Summary
Email has long been the most commonly used means of communication on the internet. This week Antoine Nguyen talks about his work on the Modoboa project to make hosting your own mail server easier to manage. He discusses how the project got started, the tools that it ties together, and how he used Django to build a webmail and admin interface to make it more approachable.
Preface
- Hello and welcome to Podcast.__init__, the podcast about Python and the people who make it great.
- I would like to thank everyone who supports us on Patreon. Your contributions help to make the show sustainable.
- When you’re ready to launch your next project you’ll need somewhere to deploy it. Check out Linode at www.podastinit.com/linode?utm_source=rss&utm_medium=rss and get a $20 credit to try out their fast and reliable Linux virtual servers for running your awesome app.
- Need to learn more about how to scale your apps or learn new techniques for building them? Pluralsight has the training and mentoring you need to level up your skills. Go to www.pythonpodcast.com/pluralsight?utm_source=rss&utm_medium=rss to start your free trial today.
- Visit the site to subscribe to the show, sign up for the newsletter, read the show notes, and get in touch.
- To help other people find the show please leave a review on iTunes, or Google Play Music, tell your friends and co-workers, and share it on social media.
- If you work with data for your job or want to learn more about how open source is powering the latest innovations in data science then make your way to the Open Data Science Conference, happening in London in October and San Francisco in November. Follow the links in the show notes to register and help support the show in the process.
- Your host as usual is Tobias Macey and today I’m interviewing Antoine Nguyen about Modoboa, a project to make mail hosting simple.
Interview
- Introductions
- How did you get introduced to Python?
- What is Modoboa and what is the problem that you were trying to solve when you started it?
- Where does the name come from?
- Self-hosting an email server was a common activity during the early stages of the internet, what are some of the reasons that someone should consider running their own mail server now that there are so many options for third-party hosting such as Gmail and Outlook?
- Email hosting has become more complicated in recent years with the need to jump through a lot of hoops to maintain a sufficient reputation to keep your messages from being flagged as spam. Are there any utilities in Modoboa to assist with that process?
- There are a lot of components that you have brought together for running an email server. Can you describe how the different pieces fit together and what layers you have built on top to help make the overall system more manageable?
- What does the scaling strategy look like for Modoboa?
- What is the most challenging aspect of building and maintaining Modoboa?
- What are some of the features that you have planned for the future of Modoboa?
Keep In Touch
Picks
- Tobias
- Antoine
Links
- PyTk
- Postfix
- Dovecot
- Nextcloud
- Owncloud
- SPF Records
- DKIM
- DMARC
- SMTP
- IMAP
- Apache Libcloud
- Amavis
- Mail Transfer Agent
- Radicale
- Ansible
- Docker
- Gentoo
- Packer
- Synology
- Drobo
- Prosody
- Lua
- XMPP
The intro and outro music is from Requiem for a Fish The Freak Fandango Orchestra / CC BY-SA
[00:00:14]
Unknown:
Hello, and welcome to podcast dot in it, the podcast about Python and the people who make it great. I would like to thank everyone who supports us on Patreon. Your contributions helped to make the show sustainable. When you're ready to launch your next project, you'll need somewhere to deploy it, so you should check out Linode at www.podcastinit.com/linode and get a $20 credit to try out their fast and reliable Linux virtual servers for running your next app. Do you need to learn more about how to scale your apps or learn new techniques for building them? Pluralsight has the training and mentoring you need to level up your skills. Go to www.podcastinit.com/pluralsite to start your free trial today.
You can visit the site to subscribe to the show, sign up for the newsletter, read the show notes, get in touch, and support the show. To help other people find the show, please leave a review on Itunes or Google Play Music, tell your friends and coworkers, and share it on social media. If you work with data for your job or want to learn more about how open source is powering the latest innovations in data science, then make your way to the Open Data Science Conference happening in London in October and San Francisco in November. Follow the links in the show notes to register. Your host as usual is Tobias Macy. And today, I'm interviewing Antoine Ngoian about Modo Boa, a project to make mail hosting simple.
So, Antoine, could you please introduce yourself?
[00:01:26] Unknown:
Yes. Thank you for for receiving me. So, I'm, I'm a French developer. I'm 36, this year. I work in information technology for almost 15 years now. I'm mostly a developer, but, I'm also a freelancer in France. I do many, many different things. Those last years, I've worked mostly on, web projects. Is 1 of them, but I also started many many companies, many SaaS SaaS business with with all the guys. And I try to make 1 of my my main activity, but that's not so easy to to to make business, on on this subject. But I think we we have more time to to talk about this after.
