initial commit from appmail

config/application.rb

@@ -0,0 +1,32 @@
+require_relative 'boot'
+
+require "rails"
+require "active_model/railtie"
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "action_view/railtie"
+require "sprockets/railtie"
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups)
+
+module Postal
+  class Application < Rails::Application
+    # Disable most generators
+    config.generators do |g|
+      g.orm             :active_record
+      g.test_framework  false
+      g.stylesheets     false
+      g.javascripts     false
+      g.helper          false
+    end
+
+    # Include from lib
+    config.eager_load_paths += %W(#{config.root}/lib #{config.root}/app/jobs)
+
+    # Disable field_with_errors
+    config.action_view.field_error_proc = Proc.new { |t, i| t }
+  end
+end

config/boot.rb

@@ -0,0 +1,16 @@
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+
+$stdout.sync = true
+$stderr.sync = true
+
+require 'bundler/setup' # Set up gems listed in the Gemfile.
+
+require_relative '../lib/postal/config'
+Postal.check_config!
+
+ENV['DATABASE_URL'] = Postal.database_url
+ENV['RAILS_ENV'] = Postal.config.rails&.environment || 'development'
+if ENV['PROC_NAME']
+  $0="[postal] #{ENV['PROC_NAME']}"
+end
+

config/cron.rb

@@ -0,0 +1,28 @@
+module Clockwork
+
+  configure do |config|
+    config[:tz] = 'UTC'
+    config[:logger] = Postal.logger_for(:cron)
+  end
+
+  every 1.minute, 'every-1-minutes' do
+    RequeueWebhooksJob.queue(:main)
+    SendNotificationsJob.queue(:main)
+  end
+
+  every 1.hour, 'every-hour', :at => ['**:15'] do
+    CheckAllDNSJob.queue(:main)
+    ExpireHeldMessagesJob.queue(:main)
+    CleanupAuthieSessionsJob.queue(:main)
+  end
+
+  every 1.hour, 'every-hour', :at => ['**:45'] do
+    PruneWebhookRequestsJob.queue(:main)
+    RenewTrackCertificatesJob.queue(:main)
+  end
+
+  every 1.day, 'every-day', :at => ['03:00'] do
+    ProcessMessageRetentionJob.queue(:main)
+  end
+
+end

config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require_relative 'application'
+
+# Initialize the Rails application.
+Rails.application.initialize!

config/environments/development.rb

@@ -0,0 +1,54 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  if Rails.root.join('tmp/caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => 'public, max-age=172800'
+    }
+  else
+    config.action_controller.perform_caching = false
+
+    config.cache_store = :null_store
+  end
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  config.action_mailer.perform_caching = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Suppress logger output for asset requests.
+  config.assets.quiet = false
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem.
+  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+end

config/environments/production.rb

@@ -0,0 +1,82 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
+
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :info
+
+  # Prepend all log lines with the following tags.
+  config.log_tags = [ :request_id ]
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Use a real queuing backend for Active Job (and separate queues per environment)
+  # config.active_job.queue_adapter     = :resque
+  # config.active_job.queue_name_prefix = "deliver_#{Rails.env}"
+  config.action_mailer.perform_caching = false
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Use a different logger for distributed setups.
+  # require 'syslog/logger'
+  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
+
+  if ENV["RAILS_LOG_TO_STDOUT"].present?
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger = ActiveSupport::TaggedLogging.new(logger)
+  end
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
+end

config/environments/test.rb

@@ -0,0 +1,42 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
+  # Configure public file server for tests with Cache-Control for performance.
+  config.public_file_server.enabled = true
+  config.public_file_server.headers = {
+    'Cache-Control' => 'public, max-age=3600'
+  }
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
+  config.action_controller.allow_forgery_protection = false
+  config.action_mailer.perform_caching = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Print deprecation notices to the stderr.
+  config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end

config/initializers/application_controller_renderer.rb

@@ -0,0 +1,6 @@
+# Be sure to restart your server when you modify this file.
+
+# ApplicationController.renderer.defaults.merge!(
+#   http_host: 'example.org',
+#   https: false
+# )

