Documentation
¶
Index ¶
- Constants
- type APIKey
- type Alias
- type AntivirusConfig
- type AuditLog
- type DANETLSARecord
- type DKIMConfig
- type Domain
- type GreylistTriplet
- type IPBlacklist
- type LoginAttempt
- type MTASTSPolicy
- type Mailbox
- type Message
- type PGPKey
- type QuarantineMessage
- type QueueItem
- type RateLimitEntry
- type TLSReport
- type User
- type Webhook
- type WebhookDelivery
- type WebhookEvent
- type WebhookPayload
Constants ¶
View Source
const ( SeverityInfo = "info" SeverityWarning = "warning" SeverityError = "error" SeverityCritical = "critical" )
Severity levels for audit logs
View Source
const ( ActionUserCreated = "user.created" ActionUserUpdated = "user.updated" ActionUserDeleted = "user.deleted" ActionUserPasswordChange = "user.password_changed" ActionUserLogin = "user.login" ActionUserLoginFailed = "user.login_failed" ActionUserLogout = "user.logout" ActionDomainCreated = "domain.created" ActionDomainUpdated = "domain.updated" ActionDomainDeleted = "domain.deleted" ActionAliasCreated = "alias.created" ActionAliasUpdated = "alias.updated" ActionAliasDeleted = "alias.deleted" ActionConfigUpdated = "config.updated" ActionSecurityDKIMEnabled = "security.dkim_enabled" ActionSecuritySPFEnabled = "security.spf_enabled" ActionSecurityDMARCEnabled = "security.dmarc_enabled" ActionPGPKeyImported = "pgp.key_imported" ActionPGPKeyDeleted = "pgp.key_deleted" ActionMailSent = "mail.sent" ActionMailReceived = "mail.received" ActionMailBlocked = "mail.blocked" ActionSystemStartup = "system.startup" ActionSystemShutdown = "system.shutdown" )
Common action types
View Source
const ( ResourceTypeUser = "user" ResourceTypeDomain = "domain" ResourceTypeAlias = "alias" ResourceTypeMail = "mail" ResourceTypeConfig = "config" ResourceTypePGP = "pgp" ResourceTypeSystem = "system" )
Resource types
View Source
const ( TLSAUsageCAConstraint = 0 // PKIX-TA TLSAUsageServiceConstraint = 1 // PKIX-EE TLSAUsageTrustAnchor = 2 // DANE-TA TLSAUsageDomainIssuedCert = 3 // DANE-EE )
DANE TLSA Usage types (RFC 6698)
View Source
const ( TLSASelectorFullCert = 0 TLSASelectorSubjectPublicKeyInfo = 1 )
DANE TLSA Selector types
View Source
const ( TLSAMatchingFull = 0 TLSAMatchingSHA256 = 1 TLSAMatchingSHA512 = 2 )
DANE TLSA Matching types
View Source
const ( MTASTSModeNone = "none" MTASTSModeTesting = "testing" MTASTSModeEnforce = "enforce" )
MTA-STS Policy modes
View Source
const ( WebhookStatusPending = "pending" WebhookStatusRetrying = "retrying" WebhookStatusSuccess = "success" WebhookStatusFailed = "failed" )
WebhookDeliveryStatus represents the status of a webhook delivery
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIKey ¶
type APIKey struct {
ID int64 `json:"id"`
UserID int64 `json:"user_id"`
DomainID int64 `json:"domain_id"`
Name string `json:"name"`
KeyHash string `json:"-"`
Scopes string `json:"scopes"` // JSON array ["read","write"]
LastUsedAt *time.Time `json:"last_used_at,omitempty"`
LastUsedIP string `json:"last_used_ip,omitempty"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
APIKey represents an API key for programmatic access
type Alias ¶
type Alias struct {
ID int64 `json:"id"`
AliasEmail string `json:"alias_email"`
DomainID int64 `json:"domain_id"`
DestinationEmails string `json:"destination_emails"` // JSON array
Status string `json:"status"`