[00:02:27] Unknown:
And do you remember how you first got introduced to Python?
[00:02:31] Unknown:
Yes. Yes. Yes. It was in 2 2, 004, my first job, actually. The the the the guy I was working for, asked me to to develop a desktop client using PyTK. I never did such a thing, and I never used Python. So I was very very happy to to discover this this simple language. And and since since then, I always use the I've always used it in every, every project, I made.
[00:03:14] Unknown:
And currently, that project is Motoboa. So I'm wondering if you can talk a bit about what Motoboa is and the problem that you're trying to solve when you first started working on it. Yes.
[00:03:25] Unknown:
So, basically, Motoboa is a web interface to administer a a mail server. I started it in 2, 000 2009. I didn't have a good reason to start this this project. I I since 2004, I played with my servers because, in my first job, I had to to to install my servers based on the open software components such as postfix and. But there was no easy way to do it. So I I had to start again and again and again for each customer. So I was a bit bored, by by this, by this, activity. And I always thought, a good interface would be really really great, to to just, you know, create, accounts, IDS's, distribution list, and and maybe set 1 or super 1 or 2 settings, because Postfix is not is a great software, but not so easy to administer.
And that's the and that's the same for. So in 2009, I decided to to to to try, to make something, some something different. At this time, I was not a web developer because my original education was kernel programming, and network program programming. So it was a it was a huge, a huge change for me at this time, and, and that's all. I just wanted to to try to do something, and now now here we are.
[00:05:18] Unknown:
And does the name have any particular significance or meaning for you?
[00:05:23] Unknown:
Not really. The first name of, of was a male n g for next generation. You have something. I thought it was a it was a clue at this time. And, the I don't, I don't remember the the word in English, but I thought about a sentence, to present for the word, which was something like, module modular, mail roasting and something something something like that. And I just took the first 2 letters of of, of of the words composing this sentence, and the the result was, was approximately. That's all.
[00:06:11] Unknown:
Yeah. I was wondering if it might just be a word from some other language that I wasn't familiar with, but when I tried googling for it, the only thing that came up was your mail server. So at the very least, it has a, good search engine ranking.
[00:06:22] Unknown:
Yes. I think so. I think maybe in port in, Portuguese, in Brazil. May maybe the name has a has a meaning, but I'm not sure about this. And
[00:06:33] Unknown:
self hosting an email server is something that was fairly common during the early stages of the Internet even into the early 2000. But nowadays, most people just use, hosted options like Gmail or Outlook, even for corporate environments. So I'm wondering, what are some of the reasons from your perspective that somebody should consider running their own mail server now that there are so many other options available?
[00:06:59] Unknown:
That's a that's a good question, and, unfortunately, the the answer is is pretty simple. I I think it's it's a matter of of privacy. We've, we've all heard about the the NSA problem a few years ago, and I think I think people today, realize that this is important to to protect its private life and that services like Gmail, Hotmail, or or similar, does don't respect this. So this this is not a this is not a a a trap because a service like like Google or Gmail warns you about about this, but most people don't care about that was true, 3 or 4 years ago. But now I think at least, I I I I'm talking about what I know, and this is the the the French, the French market. But people realize that, this is important, and they they they want to do something against it.
And self hosting about I'm talking about email, but this is, this is this is also true for other other aspects. So you you you can find products like YUNOST, Nextcloud, ONCloud. All those software tries to try to to to bring the to bring an answer to the privacy problem problem. And, and I try to do the same, about email.
[00:08:31] Unknown:
And when you are self hosting an email server, there are a lot of things to think about, particularly in recent years with things like managing your reputation so that your emails don't end up in somebody's spam folder instead of their inbox, managing a lot of the specialized DNS records that help maintain that, reputation and ensure that the mail that you're sending is coming from a trusted source. So what are some of the utilities in Motoboa that will help assist with that process and that reputation management?
[00:09:05] Unknown:
I am that that's that's something difficult to to to make easy. Mudubaba just relies on on, standard standard techniques, SPF, DKIM, most recently, Demark. Those those, standards help people, and companies to maintain a good reputation, about about their emails. Recently, I had I, added some features, with Modovoa to check check this reputation, on a on a per domain basis. You can you can tell Modovoa to to request DNSBL providers frequently to to to check if your if your domain 1 of your domain is is blacklisted or not. And I'm planning to to improve, those checks to also manage the KIM, SPF, and and demark, and demark records to just check if they are present, and if they are present, if they are configured correctly. That's 1 that's 1 thing. And the the other thing which requires a bit more work will be to generate records for people, and I hope I hope I will I will do this 1 day. But once those records are generated, maybe find an automatic way to inject them to the DNS, to do the DNS configuration, but, it it will require to work with, with registrar APIs, and I don't know if, if, all of them provide provide, such a such API.