config/initializers/assets.rb

@@ -0,0 +1,11 @@
+# Be sure to restart your server when you modify this file.
+
+# Version of your assets, change this if you want to expire all your assets.
+Rails.application.config.assets.version = '1.0'
+
+# Add additional assets to the asset load path
+# Rails.application.config.assets.paths << Emoji.images_path
+
+# Precompile additional assets.
+# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+# Rails.application.config.assets.precompile += %w( search.js )

config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

config/initializers/cookies_serializer.rb

@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Specify a serializer for the signed and encrypted cookie jars.
+# Valid options are :json, :marshal, and :hybrid.
+Rails.application.config.action_dispatch.cookies_serializer = :json

config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += [:password]

config/initializers/inflections.rb

@@ -0,0 +1,23 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format. Inflections
+# are locale specific, and you may define rules for as many different
+# locales as you wish. All of these examples are active by default:
+# ActiveSupport::Inflector.inflections(:en) do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
+
+# These inflection rules are supported but not enabled by default:
+ActiveSupport::Inflector.inflections(:en) do |inflect|
+  inflect.acronym 'API'
+  inflect.acronym 'SMTP'
+  inflect.acronym 'IP'
+  inflect.acronym 'DNS'
+  inflect.acronym 'UUID'
+  inflect.acronym 'HTTP'
+  inflect.acronym 'DB'
+  inflect.acronym 'DKIM'
+end

config/initializers/mail_extensions.rb

@@ -0,0 +1,111 @@
+require 'mail'
+module Mail
+  module Encodings
+    # Handle windows-1258 as windows-1252 when decoding
+    def Encodings.q_value_decode(str)
+      str = str.sub(/\=\?windows-?1258\?/i, '\=?windows-1252?')
+      RubyVer.q_value_decode(str)
+    end
+    def Encodings.b_value_decode(str)
+      str = str.sub(/\=\?windows-?1258\?/i, '\=?windows-1252?')
+      RubyVer.b_value_decode(str)
+    end
+  end
+
+  class Message
+    ## Extract plain text body of message
+    def plain_body
+      if self.multipart? and self.text_part
+        self.text_part.decoded
+      elsif self.mime_type == 'text/plain' || self.mime_type.nil?
+        self.decoded
+      else
+        nil
+      end
+    end
+
+    ## Extract HTML text body of message
+    def html_body
+      if self.multipart? and self.html_part
+        self.html_part.decoded
+      elsif self.mime_type == 'text/html'
+        self.decoded
+      else
+        nil
+      end
+    end
+
+    private
+
+    ## Fix bug in basic parsing
+    def parse_message
+      self.header, self.body = raw_source.split(/\r?\n\r?\n/m, 2)
+    end
+
+    # Handle attached emails as attachments
+    # Returns the filename of the attachment (if it exists) or returns nil
+    # Make up a filename for rfc822 attachments if it isn't specified
+    def find_attachment
+      content_type_name = header[:content_type].filename rescue nil
+      content_disp_name = header[:content_disposition].filename rescue nil
+      content_loc_name = header[:content_location].location rescue nil
+
+      if content_type && content_type_name
+        filename = content_type_name
+      elsif content_disposition && content_disp_name
+        filename = content_disp_name
+      elsif content_location && content_loc_name
+        filename = content_loc_name
+      elsif self.mime_type == "message/rfc822"
+        filename = "#{rand(100000000)}.eml"
+      else
+        filename = nil
+      end
+
+      if filename
+        # Normal decode
+        filename = Mail::Encodings.decode_encode(filename, :decode) rescue filename
+      end
+      filename
+    end
+
+    def decode_body_as_text
+      body_text = decode_body
+      charset_tmp = Encoding.find(Ruby19.pick_encoding(charset)) rescue 'ASCII'
+      charset_tmp = 'Windows-1252' if charset_tmp.to_s =~ /windows-?1258/i
+      if charset_tmp == Encoding.find('UTF-7')
+        body_text.force_encoding('UTF-8')
+        decoded = body_text.gsub(/\+.*?\-/m) {|n|Base64.decode64(n[1..-2]+'===').force_encoding('UTF-16BE').encode('UTF-8')}
+      else
+        body_text.force_encoding(charset_tmp)
+        decoded = body_text.encode("utf-8", :invalid => :replace, :undef => :replace)
+      end
+      decoded.valid_encoding? ? decoded : decoded.encode("utf-16le", :invalid => :replace, :undef => :replace).encode("utf-8")
+    end
+  end
+
+  # Handle attached emails as attachments
+  class AttachmentsList < Array
+    def initialize(parts_list)
+      @parts_list = parts_list
+      @content_disposition_type = 'attachment'
+      parts_list.map { |p|
+        (p.parts.empty? and p.attachment?) ? p : p.attachments
+      }.flatten.compact.each { |a| self << a }
+      self
+    end
+  end
+end
+
+class Array
+  def decoded
+    return nil if self.empty?
+    return self.first.decoded
+  end
+end
+
+class NilClass
+  def decoded
+    nil
+  end
+end