CreatedAt time.Time `json:"created_at"`
}
Alias represents an email alias
type AntivirusConfig ¶
type AntivirusConfig struct {
VirusAction string `json:"virus_action"` // reject, quarantine, tag
}
AntivirusConfig represents antivirus configuration
type AuditLog ¶
type AuditLog struct {
ID int64 `json:"id"`
Timestamp time.Time `json:"timestamp"`
UserID *int64 `json:"user_id,omitempty"`
Username string `json:"username,omitempty"`
Action string `json:"action"`
ResourceType string `json:"resource_type"`
ResourceID string `json:"resource_id,omitempty"`
Details string `json:"details,omitempty"`
IPAddress string `json:"ip_address,omitempty"`
UserAgent string `json:"user_agent,omitempty"`
Severity string `json:"severity"`
Success bool `json:"success"`
}
AuditLog represents an audit log entry for tracking admin actions and security events
type DANETLSARecord ¶
type DANETLSARecord struct {
ID int64 `json:"id"`
Domain string `json:"domain"`
Port int `json:"port"`
Usage int `json:"usage"`
Selector int `json:"selector"`
MatchingType int `json:"matching_type"`
CertificateData string `json:"certificate_data"`
FetchedAt time.Time `json:"fetched_at"`
TTL int `json:"ttl"`
DNSSECVerified bool `json:"dnssec_verified"`
}
DANETLSARecord represents a cached DANE TLSA DNS record
type DKIMConfig ¶
type DKIMConfig struct {
Domain string `json:"domain"`
Selector string `json:"selector"`
PrivateKey []byte `json:"-"`
PublicKey string `json:"public_key,omitempty"`
}
DKIMConfig represents DKIM signing configuration
type Domain ¶
type Domain struct {
ID int64 `json:"id"`
Name string `json:"name"`
Status string `json:"status"`
MaxUsers int `json:"max_users"`
MaxMailboxSize int64 `json:"max_mailbox_size"`
DefaultQuota int64 `json:"default_quota"`
CatchallEmail *string `json:"catchall_email,omitempty"`
BackupMX bool `json:"backup_mx"`
// DKIM configuration
DKIMSelector string `json:"dkim_selector,omitempty"`
DKIMPrivateKey string `json:"-"`
DKIMPublicKey string `json:"dkim_public_key,omitempty"`
DKIMSigningEnabled bool `json:"dkim_signing_enabled"`
DKIMVerifyEnabled bool `json:"dkim_verify_enabled"`
DKIMKeySize int `json:"dkim_key_size"`
DKIMKeyType string `json:"dkim_key_type"`
DKIMHeadersToSign string `json:"dkim_headers_to_sign"` // JSON array
// SPF configuration
SPFRecord string `json:"spf_record,omitempty"`
SPFEnabled bool `json:"spf_enabled"`
SPFDNSServer string `json:"spf_dns_server"`
SPFDNSTimeout int `json:"spf_dns_timeout"`
SPFMaxLookups int `json:"spf_max_lookups"`
SPFFailAction string `json:"spf_fail_action"`
SPFSoftFailAction string `json:"spf_softfail_action"`
// DMARC configuration
DMARCPolicy string `json:"dmarc_policy,omitempty"`
DMARCEnabled bool `json:"dmarc_enabled"`
DMARCDNSServer string `json:"dmarc_dns_server"`
DMARCDNSTimeout int `json:"dmarc_dns_timeout"`
DMARCReportEnabled bool `json:"dmarc_report_enabled"`
DMARCReportEmail string `json:"dmarc_report_email,omitempty"`
// ClamAV antivirus configuration
ClamAVEnabled bool `json:"clamav_enabled"`
ClamAVMaxScanSize int64 `json:"clamav_max_scan_size"`
ClamAVVirusAction string `json:"clamav_virus_action"`
ClamAVFailAction string `json:"clamav_fail_action"`
// SpamAssassin configuration
SpamEnabled bool `json:"spam_enabled"`
SpamRejectScore float64 `json:"spam_reject_score"`
SpamQuarantineScore float64 `json:"spam_quarantine_score"`