That might be an issue to to to achieve this, this this feature.
[00:10:56] Unknown:
Man, 1 of the things that might be useful in that endeavor is to use something like the, Lib Cloud project from the Apache Foundation that helps abstract over some of the APIs for various cloud and DNS providers so that you can have a slightly more unified approach to actually managing those records. Oh, that's
[00:11:14] Unknown:
a that's a good information. Thank you. So as you mentioned,
[00:11:18] Unknown:
Motoboa at at least at the base layer relies on things like postfix and dubcut. So it seems that a decent amount of the sort of use case for Motoboa is gluing together some of these different systems and providing a nicer interface for managing them. So I'm wondering if you can just talk about some of the different pieces and layers that you have fit together to create this overall system.
[00:11:42] Unknown:
So you you already know about the the SMTP and the IMAP, parts, which are covered by Postfix and. Maunguru also tries to focus on security because, because this is something important to not not to receive spam and and and viruses. To to do that, I've introduced a support for MAVs. That's, that's an old piece of software, right, and in build, but which works, pretty pretty well. And this is what we call a content filter because it make the it make the it makes the the bridge bit between the the MTA, which is Postfix, and, and the rest of the system.
So every time you receive a you you receive an email, you send it to AMavis, and, this 1, do, do the the anti spam and and antivirus is, checks for for you and send and send back the email to Pro 6 if, if it was considered. So this is this is 1 thing. On the many people, many people ask for for features you you you find on Gmail or Outlook services such as contact management or or calendar. So I'm trying to to answer this, this question by doing some some testing with with a software called RadiCale. RadiCale is a is a CalDAV and CalDAV server writing in Python, And I tried to make a connector between Mudoboa and this software to offer calendar synchronization and contact synchronization too, but, that's not, so easy as I thought when I started this, this project to work. It might it might be longer to to release than, what I thought. What I understand, I think I think that's that's all for now. I, I got, I've got many ideas, all the all the integrations, but, that's not there is nothing concrete at the moment.
[00:13:51] Unknown:
And on top of these underlying systems, from what I was able to gather from the documentation, the web UI and management interface
[00:14:01] Unknown:
for being able to configure and tune the different parameters is a Django application. Is that correct? Yes. Yes. This is a this is a Django application since the beginning. I've I well, at at this time, when I start when I when I, was thinking about doing web development, I I didn't want to do PHP or all those stuff. I I wanted to stay with, with a language that I that I appreciate. So Python was the was the only choice. And, and I discovered Django at this time, and, I have to say, this is really a great a great piece of piece of the software.
[00:14:38] Unknown:
And does the Django application provide a way for you to modify the configuration files for postfix and dubcat and aimavis? And if so, what level of abstraction do you provide in terms of being able to update and modify those settings?
[00:14:56] Unknown:
Unfortunately, no. That's something, I don't want to start because because the the security issues are are many, and I don't have the the right answer to this problem. So that's something I'm planning to do, but I don't know how yet. I have I've got many I've got many ideas, but, I have to I have to try. And the the the most, the fun the the biggest problem I have with with Moldova since I started it is the time because this is not my my main, activity. I have to do all the missions, all the jobs in order to get money. So it's always a matter a matter of time.
[00:15:43] Unknown:
And so it seems that a decent amount of the, security aspects of the system are relying on those underlying pieces of software and making sure that they are a little bit more difficult to actually access those configuration parameters than somebody maybe doing some sort of a, cross site scripting attack or something like that where they would actually have to be able to, land on the server itself and modify the text files locally. Is that correct? Yes. You if you look at the
[00:16:14] Unknown:
how Django is, hosted on most servers, you will find that has many, many, many programs. You will find that Django is not running with a privileged user. It's not running as a as a as root. It's running with a with a with a simple user. Postfix is running with a different user. The code is running with a different user, and configuration files on the file system are owned by the root user. So I don't want to introduce a security, security issue, by allowing the access to those files, to to to the Django user. So I need to find a a good way to do this.
[00:17:01] Unknown:
And is your target user for Motoboa some primarily just individuals who want to be able to run their own mail servers, or are you also trying to build it for small and medium businesses who want to use it for their company email?