config/initializers/mime_types.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf

config/initializers/new_framework_defaults.rb

@@ -0,0 +1,24 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains migration options to ease your Rails 5.0 upgrade.
+#
+# Read the Rails 5.0 release notes for more info on each option.
+
+# Enable per-form CSRF tokens. Previous versions had false.
+Rails.application.config.action_controller.per_form_csrf_tokens = true
+
+# Enable origin-checking CSRF mitigation. Previous versions had false.
+Rails.application.config.action_controller.forgery_protection_origin_check = true
+
+# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
+# Previous versions had false.
+ActiveSupport.to_time_preserves_timezone = true
+
+# Require `belongs_to` associations by default. Previous versions had false.
+Rails.application.config.active_record.belongs_to_required_by_default = true
+
+# Do not halt callback chains when a callback returns false. Previous versions had true.
+ActiveSupport.halt_callback_chains_on_return_false = false
+
+# Configure SSL options to enable HSTS with subdomains. Previous versions had false.
+Rails.application.config.ssl_options = false

config/initializers/postal.rb

@@ -0,0 +1,2 @@
+require 'postal/error'
+require 'postal/message_db/mysql'

config/initializers/record_key_for_dom.rb

@@ -0,0 +1,12 @@
+module ActionView
+  module RecordIdentifier
+    def dom_id(record, prefix = nil)
+      if record.new_record?
+        dom_class(record, prefix || NEW)
+      else
+        id = record.respond_to?(:uuid) ? record.uuid : record.id
+        "#{dom_class(record, prefix)}#{JOIN}#{id}"
+      end
+    end
+  end
+end

config/initializers/secret_key.rb

@@ -0,0 +1,6 @@
+if Postal.config.rails&.secret_key
+  Rails.application.secrets.secret_key_base = Postal.config.rails.secret_key
+else
+  $stderr.puts "No secret key was specified in the Postal config file. Using one for just this session"
+  Rails.application.secrets.secret_key_base = SecureRandom.hex(128)
+end

config/initializers/secure_headers.rb

@@ -0,0 +1,10 @@
+SecureHeaders::Configuration.default do |config|
+
+  config.hsts = SecureHeaders::OPT_OUT
+
+  config.csp[:default_src] = []
+  config.csp[:script_src] = ["'self'"]
+  config.csp[:child_src] = ["'self'"]
+  config.csp[:connect_src] = ["'self'"]
+
+end

config/initializers/sentry.rb

@@ -0,0 +1,14 @@
+require 'postal/config'
+
+if Postal.config.general&.exception_url
+  require 'raven'
+  Raven.configure do |config|
+    config.dsn = Postal.config.general.exception_url
+    config.environments = ['production']
+    if ENV['DEV_EXCEPTIONS']
+      config.environments << 'development'
+    end
+    config.silence_ready = true
+    config.tags = {:process => ENV['PROC_NAME']}
+  end
+end

config/initializers/session_store.rb

@@ -0,0 +1,3 @@
+# Be sure to restart your server when you modify this file.
+
+Rails.application.config.session_store :cookie_store, key: '_deliver_session'

config/initializers/smtp.rb

@@ -0,0 +1,5 @@
+require 'postal/config'
+if Postal.config&.smtp
+  ActionMailer::Base.delivery_method = :smtp
+  ActionMailer::Base.smtp_settings = {:address => Postal.config.smtp.host, :user_name => Postal.config.smtp.username, :password => Postal.config.smtp.password}
+end