SpamLearningEnabled bool `json:"spam_learning_enabled"`
// Greylisting configuration
GreylistEnabled bool `json:"greylist_enabled"`
GreylistDelayMinutes int `json:"greylist_delay_minutes"`
GreylistExpiryDays int `json:"greylist_expiry_days"`
GreylistCleanupInterval int `json:"greylist_cleanup_interval"`
GreylistWhitelistAfter int `json:"greylist_whitelist_after"`
// Rate limiting configuration (JSON objects)
RateLimitEnabled bool `json:"ratelimit_enabled"`
RateLimitSMTPPerIP string `json:"ratelimit_smtp_per_ip"` // JSON: {"count":100,"window_minutes":60}
RateLimitSMTPPerUser string `json:"ratelimit_smtp_per_user"` // JSON
RateLimitSMTPPerDomain string `json:"ratelimit_smtp_per_domain"` // JSON
RateLimitAuthPerIP string `json:"ratelimit_auth_per_ip"` // JSON
RateLimitIMAPPerUser string `json:"ratelimit_imap_per_user"` // JSON
RateLimitCleanupInterval int `json:"ratelimit_cleanup_interval"`
// Authentication security configuration
AuthTOTPEnforced bool `json:"auth_totp_enforced"`
AuthBruteForceEnabled bool `json:"auth_brute_force_enabled"`
AuthBruteForceThreshold int `json:"auth_brute_force_threshold"`
AuthBruteForceWindowMinutes int `json:"auth_brute_force_window_minutes"`
AuthBruteForceBlockMinutes int `json:"auth_brute_force_block_minutes"`
AuthIPBlacklistEnabled bool `json:"auth_ip_blacklist_enabled"`
AuthCleanupInterval int `json:"auth_cleanup_interval"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
Domain represents an email domain with per-domain security configuration
type GreylistTriplet ¶
type GreylistTriplet struct {
ID int64 `json:"id"`
IP string `json:"ip"`
Sender string `json:"sender"`
Recipient string `json:"recipient"`
FirstSeen time.Time `json:"first_seen"`
PassCount int `json:"pass_count"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
GreylistTriplet represents a greylisting entry
type IPBlacklist ¶
type IPBlacklist struct {
ID int64 `json:"id"`
IP string `json:"ip"`
Reason string `json:"reason"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
CreatedAt time.Time `json:"created_at"`
}
IPBlacklist represents a blacklisted IP address
type LoginAttempt ¶
type LoginAttempt struct {
ID int64 `json:"id"`
IP string `json:"ip"`
Email string `json:"email,omitempty"`
Success bool `json:"success"`
Timestamp time.Time `json:"timestamp"`
}
LoginAttempt represents a login attempt for brute force tracking
type MTASTSPolicy ¶
type MTASTSPolicy struct {
ID int64 `json:"id"`
Domain string `json:"domain"`
Version string `json:"version"`
Mode string `json:"mode"`
MaxAge int `json:"max_age"`
MXPatterns string `json:"mx_patterns"` // JSON array of MX patterns
FetchedAt time.Time `json:"fetched_at"`
ExpiresAt time.Time `json:"expires_at"`
PolicyText string `json:"policy_text"`
}
MTASTSPolicy represents a cached MTA-STS policy
type Mailbox ¶
type Mailbox struct {
ID int64 `json:"id"`
UserID int64 `json:"user_id"`
Name string `json:"name"`
ParentID *int64 `json:"parent_id,omitempty"`
Subscribed bool `json:"subscribed"`
SpecialUse string `json:"special_use,omitempty"`
UIDValidity int64 `json:"uid_validity"`
UIDNext int64 `json:"uid_next"`
CreatedAt time.Time `json:"created_at"`
}
Mailbox represents a mail folder
type Message ¶
type Message struct {
ID int64 `json:"id"`
UserID int64 `json:"user_id"`
MailboxID int64 `json:"mailbox_id"`
UID uint32 `json:"uid"`
Size int64 `json:"size"`