[00:17:15] Unknown:
Actually, when I when I started this software, I was targeting individuals. But pretty quickly, I was contacted by Internet service providers in countries different than France, in Brazil, in Asia Asia. I know that, Modovo is is used all around the world today, and, I was really surprised to to receive questions and feature requests from from companies and not only small companies, but but, big providers too. I was, for example, I was recently contacted by a provider in Sweden, which wants to replace its main system, which is getting hold today. And this company has approximately 50:50:50, 000, acorns to to to migrate. So that's, that's a big installation.
So I I I'm really, really happy to to to discover that.
[00:18:21] Unknown:
And so for these larger deployments, what are some of the scaling factors and strategies that will allow Motoboa to be able to handle that volume of usage?
[00:18:32] Unknown:
If you Motoboa is not is not really the the bottleneck in such a in such a architecture. Hosting a web application, and and and, makes makes it scalable is is it's it's pretty easy today, and thanks to Django, this is this is more easy. But, you can't I I think I don't think you you can't find 1 solution to own, those prod and decode. If you if you look at how it works, based system, you will find that each each component has its own strategy and and and scalability. For example, if you if you if you take prospects, you you could you could simply, create an MTA cluster with 1 more than than 1 node and load balance the traffic, between every every node using something like a round robin DNS or or such, such techniques. If you take the off code, the strategy is is different because you you since you need to write, emails to the file system, you need to find a synchronization strategy so so your your cluster, will will not be configured in in the same way. And you you don't have the same issues about performance because, in 1 case, you are talking about, network traffic. In the other case, you're mostly talking about IO IO performance. So so this is not easy to find 1 answer to all those to all those questions, but I try because, I because I'm also doing some professional services around.
I try to to solve those issues for my customers. And maybe 1 day, if I have enough use cases to think, to think about solution, maybe I would be able to to propose something, standard, if I may say.
[00:20:27] Unknown:
And for people who do want to run Motoboa on their own hardware, when I was looking through the documentation, I noticed that you do have an installer script for being able to set up all the different pieces and come up to a running system. So I'm wondering about the way that you determined what the sort of best configuration was for the lowest common denominator of user where you just wanted to get up to a running single node system and if there are any improvements that you're looking to make in that overall deployment story. Yes. Originally, the the installer was
[00:21:04] Unknown:
was made for for individuals trying to set up on a single server. So my my my target was to to to set up a a functional system pretty pretty quickly, a functional and secured system pretty quickly. So the configuration, configuration, and configurations are pretty standard, but, but I think it it fits most most of the use cases you either you would have as an individual. There are improvement improvements I want to do. The first 1 is allowing people to choose the options they they want to they want to activate, before launching launching the the instead of because, right now, you need to you need to modify the configuration file and reload the installer to to apply them. Some another another improvement that I want to to add is the possibility to to upgrade to upgrade an an existing setup because this is a this is a common issue I'm aware about. Many people are asking to for for a simpler update, update mechanism, but, that's not something, something so easy to to do. And maybe, yes, another improvement is to support more, line explosions and maybe other other operating systems like, FreeBSD or NetBSD or some some other BSD systems. And, the last improvement I'm thinking about is, the possibility to to maybe deploy on more than 1 server, but, I don't think, the the installer is the right way to do this.
Maybe I I will work on on, maybe I will work with Hensibor or or Docker for for this improvement because I don't want to to even do it. So
[00:23:01] Unknown:
And does the installer do any sort of hardening of the system at all, or is it purely concerned with installing the mail components and the actual system security is more left as an exercise to the user?
[00:23:14] Unknown:
There is no the no. The does not deal with the with hardening the underlying operating system, but that's something I could do. But once again, I have to I have to check, on which, operating system I'm running and and so, which are the the mechanism available to to harden the system. So, as long as I as long as I stay on on simple distribution distributions like maybe I know who are going to, maybe send to us. That's pretty easy. But, for example, if if, 1 day, I, I had the agenda agenda support, it will be more difficult to add in the system. So I just need to find the the the the the right way to do this.
[00:24:01] Unknown:
And have you looked at all into providing, prebuilt cloud images for people to be able to deploy on some of the various different cloud providers, using something like Packer or, something like that to be so where somebody can just go to Amazon or Linode or wherever and just say, this is the application that I wanna be able to run and just have something that they can just click a button and deploy?
[00:24:25] Unknown:
Not yet. Not yet. I was thinking about, about Docker for a start. I I know some hardware provider like, you know, Synology, Global already provides, images of of the pre installed model for their for their system. But, that that's all for now. But, definitely, that that would be something, yeah, something great to have. Once again, that's that's a a matter of of time. I I would be really, really happy to to to receive your contributions, about this, but, for now, I'm still waiting.