config/initializers/smtp_extensions.rb

@@ -0,0 +1,34 @@
+class Net::SMTP::Response
+  def message
+    @string
+  end
+end
+
+class Net::SMTP
+  attr_accessor :source_address
+
+  def secure_socket?
+    @socket.is_a?(OpenSSL::SSL::SSLSocket)
+  end
+
+  #
+  # We had an issue where a message was sent to a server and was greylisted. It returned
+  # a Net::SMTPUnknownError error. We then tried to send another message on the same
+  # connection after running `rset` the next message didn't raise any exceptions because
+  # net/smtp returns a '200 dummy reply code' and doesn't raise any exceptions.
+  #
+  def rset
+    @error_occurred = false
+    getok('RSET')
+  end
+
+  def rset_errors
+    @error_occurred = false
+  end
+
+  private
+
+  def tcp_socket(address, port)
+    TCPSocket.open(address, port, self.source_address)
+  end
+end

config/initializers/trusted_proxies.rb

@@ -0,0 +1,9 @@
+module Rack
+  class Request
+    module Helpers
+      def trusted_proxy?(ip)
+        ip =~ /^127\.0\.0\.1$|^localhost$|^unix$$/i
+      end
+    end
+  end
+end

config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters format: [:json]
+end
+
+# To enable root element in JSON for ActiveRecord objects.
+# ActiveSupport.on_load(:active_record) do
+#   self.include_root_in_json = true
+# end

config/locales/en.yml

@@ -0,0 +1,80 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+#     I18n.t 'hello'
+#
+# In views, this is aliased to just `t`:
+#
+#     <%= t('hello') %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+#     I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# To learn more, please read the Rails Internationalization guide
+# available at http://guides.rubyonrails.org/i18n.html.
+
+en:
+  hello: "Hello world"
+  activerecord:
+    attributes:
+      organization:
+        permalink: Short name
+      server:
+        permalink: Short name
+      domain:
+        verification_method: Verify Method
+      http_endpoint:
+        url: URL
+      user:
+        email_address: E-Mail address
+      webhook:
+        url: URL
+        sign: Sign requests
+
+  server_statuses:
+    live: Live
+    development: Dev
+    suspended: Suspended
+  route_spam_modes:
+    quarantine: Spam will be quarantined
+    mark: Spam will be marked
+
+  http_endpoint_formats:
+    hash: Delivered as a hash
+    raw_message: Delivered as the raw message
+  http_endpoint_encodings:
+    body_as_json: Sent in the body as JSON
+    form_data: Sent as form data
+
+  webhook_events:
+    message_sent: An e-mail has been successfully delivered to its endpoint (either SMTP or HTTP).
+    message_delayed: An e-mail has been delayed due to an issue with the receiving endpoint. It will be retried automatically.
+    message_delivery_failed: An e-mail cannot be delivered to its endpoint. This is a permanent failure so it will no be retried.
+    message_held: An e-mail has been held in Postal. This will be because a limit has been reached or your server is in development mode.
+    message_bounced: We received a bounce message in response to an email which had previously been successfully sent.
+    message_link_clicked: A link in one of your outbound messages has been clicked.
+    message_loaded: A message you have sent has been loaded.
+    domain_dns_error: This will be triggered when we detect an issue with the DNS configuration for any domain for this server.
+    send_limit_approaching: This will be triggered when your mail server is approaching its send limit. It will only be sent once per hour.
+    send_limit_exceeded: This will be triggered when your mail server exceeded its send limit.
+
+  currencies:
+    gbp: GBP - Great British Pound (£)
+    usd: USD - United States Dollar ($)
+    eur: EUR - Euro (€)
+
+  route_modes:
+    accept: Accept message with no endpoint
+    hold: Accept message and put message in hold queue
+    bounce: Accept message and immediately send bounce to sender
+    reject: Do not accept any incoming messages
+
+  renewal_issues:
+    no_payment_card: You don't have a payment card on file
+    payment_declined: The payment for this service was declined

