Restrict usage of /incoming API to Leap MX only

Closed Issue created 8 years ago by drebs

This is a followup to #8828 (closed). Part of the work related to this issue is to be done on platform and mx side.

On Soledad Server side, we need to:

Add a new port listening on localhost with the delivery part of /incoming:
- listen on a new port on localhost only (no TLS needed).
- serve the write-only part of /incoming in the new port.
- restrict the access to the mx user.
Adapt the current resource open to the outside world:
- modify the IncomingResource to only serve the users' part of the API.
- prevent access of the mx user.

0 of 5 checklist items completed · Edited 7 years ago by drebs

Linked items 0

Link items together to show that they're related.