[00:25:02] Unknown:
So what are some of the most challenging aspects of building and maintaining Motoboa? And what are the pieces that you enjoy the most?
[00:25:10] Unknown:
Today, I receive, I receive more and more, feature request bug bug reports, questions from the community and the users, and it it requires a lot of time. So that's the most difficult part to to manage. I'd like to have more time to work on new features, maybe rebuild some some features I did in the past and and that outdated today, or maybe I did it too quickly. And I'm not always happy with the with with the the code that I I made. So I want to I want to refactor it, but I think that's, that's a common that's a common practice, with with developers. So I'd like to have more more time about this, but, but I think now I have to I have to focus on the on the support, on the support part. So that that that's why I propose, professional services and support, support plans to users. But, but it's not, it's not enough, right now to to allocate me more time to work on model. And what was the the last part of the of your question?
[00:26:17] Unknown:
The part that you enjoy most about working on Modiboa?
[00:26:21] Unknown:
Learning new stuff and trying new stuff. That's Modiboa has always been a a a playground to me, a project where I where I could try new technologies, new frameworks, trying to set up something something difficult. And and this is this is a demonstration of my skills also. I can well, when I when I when I'm asked in a job interview what are my skills, how I can demonstrate it, what I know, the the the answer is pretty is pretty easy because I I can say, okay. I'm the maintainer of this software. Go to the GitHub GitHub account. Check my code. Check the website. Check, the documentation I write. This is this is pretty pretty complete. So that's that's what I, that's why I'm I'm I'm proud of today.
[00:27:10] Unknown:
And on top of all of the mechanics of sending and receiving mail and managing the spam filtering, etcetera, there's also decent amount of UI that you've built on top of it as far as being able to gather and report on metrics of the volume and types of mail that are being sent and received at account management. So I'm wondering if you can just give a high level list of some of the most notable features and maybe some of the features that you are working on and have planned for future releases.
[00:27:42] Unknown:
Yes. I can do that. I'm just opening my issues list. So, on the user side, I want to as I said, I want to introduce a nice calendar feature into. And with that, a synchronization feature, I had I, added the contact management plug in a few months ago. So now the only missing part is the calendar. I think I'm going to to rewrite the web mail a bit because, really, it is it is too buggy. I did it very, very quickly for for, not a customer, but a use case in the past, And, and today, I don't want to I don't want to work on this version. I just want to to to to rewrite it rewrite it completely. So I think I'm going to do this, in the next month.
On the admin side, I I want to introduce more, more features to to to make, the the DNS configuration more easy. Maybe some, XMPP integration with the with the instant messaging plug in. I'm thinking about this. I already work with, Prosody, which is a an XMPP server right in in Leway. I'm already working with this on my private server, but, there is no integration with the with the web UI. So maybe I will propose something, in the next month if I, if I have enough time. And, what can I say? There there is a lot of, of features waiting in the in my backlog, but I don't remember every 1 of them. Sorry.
[00:29:24] Unknown:
Sure. So are there any other aspects of Motoboa that you think we should talk about or anything associated with it that you wanna bring up before we start to close out the show?
[00:29:33] Unknown:
Yes. The I think the last, the last thing I should or I should work on or maybe the community should work on is the documentation because today, it's all it's only, the edge deals with configuration setup, but there is no, there is no real guide about, about all the possibilities, you have with the with the web UI. So a good user documentation will be will be really appreciated.
[00:30:06] Unknown:
Alright. Well, hopefully, we can help the help help you make that a reality. Thank you. So for anyone who wants to get in touch with you and follow what you're up to, I'll have you add your preferred contact information to the show notes. And so with that, I'll move us to the picks. And for my pick today, I'm going to choose the dropbox paper web app because that's what I've been using for the show notes for the episodes for quite a while now, and it's been great. 1 of the things I like most about it is the fact that it actually supports markdown syntax so that I can just copy and paste the end result into my CMS and click publish and not have to go through any pains of reformatting or converting from 1 format to another, like I was having to do with things like, Google Docs. And they've been adding a lot of new features and functionality, so it seems like they've got some sort of, minimal project management templates and things like that. So it seems like they're doing a lot of work on making it very useful and making it be a pretty full fledged competitor to some of the other online collaborative document editors out there. So for anybody who is looking for something like that, definitely recommend taking a look. And so with that, I'll pass it to you. Do you have any picks for us this week, Antoine?