config/postal.development.yml

@@ -0,0 +1,77 @@
+web:
+  host: localhost:5000
+  protocol: http
+  fast_server_host: localhost:5010
+  fast_server_protocol: http
+
+web_server:
+  bind_address: 0.0.0.0
+  port: 5000
+  max_threads: 5
+
+fast_server:
+  bind_address: 0.0.0.0
+  port: 5010
+  ssl_port: 5011
+  proxy_protocol: false
+
+general:
+  use_ip_pools: false
+  exception_url: xxx
+
+logging:
+  stdout: false
+  max_log_file_size: 20
+  max_log_files: 10
+
+main_db:
+  host: localhost
+  port: 3306
+  username: root
+  password:
+  database: postal
+
+message_db:
+  host: localhost
+  port: 3306
+  username: root
+  password:
+  prefix: postal
+
+rabbitmq:
+  host: localhost
+  port: 5672
+  username: guest
+  password: guest
+  vhost: null
+
+smtp_server:
+  proxy_protocol: false
+  log_connect: true
+  evented: false
+  ports:
+    - 2525
+
+dns:
+  spf_include: spf.example.com
+  dkim_identifier: postal
+  domain_verify_prefix: postal-verification
+  custom_return_path_prefix: psrp
+  return_path: amrp.example.com
+  smtp_server_hostname: smtp.example.com
+  route_domain: routes.example.com
+  track_domain: track.example.com
+  mx_records:
+    - mx1.example.com
+    - mx2.example.com
+
+smtp:
+  host: smtp.atech.io
+
+espect:
+  hosts:
+    - http://espect01.infra.atech.io
+
+rails:
+  environment: development
+  secret_key: 1bd1a4fe0cb3fb166be9b0e388beb36557b49ae5bed97ab3e300353de06d1fe55522b21596db8ed5d83c031ca58696340fb3d70f59eb0c096bbe4034fc12e4cd

config/postal.example.yml

@@ -0,0 +1,79 @@
+web:
+  host: postal.example.com
+  protocol: https
+  fast_server_host: postal-click.example.com
+  fast_server_protocol: https
+
+web_server:
+  bind_address: 0.0.0.0
+  port: 5000
+  max_threads: 5
+
+fast_server:
+  bind_address: 0.0.0.0
+  port: 5010
+  ssl_port: 5011
+  proxy_protocol: true
+
+general:
+  use_ip_pools: true
+  exception_url: xxx
+
+logging:
+  stdout: false
+  max_log_file_size: 20
+  max_log_files: 10
+
+main_db:
+  host: localhost
+  port: 3306
+  username: root
+  password:
+  database: postal
+
+message_db:
+  host: localhost
+  port: 3306
+  username: root
+  password:
+  prefix: postal
+
+rabbitmq:
+  host: localhost
+  port: 5672
+  username: postal
+  password: xxx
+  vhost: postal
+
+smtp_server:
+  proxy_protocol: false
+  log_connect: true
+  log_exclude_ips: null
+  evented: true
+  ports:
+    - 2525
+
+dns:
+  spf_include: spf.example.com
+  dkim_identifier: postal
+  domain_verify_prefix: postal-verification
+  custom_return_path_prefix: psrp
+  return_path: amrp.example.com
+  smtp_server_hostname: smtp.example.com
+  route_domain: routes.example.com
+  track_domain: track.example.com
+  mx_records:
+    - mx1.example.com
+    - mx2.example.com
+
+smtp:
+  host: smtp.blah
+
+espect:
+  hosts:
+    - http://espect01.infra.atech.io
+
+rails:
+  environment: development
+  secret_key: 1bd1a4fe0cb3fb166be9b0e388beb36557b49ae5bed97ab3e300353de06d1fe55522b21596db8ed5d83c031ca58696340fb3d70f59eb0c096bbe4034fc12e4cd
+

config/puma.fast.rb

@@ -0,0 +1,17 @@
+require_relative '../lib/postal/config'
+threads_count = Postal.config.fast_server&.max_threads&.to_i || 5
+threads         threads_count, threads_count
+bind_address  = Postal.config.fast_server&.bind_address || '127.0.0.1'
+bind_port     = Postal.config.fast_server&.port&.to_i || 5010
+bind            "tcp://#{bind_address}:#{bind_port}"
+environment     Postal.config.rails&.environment || 'development'
+prune_bundler
+quiet false
+rackup File.expand_path('../../lib/postal/fast_server/config.ru', __FILE__)
+unless ENV['LOG_TO_STDOUT']
+  stdout_redirect Postal.app_root.join('log', 'puma.fast.log'), Postal.app_root.join('log', 'puma.fast.log'), true
+end
+
+if ENV['APP_ROOT']
+  directory ENV['APP_ROOT']
+end

