schleuder issueshttps://0xacab.org/schleuder/schleuder/-/issues2022-09-13T11:03:29Zhttps://0xacab.org/schleuder/schleuder/-/issues/194Deprecate haveged due to recent kernel developments?2022-09-13T11:03:29ZgeorgDeprecate haveged due to recent kernel developments?This needs more research. Just [a pointer](https://lists.cert.at/pipermail/ach/2017-May/002251.html) for now.This needs more research. Just [a pointer](https://lists.cert.at/pipermail/ach/2017-May/002251.html) for now.Next Big Thinghttps://0xacab.org/schleuder/schleuder/-/issues/350Introduce systemd features to improve security2020-02-08T14:03:27ZgeorgIntroduce systemd features to improve securitysystemd supports features like `ReadOnlyDirectories` and dropping capabilities. We should make use of them, to improve the security of the overall system.
One caveat, tough: AFAIK, different versions of systemd support different "dropp...systemd supports features like `ReadOnlyDirectories` and dropping capabilities. We should make use of them, to improve the security of the overall system.
One caveat, tough: AFAIK, different versions of systemd support different "droppable" capabilites. If one is using a list of capabilites and only one of them isn't supported, all of them are ignored.
This needs research and further discussion, for now that's just a starting point to keep track of it (and to counter my bad memory..)Next Big Thinggeorggeorghttps://0xacab.org/schleuder/schleuder/-/issues/366`schleuder` does not make it possible to handle different errors differently2020-01-05T13:18:02ZMichał "rysiek" Woźniak`schleuder` does not make it possible to handle different errors differentlyThe `schleuder` command does not give any machine-readable hints as to the nature of the error encountered when processing e-mail. It always exists with exit code `1`, and human readable error messages are not usable in order to automati...The `schleuder` command does not give any machine-readable hints as to the nature of the error encountered when processing e-mail. It always exists with exit code `1`, and human readable error messages are not usable in order to automatically handle different kinds of errors differently.
Consider the following log. These are three completely different kinds of errors.
## 1. An internal error related to a `-request` message not being properly authenticated (with the error message sent correctly to the list admin):
```
root@30e6caa2a707:/var/schlocker/mail/.tmp/test# cat 1532175290_0.1.0c6aa2ce0ea3\,U\=167\,FMD5\=7e33429f656f1e6e9d79b29c3f82c57e\:2\, | schleuder work 'test-request@occrp.org'
Error: Schleuder::Errors::MessageUnauthenticated
Kind regards,
Your Schleuder system.
root@30e6caa2a707:/var/schlocker/mail/.tmp/test# echo $?
1
```
## 2. An error caused by the SMTP server disappearing:
```
root@30e6caa2a707:/var/schlocker/mail/.tmp/test# cat 1532175290_0.1.0c6aa2ce0ea3\,U\=167\,FMD5\=7e33429f656f1e6e9d79b29c3f82c57e\:2\, | schleuder work 'test@occrp.org'
Error: A serious, unhandleable error happened. Please contact the administrators of this system or service and provide them with the following information:
getaddrinfo: Temporary failure in name resolution
root@30e6caa2a707:/var/schlocker/mail/.tmp/test# echo $?
1
```
## 3. An error caused by a misconfiguration of the SMTP server:
```
root@30e6caa2a707:/var/schlocker/mail/.tmp/test# cat 1532175290_0.1.0c6aa2ce0ea3\,U\=167\,FMD5\=7e33429f656f1e6e9d79b29c3f82c57e\:2\, | schleuder work 'test@occrp.org'
Error: A serious, unhandleable error happened. Please contact the administrators of this system or service and provide them with the following information:
550 Invalid recipient
root@30e6caa2a707:/var/schlocker/mail/.tmp/test# echo $?
1
```
These situations need to be handled differently. It would be okay to kill the message from case `1.`, since the admins have been notified successfully; but it would *not* be okay to delete the messages from `2.` and `3.`, since this might be a temporary failure and we don't want valid e-mail to be lost.
Currently there seems to be no way to differentiate between these cases, which means either e-mail will get deleted (and lost) regardless of the kind of issue encountered, or it will remain in the queue to be handled again and again (with errors about old erroneous messages being sent and resent constantly to admins).
One simple solution would be to have different exit codes for different errors/error classes (with some documentation to boot).https://0xacab.org/schleuder/schleuder/-/issues/7Research snailgun/snailgun-rr2020-01-05T13:17:12ZpazResearch snailgun/snailgun-rrSnailgun is meant to speed up starting heavy ruby-environments by preforking them. That should greatly improve schleuder-"responsiveness", which is slower than before due to the database abstraction layer.
It would be nice to optional...Snailgun is meant to speed up starting heavy ruby-environments by preforking them. That should greatly improve schleuder-"responsiveness", which is slower than before due to the database abstraction layer.
It would be nice to optionally make use of snailgun, if that is possible. Schleuder shouldn't actually depend on it, though.
https://github.com/candlerb/snailgun