[00:31:22] Unknown:
Yes. So also to to to contact me, you you can send me an email. So my, my email address is, toioarabasngyn.org. You can follow me on Twitter if you want. My Twitter account is, a n t n g u, and that's all. So this is this is the new this is the new the new year, so everything, start again. And I I I I practice I practice, martial arts since 15 years now. This is Kapua, and this is Brazilian martial art, which, which follow which follows me for many years now. This is the other thing the other thing I do, the most after, after.
[00:32:13] Unknown:
For anyone who isn't familiar with Capoeira, it's definitely quite fascinating to watch, and I have an immense amount of respect for anyone who can actually do it.
[00:32:23] Unknown:
Thank you.
[00:32:24] Unknown:
Well, I, appreciate you taking the time out of your day to talk to me about the work that you're doing with Motoboa. Definitely seems like an interesting platform, and I wish you the best of luck on that. And I hope you, find a lot more use for that. And I hope a lot of people who are listening to the show are able to gain some value from it. So thank you for your time, and I hope you enjoy the rest of your day. Yeah. I, I I hope to. And, thank you for contacting me.
Hello, and welcome to podcast dot in it, the podcast about Python and the people who make it great. I would like to thank everyone who supports us on Patreon. Your contributions helped to make the show sustainable. When you're ready to launch your next project, you'll need somewhere to deploy it, so you should check out Linode at www.podcastinit.com/linode and get a $20 credit to try out their fast and reliable Linux virtual servers for running your next app. Do you need to learn more about how to scale your apps or learn new techniques for building them? Pluralsight has the training and mentoring you need to level up your skills. Go to www.podcastinit.com/pluralsite to start your free trial today.
You can visit the site to subscribe to the show, sign up for the newsletter, read the show notes, get in touch, and support the show. To help other people find the show, please leave a review on Itunes or Google Play Music, tell your friends and coworkers, and share it on social media. If you work with data for your job or want to learn more about how open source is powering the latest innovations in data science, then make your way to the Open Data Science Conference happening in London in October and San Francisco in November. Follow the links in the show notes to register. Your host as usual is Tobias Macy. And today, I'm interviewing Antoine Ngoian about Modo Boa, a project to make mail hosting simple.
So, Antoine, could you please introduce yourself?
[00:01:26] Unknown:
Yes. Thank you for for receiving me. So, I'm, I'm a French developer. I'm 36, this year. I work in information technology for almost 15 years now. I'm mostly a developer, but, I'm also a freelancer in France. I do many, many different things. Those last years, I've worked mostly on, web projects. Is 1 of them, but I also started many many companies, many SaaS SaaS business with with all the guys. And I try to make 1 of my my main activity, but that's not so easy to to to make business, on on this subject. But I think we we have more time to to talk about this after.
[00:02:27] Unknown:
And do you remember how you first got introduced to Python?
[00:02:31] Unknown:
Yes. Yes. Yes. It was in 2 2, 004, my first job, actually. The the the the guy I was working for, asked me to to develop a desktop client using PyTK. I never did such a thing, and I never used Python. So I was very very happy to to discover this this simple language. And and since since then, I always use the I've always used it in every, every project, I made.
[00:03:14] Unknown:
And currently, that project is Motoboa. So I'm wondering if you can talk a bit about what Motoboa is and the problem that you're trying to solve when you first started working on it. Yes.
[00:03:25] Unknown:
So, basically, Motoboa is a web interface to administer a a mail server. I started it in 2, 000 2009. I didn't have a good reason to start this this project. I I since 2004, I played with my servers because, in my first job, I had to to to install my servers based on the open software components such as postfix and. But there was no easy way to do it. So I I had to start again and again and again for each customer. So I was a bit bored, by by this, by this, activity. And I always thought, a good interface would be really really great, to to just, you know, create, accounts, IDS's, distribution list, and and maybe set 1 or super 1 or 2 settings, because Postfix is not is a great software, but not so easy to administer.
And that's the and that's the same for. So in 2009, I decided to to to to try, to make something, some something different. At this time, I was not a web developer because my original education was kernel programming, and network program programming. So it was a it was a huge, a huge change for me at this time, and, and that's all. I just wanted to to try to do something, and now now here we are.
[00:05:18] Unknown:
And does the name have any particular significance or meaning for you?
[00:05:23] Unknown:
Not really. The first name of, of was a male n g for next generation. You have something. I thought it was a it was a clue at this time. And, the I don't, I don't remember the the word in English, but I thought about a sentence, to present for the word, which was something like, module modular, mail roasting and something something something like that. And I just took the first 2 letters of of, of of the words composing this sentence, and the the result was, was approximately. That's all.