Flags string `json:"flags"`
Categories string `json:"categories"`
ThreadID string `json:"thread_id,omitempty"`
TaskCompleted bool `json:"task_completed,omitempty"`
ReceivedAt time.Time `json:"received_at"`
InternalDate time.Time `json:"internal_date"`
Subject string `json:"subject,omitempty"`
From string `json:"from,omitempty"`
To string `json:"to,omitempty"`
CC string `json:"cc,omitempty"`
BCC string `json:"bcc,omitempty"`
ReplyTo string `json:"reply_to,omitempty"`
MessageID string `json:"message_id,omitempty"`
InReplyTo string `json:"in_reply_to,omitempty"`
Refs string `json:"refs,omitempty"`
Headers string `json:"headers,omitempty"`
BodyStructure string `json:"body_structure,omitempty"`
StorageType string `json:"storage_type"`
Content []byte `json:"-"`
ContentPath string `json:"content_path,omitempty"`
CreatedAt time.Time `json:"created_at"`
}
Message represents an email message
type PGPKey ¶
type PGPKey struct {
ID int64 `json:"id"`
UserID int64 `json:"user_id"`
KeyID string `json:"key_id"`
Fingerprint string `json:"fingerprint"`
PublicKey string `json:"public_key"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
ExpiresAt *time.Time `json:"expires_at,omitempty"`
IsPrimary bool `json:"is_primary"`
}
PGPKey represents a user's PGP/GPG public key for email encryption
type QuarantineMessage ¶
type QuarantineMessage struct {
ID int64 `json:"id"`
MessageID string `json:"message_id"`
Sender string `json:"sender"`
Recipient string `json:"recipient"`
Subject string `json:"subject,omitempty"`
Reason string `json:"reason"` // virus, spam
Score float64 `json:"score,omitempty"`
MessagePath string `json:"message_path"`
Action string `json:"action"` // quarantined, deleted, released
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
QuarantineMessage represents a quarantined message
type QueueItem ¶
type QueueItem struct {
ID int64 `json:"id"`
Sender string `json:"sender"`
Recipients string `json:"recipients"` // JSON array
MessageID string `json:"message_id,omitempty"`
MessagePath string `json:"message_path"`
RetryCount int `json:"retry_count"`
MaxRetries int `json:"max_retries"`
NextRetry *time.Time `json:"next_retry,omitempty"`
Status string `json:"status"`
ErrorMessage string `json:"error_message,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
QueueItem represents a queued message for delivery
type RateLimitEntry ¶
type RateLimitEntry struct {
ID int64 `json:"id"`
Key string `json:"key"` // IP or user identifier
Type string `json:"type"` // "ip" or "user"
Count int `json:"count"`
WindowStart time.Time `json:"window_start"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
RateLimitEntry represents a rate limit tracking entry
type TLSReport ¶
type TLSReport struct {
ID int64 `json:"id"`
ReportID string `json:"report_id"`
Domain string `json:"domain"`
DateRangeStart time.Time `json:"date_range_start"`
DateRangeEnd time.Time `json:"date_range_end"`
ContactInfo string `json:"contact_info,omitempty"`
ReportJSON string `json:"report_json"`
CreatedAt time.Time `json:"created_at"`
SentAt *time.Time `json:"sent_at,omitempty"`
}
TLSReport represents a TLS reporting entry (TLSRPT - RFC 8460)
type User ¶
type User struct {
ID int64 `json:"id"`
Email string `json:"email"`
DomainID int64 `json:"domain_id"`
PasswordHash string `json:"-"`
FullName string `json:"full_name,omitempty"`
