Skip to content

Sending administration mails from the mailserver

Jump to bottom
Antonio Calatrava edited this page Dec 10, 2020 · 5 revisions

Sometimes we need to send messages to others when things go wrong. For instance, a mail has bounced / could not be delivered.

We don't know the actual user who has sent the message, and even if we did, we could not use it since we don't have the private key, so we must send it through somebody else's account.

We already have something like this in place with the on-behalf keys.

  • A mail cannot be delivered, or something happened that we must send a message back to the sender.

  • The mail server creates a message:

    to: <recipient hash>
type: "server-message"
client_signature: "server priv key signed"```

On the client side, we could simply check if it's a regular message, a on-behalf message, or a server-message (maybe even other types could be added later).

Proposal:

  • add a "origin" to the header.From so we can better differentiate between the different origin types: "account", "onbehalf", "server". There is already a header.From.SignedBy header

  • rename header.signature.clientSignature to header.signature.senderSignature, since client is ambiguous

  • rename header.signature.ServerSignature to something else (TODO: not sure what yet: originSignature or something)

  • move header.authorizedBy.Signature to header.signature.senderSignature

  • remove header.authorizedBy.PublicKey, as this data should be received out-of-band

  • remove header.authorizedBy section from the header.

When origin == "account",

  • header.from.addr is the sending account
  • header.from.signedBy is SignedByTypeOrigin
  • header.signatures.sender is the actual signature created by the sending account
  • header.signatures.server is the signature created by the sending server

When origin == "onbehalf",

  • header.from.addr is the account we are sending onbehalf of
  • header.from.signedBy is SignedByTypeAuthorized
  • header.authorizedBy.Signature is the signature of the authorizedBy PublicKey signed by the account holder
  • header.authorizedBy.PublicKey is the public key of the authorized to send mails
  • header.signatures.sender is the actual signature created by the authorizedBy key
  • header.signatures.server is the signature created by the sending server

When origin == "server",

  • header.from.addr is the routing ID of the server we are sending from
  • header.from.signedBy is SignedByTypeServer
  • header.signatures.sender is the signature created by the sending server
  • header.signatures.server is the signature created by the sending server
  • (in case of server origin, both the sender and server signatures are the same, so we will only use the server one)

BitMaelum Logo

Clone this wiki locally