[00:06:11] Unknown:
Yeah. I was wondering if it might just be a word from some other language that I wasn't familiar with, but when I tried googling for it, the only thing that came up was your mail server. So at the very least, it has a, good search engine ranking.
[00:06:22] Unknown:
Yes. I think so. I think maybe in port in, Portuguese, in Brazil. May maybe the name has a has a meaning, but I'm not sure about this. And
[00:06:33] Unknown:
self hosting an email server is something that was fairly common during the early stages of the Internet even into the early 2000. But nowadays, most people just use, hosted options like Gmail or Outlook, even for corporate environments. So I'm wondering, what are some of the reasons from your perspective that somebody should consider running their own mail server now that there are so many other options available?
[00:06:59] Unknown:
That's a that's a good question, and, unfortunately, the the answer is is pretty simple. I I think it's it's a matter of of privacy. We've, we've all heard about the the NSA problem a few years ago, and I think I think people today, realize that this is important to to protect its private life and that services like Gmail, Hotmail, or or similar, does don't respect this. So this this is not a this is not a a a trap because a service like like Google or Gmail warns you about about this, but most people don't care about that was true, 3 or 4 years ago. But now I think at least, I I I I'm talking about what I know, and this is the the the French, the French market. But people realize that, this is important, and they they they want to do something against it.
And self hosting about I'm talking about email, but this is, this is this is also true for other other aspects. So you you you can find products like YUNOST, Nextcloud, ONCloud. All those software tries to try to to to bring the to bring an answer to the privacy problem problem. And, and I try to do the same, about email.
[00:08:31] Unknown:
And when you are self hosting an email server, there are a lot of things to think about, particularly in recent years with things like managing your reputation so that your emails don't end up in somebody's spam folder instead of their inbox, managing a lot of the specialized DNS records that help maintain that, reputation and ensure that the mail that you're sending is coming from a trusted source. So what are some of the utilities in Motoboa that will help assist with that process and that reputation management?
[00:09:05] Unknown:
I am that that's that's something difficult to to to make easy. Mudubaba just relies on on, standard standard techniques, SPF, DKIM, most recently, Demark. Those those, standards help people, and companies to maintain a good reputation, about about their emails. Recently, I had I, added some features, with Modovoa to check check this reputation, on a on a per domain basis. You can you can tell Modovoa to to request DNSBL providers frequently to to to check if your if your domain 1 of your domain is is blacklisted or not. And I'm planning to to improve, those checks to also manage the KIM, SPF, and and demark, and demark records to just check if they are present, and if they are present, if they are configured correctly. That's 1 that's 1 thing. And the the other thing which requires a bit more work will be to generate records for people, and I hope I hope I will I will do this 1 day. But once those records are generated, maybe find an automatic way to inject them to the DNS, to do the DNS configuration, but, it it will require to work with, with registrar APIs, and I don't know if, if, all of them provide provide, such a such API.
That might be an issue to to to achieve this, this this feature.
[00:10:56] Unknown:
Man, 1 of the things that might be useful in that endeavor is to use something like the, Lib Cloud project from the Apache Foundation that helps abstract over some of the APIs for various cloud and DNS providers so that you can have a slightly more unified approach to actually managing those records. Oh, that's
[00:11:14] Unknown:
a that's a good information. Thank you. So as you mentioned,
[00:11:18] Unknown:
Motoboa at at least at the base layer relies on things like postfix and dubcut. So it seems that a decent amount of the sort of use case for Motoboa is gluing together some of these different systems and providing a nicer interface for managing them. So I'm wondering if you can just talk about some of the different pieces and layers that you have fit together to create this overall system.
[00:11:42] Unknown:
So you you already know about the the SMTP and the IMAP, parts, which are covered by Postfix and. Maunguru also tries to focus on security because, because this is something important to not not to receive spam and and and viruses. To to do that, I've introduced a support for MAVs. That's, that's an old piece of software, right, and in build, but which works, pretty pretty well. And this is what we call a content filter because it make the it make the it makes the the bridge bit between the the MTA, which is Postfix, and, and the rest of the system.
So every time you receive a you you receive an email, you send it to AMavis, and, this 1, do, do the the anti spam and and antivirus is, checks for for you and send and send back the email to Pro 6 if, if it was considered. So this is this is 1 thing. On the many people, many people ask for for features you you you find on Gmail or Outlook services such as contact management or or calendar. So I'm trying to to answer this, this question by doing some some testing with with a software called RadiCale. RadiCale is a is a CalDAV and CalDAV server writing in Python, And I tried to make a connector between Mudoboa and this software to offer calendar synchronization and contact synchronization too, but, that's not, so easy as I thought when I started this, this project to work. It might it might be longer to to release than, what I thought. What I understand, I think I think that's that's all for now. I, I got, I've got many ideas, all the all the integrations, but, that's not there is nothing concrete at the moment.
