search

Snawoot / postfix-mta-sts-resolver

Daemon which provides TLS client policy for Postfix via socketmap, according to domain MTA-STS policy
MIT License
117 stars 23 forks source link

Proactive policy fetching #59

Closed galme closed 4 years ago

galme commented 4 years ago

Purpose of proposed changes

Proactive policy fetching implementation, recommended by RFC 8461.

Essential steps taken

A full cache update of policies is done at a specified schedule (default 1 day) in the background.

Policies are read async&batched (producer) and the update itself via network is async&throttled (consumer).

The base_cache interface is extended to account for the new feature.

A warning in logs is emitted when an update fails for a domain.

Added tests for the new feature and manual testing on my own server.

Snawoot commented 4 years ago

Thank you! Everything seems fine. I've posted comment with question if we can define grace_ratio as a float value.

Snawoot commented 4 years ago

Released as version 0.8.0