --- .right-column[ # Cool: March 2017 - Ported forward an old patch for qmail 0.96 to use `getpwnam()` - Added it under `mail/qmail/patches/` (not trying to be a patch publisher) ] --- .right-column[ # Not Cool: also March 2017 - DESTDIR support never worked: binary package never initialized the queue - I never noticed: VPS already had a queue, because I used to build packages on it - Quick fix: `mail/queue-fix` ] --- .right-column[ # Better: also also March 2017 - Full `user-destdir` support: defer creating users and groups till `pkg_add` - Working binary packages: no hardcoded or pre-allocated numeric IDs, yes everything else needed - (Enable more options by default) - (Add option for [Sender Rewriting Scheme](http://www.mco2.com.br/opensource/qmail/srs/)) ] --- .right-column[ # Pretty Sweet: April 2017 - Configurable user and group _names_ in `mk.conf` - Binary packages provided in 2017Q1! - (Had to remove dependency on checkpassword, still `djb-nonlicense`) - 1.03nb24 ] --- .right-column[ # Inevitable: May 2017 - Published my first patch:
QMAILREMOTE
- (And a package option for it) ] --- .right-column[ # Slippery Slope: July 2017 - Published my second patch:
destdir
(removing lots of cruft from pkgsrc) - Published my third patch:
rejectutils
(enabling common recipient-checkers to be used together) - (Made a bunch of options non-optional, enabled new ones including `SMTPUTF8`) - (Recorded list of patches applied to these binaries as `QMAILPATCHES`) - (Removed `mail/queue-fix` workaround) ] --- .right-column[ # Futile Attempt: August 2017 - Found a serious bug in the `SMTPUTF8` patch (some remotes wouldn't accept its mail) - Found a fix, added it to pkgsrc with `sed` at patch time (?!?!) - Published my fourth patch anyway:
qbiff-utmpx
(build on systems with `utmpx` and no `utmp`) - (Enabled some new options) ] --- .right-column[ # Captain Obvious: May 2018 - Moved rejectutils to `mail/qmail-rejectutils` - 1.03nb33 ] --- .right-column[ # In Progress:
acceptutils
- A redesigned SMTP AUTH implementation - Support AUTH without patching SMTP server - Stop needing `chmod +s checkpassword` - Pleasant side effect: new features in old programs - Arguably better security properties - Enable updating to latest TLS patch without any hand-merging - Enable opportunistic encryption on my mail server in 2018 ] --- .right-column[ # Maybe Later - Add a greylisting program to
rejectutils
- Teach `mail/queue-repair` about `mail/qmail` (follow symlinks) - Invent
qmail-rfilter
for outbound messages - Include tiny rfilters for SRS and [DKIM](http://www.memoryhole.net/qmail/#dkim) - IPv6 - Other ideas from [s/qmail](https://www.fehcom.de/sqmail/), an active fork ] --- .right-column[ # References -
Packaging Complex Software (2005)
(schmonz.com) -
Packaging djbware (2007)
(schmonz.com) - [qmail on NetBSD, using pkgsrc](https://www.youtube.com/watch?v=4FDdKsVAwvk) (youtube.com) -
Automation for mail hosting
(schmonz.com) -
QMAILREMOTE
(schmonz.com) -
destdir
(schmonz.com) -
rejectutils
(schmonz.com) -
qbiff-utmpx
(schmonz.com) -
acceptutils
(schmonz.com) -
qmail-rfilter
(schmonz.com) -
qmail
(schmonz.com) - [s/qmail](https://www.fehcom.de/sqmail/) (fehcom.de) -
Coding Tour Summer 2018
(schmonz.com) ] --- template: titleslide # Maintaining qmail in 2018
## Amitai Schleier ## [latentagility.com](https://latentagility.com)