search

deltachat / chatmail

chatmail service deployment scripts and docs
https://delta.chat/en/2023-12-13-chatmail
MIT License
97 stars 5 forks source link

Remove old accounts #295

Open link2xt opened 1 month ago

link2xt commented 1 month ago

At least ci- accounts can be removed. Currently running "Fix file owner in /home/vmail" steps takes a long time because it has to go through a lot of directories.

We also should drop "Fix file owner in /home/vmail" step eventually.

hagenest commented 2 weeks ago

As it was requested again, we could auto-remove accounts and their mails after n days. Holger mentioned we could use this: https://doc.dovecot.org/configuration_manual/lastlogin_plugin/

link2xt commented 2 weeks ago

I think we better update the timestamp in doveauth and store the timestamp in our own database without using the lastlogin_plugin. We likely also want to update it when user sends a mail, e.g. bots and desktops may keep the connection for a long time without logging in from scratch.

hpk42 commented 2 weeks ago

On Mon, Jun 17, 2024 at 09:03 -0700, link2xt wrote:

I think we better update the timestamp in doveauth and store the timestamp in our own database without using the lastlogin_plugin. We likely also want to update it when user sends a mail, e.g. bots and desktops may keep the connection for a long time without logging in from scratch.

Maybe it's best, after all, to not use any database and rather "touch" a file in a user's mail root dir when either a login happens or a mail is sent. The "cleanup stale accounts" task then just needs to look at files in a user's home dir.

hagenest commented 2 weeks ago

guys, nami and me just found out, that we already save the last login in doveauth.py (l 107)

        if userdata:
            # Update last login time.
            conn.execute(
                "UPDATE users SET last_login=? WHERE addr=?", (int(time.time()), user)
            )
hpk42 commented 2 weeks ago

so we change the database on every login -- hum. Maybe the "int" should be of day granularity so we don't update very often and also keep less precise track of login-times in the DB. Something like time.time() // 86400 * 86400 should do the job. Also, i am wondering now regarding mail-sending: in order to send mail, you need to login -- and postfix calls doveauth for that, so we shouldn't really need to do anything extra, no?