DisplayName string `json:"display_name,omitempty"`
Role string `json:"role"` // admin or user
Quota int64 `json:"quota"`
UsedQuota int64 `json:"used_quota"`
Status string `json:"status"`
AuthMethod string `json:"auth_method"`
TOTPSecret string `json:"-"`
TOTPEnabled bool `json:"totp_enabled"`
ForwardTo string `json:"forward_to,omitempty"`
AutoReplyEnabled bool `json:"auto_reply_enabled"`
AutoReplySubject string `json:"auto_reply_subject,omitempty"`
AutoReplyBody string `json:"auto_reply_body,omitempty"`
SpamThreshold float64 `json:"spam_threshold"`
Language string `json:"language"`
LastLogin *time.Time `json:"last_login,omitempty"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
User represents a mail user
type Webhook ¶
type Webhook struct {
ID int64 `json:"id"`
Name string `json:"name"`
URL string `json:"url"`
Secret string `json:"secret"` // HMAC secret for signature validation
EventTypes string `json:"event_types"` // Comma-separated event types
Active bool `json:"active"`
Description string `json:"description"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
Webhook represents a webhook subscription
type WebhookDelivery ¶
type WebhookDelivery struct {
ID int64 `json:"id"`
WebhookID int64 `json:"webhook_id"`
EventType string `json:"event_type"`
Payload string `json:"payload"` // JSON payload
AttemptCount int `json:"attempt_count"`
MaxAttempts int `json:"max_attempts"`
Status string `json:"status"` // pending, success, failed, retrying
StatusCode *int `json:"status_code,omitempty"`
ResponseBody *string `json:"response_body,omitempty"`
ErrorMessage *string `json:"error_message,omitempty"`
NextRetryAt *time.Time `json:"next_retry_at,omitempty"`
FirstAttemptedAt *time.Time `json:"first_attempted_at,omitempty"`
LastAttemptedAt *time.Time `json:"last_attempted_at,omitempty"`
CompletedAt *time.Time `json:"completed_at,omitempty"`
CreatedAt time.Time `json:"created_at"`
}
WebhookDelivery represents a webhook delivery attempt
type WebhookEvent ¶
type WebhookEvent string
WebhookEvent represents the event types that can trigger webhooks
const ( // Email events WebhookEventEmailReceived WebhookEvent = "email.received" WebhookEventEmailSent WebhookEvent = "email.sent" WebhookEventEmailDelivered WebhookEvent = "email.delivered" WebhookEventEmailBounced WebhookEvent = "email.bounced" WebhookEventEmailFailed WebhookEvent = "email.failed" WebhookEventEmailQueued WebhookEvent = "email.queued" // Security events WebhookEventSecurityVirusDetected WebhookEvent = "security.virus_detected" WebhookEventSecuritySpamDetected WebhookEvent = "security.spam_detected" WebhookEventSecurityLoginFailed WebhookEvent = "security.login_failed" WebhookEventSecurityLoginSuccess WebhookEvent = "security.login_success" WebhookEventSecurityBruteForce WebhookEvent = "security.brute_force" WebhookEventSecurityIPBlacklisted WebhookEvent = "security.ip_blacklisted" // DKIM/SPF/DMARC events WebhookEventDKIMFailed WebhookEvent = "dkim.failed" WebhookEventSPFFailed WebhookEvent = "spf.failed" WebhookEventDMARCFailed WebhookEvent = "dmarc.failed" // User events WebhookEventUserCreated WebhookEvent = "user.created" WebhookEventUserDeleted WebhookEvent = "user.deleted" WebhookEventUserQuotaExceeded WebhookEvent = "user.quota_exceeded" )
Source Files
Click to show internal directories.
Click to hide internal directories.