config/puma.rb

@@ -0,0 +1,16 @@
+require_relative '../lib/postal/config'
+threads_count = Postal.config.web_server&.max_threads&.to_i || 5
+threads         threads_count, threads_count
+bind_address  = Postal.config.web_server&.bind_address || '127.0.0.1'
+bind_port     = Postal.config.web_server&.port&.to_i || 5000
+bind            "tcp://#{bind_address}:#{bind_port}"
+environment     Postal.config.rails&.environment || 'development'
+prune_bundler
+quiet false
+unless ENV['LOG_TO_STDOUT']
+  stdout_redirect Postal.app_root.join('log', 'puma.log'), Postal.app_root.join('log', 'puma.log'), true
+end
+
+if ENV['APP_ROOT']
+  directory ENV['APP_ROOT']
+end

config/routes.rb

@@ -0,0 +1,95 @@
+Rails.application.routes.draw do
+
+  scope "org/:org_permalink", :as => 'organization' do
+    resources :domains, :only => [:index, :new, :create, :destroy] do
+      match :verify, :on => :member, :via => [:get, :post]
+      get :setup, :on => :member
+      post :check, :on => :member
+    end
+    resources :servers, :except => [:index] do
+      resources :domains, :only => [:index, :new, :create, :destroy] do
+        match :verify, :on => :member, :via => [:get, :post]
+        get :setup, :on => :member
+        post :check, :on => :member
+      end
+      resources :track_domains do
+        post :toggle_ssl, :on => :member
+        post :check, :on => :member
+      end
+      resources :credentials
+      resources :routes
+      resources :http_endpoints
+      resources :smtp_endpoints
+      resources :address_endpoints
+      resources :ip_pool_rules
+      resources :messages do
+        get :incoming, :on => :collection
+        get :outgoing, :on => :collection
+        get :held, :on => :collection
+        get :activity, :on => :member
+        get :plain, :on => :member
+        get :html, :on => :member
+        get :html_raw, :on => :member
+        get :attachments, :on => :member
+        get :headers, :on => :member
+        get :attachment, :on => :member
+        get :download, :on => :member
+        get :spam_checks, :on => :member
+        post :retry, :on => :member
+        post :cancel_hold, :on => :member
+        get :suppressions, :on => :collection
+        delete :remove_from_queue, :on => :member
+        get :deliveries, :on => :member
+      end
+      resources :webhooks do
+        get :history, :on => :collection
+        get 'history/:uuid', :on => :collection, :action => 'history_request', :as => 'history_request'
+      end
+      get :limits, :on => :member
+      get :retention, :on => :member
+      get :queue, :on => :member
+      get :spam, :on => :member
+      get :delete, :on => :member
+      get 'help/outgoing' => 'help#outgoing'
+      get 'help/incoming' => 'help#incoming'
+      get :admin, :on => :member
+      post :suspend, :on => :member
+      post :unsuspend, :on => :member
+    end
+    resources :users do
+      post :make_owner, :on => :member
+    end
+    resources :ip_pool_rules
+    resources :ip_pools
+    root 'servers#index'
+    get 'settings' => 'organizations#edit'
+    patch 'settings' => 'organizations#update'
+    get 'delete' => 'organizations#delete'
+    delete 'delete' => 'organizations#destroy'
+  end
+
+  resources :organizations, :except => [:index]
+
+  namespace :admin do
+    resources :organizations
+    get 'stats' => 'stats#stats'
+    root :to => redirect("/admin/organizations")
+  end
+
+  get 'settings' => 'user#edit'
+  patch 'settings' => 'user#update'
+  post 'persist' => 'sessions#persist'
+
+  match 'verify' => 'user#verify', :via => [:get, :post]
+  get 'signup' => 'user#new'
+  post 'signup' => 'user#create'
+  match 'join/:token' => 'user#join', :via => [:get, :post, :delete]
+  get 'login' => 'sessions#new'
+  post 'login' => 'sessions#create'
+  get 'login/token' => 'sessions#create_with_token'
+  delete 'logout' => 'sessions#destroy'
+  match 'login/reset' => 'sessions#begin_password_reset', :via => [:get, :post]
+  match 'login/reset/:token' => 'sessions#finish_password_reset', :via => [:get, :post]
+  root 'organizations#index'
+  get 'ip' => 'sessions#ip'
+end