[00:13:51] Unknown:
And on top of these underlying systems, from what I was able to gather from the documentation, the web UI and management interface
[00:14:01] Unknown:
for being able to configure and tune the different parameters is a Django application. Is that correct? Yes. Yes. This is a this is a Django application since the beginning. I've I well, at at this time, when I start when I when I, was thinking about doing web development, I I didn't want to do PHP or all those stuff. I I wanted to stay with, with a language that I that I appreciate. So Python was the was the only choice. And, and I discovered Django at this time, and, I have to say, this is really a great a great piece of piece of the software.
[00:14:38] Unknown:
And does the Django application provide a way for you to modify the configuration files for postfix and dubcat and aimavis? And if so, what level of abstraction do you provide in terms of being able to update and modify those settings?
[00:14:56] Unknown:
Unfortunately, no. That's something, I don't want to start because because the the security issues are are many, and I don't have the the right answer to this problem. So that's something I'm planning to do, but I don't know how yet. I have I've got many I've got many ideas, but, I have to I have to try. And the the the most, the fun the the biggest problem I have with with Moldova since I started it is the time because this is not my my main, activity. I have to do all the missions, all the jobs in order to get money. So it's always a matter a matter of time.
[00:15:43] Unknown:
And so it seems that a decent amount of the, security aspects of the system are relying on those underlying pieces of software and making sure that they are a little bit more difficult to actually access those configuration parameters than somebody maybe doing some sort of a, cross site scripting attack or something like that where they would actually have to be able to, land on the server itself and modify the text files locally. Is that correct? Yes. You if you look at the
[00:16:14] Unknown:
how Django is, hosted on most servers, you will find that has many, many, many programs. You will find that Django is not running with a privileged user. It's not running as a as a as root. It's running with a with a with a simple user. Postfix is running with a different user. The code is running with a different user, and configuration files on the file system are owned by the root user. So I don't want to introduce a security, security issue, by allowing the access to those files, to to to the Django user. So I need to find a a good way to do this.
[00:17:01] Unknown:
And is your target user for Motoboa some primarily just individuals who want to be able to run their own mail servers, or are you also trying to build it for small and medium businesses who want to use it for their company email?
[00:17:15] Unknown:
Actually, when I when I started this software, I was targeting individuals. But pretty quickly, I was contacted by Internet service providers in countries different than France, in Brazil, in Asia Asia. I know that, Modovo is is used all around the world today, and, I was really surprised to to receive questions and feature requests from from companies and not only small companies, but but, big providers too. I was, for example, I was recently contacted by a provider in Sweden, which wants to replace its main system, which is getting hold today. And this company has approximately 50:50:50, 000, acorns to to to migrate. So that's, that's a big installation.
So I I I'm really, really happy to to to discover that.
[00:18:21] Unknown:
And so for these larger deployments, what are some of the scaling factors and strategies that will allow Motoboa to be able to handle that volume of usage?
[00:18:32] Unknown:
If you Motoboa is not is not really the the bottleneck in such a in such a architecture. Hosting a web application, and and and, makes makes it scalable is is it's it's pretty easy today, and thanks to Django, this is this is more easy. But, you can't I I think I don't think you you can't find 1 solution to own, those prod and decode. If you if you look at how it works, based system, you will find that each each component has its own strategy and and and scalability. For example, if you if you if you take prospects, you you could you could simply, create an MTA cluster with 1 more than than 1 node and load balance the traffic, between every every node using something like a round robin DNS or or such, such techniques. If you take the off code, the strategy is is different because you you since you need to write, emails to the file system, you need to find a synchronization strategy so so your your cluster, will will not be configured in in the same way. And you you don't have the same issues about performance because, in 1 case, you are talking about, network traffic. In the other case, you're mostly talking about IO IO performance. So so this is not easy to find 1 answer to all those to all those questions, but I try because, I because I'm also doing some professional services around.
I try to to solve those issues for my customers. And maybe 1 day, if I have enough use cases to think, to think about solution, maybe I would be able to to propose something, standard, if I may say.
[00:20:27] Unknown:
And for people who do want to run Motoboa on their own hardware, when I was looking through the documentation, I noticed that you do have an installer script for being able to set up all the different pieces and come up to a running system. So I'm wondering about the way that you determined what the sort of best configuration was for the lowest common denominator of user where you just wanted to get up to a running single node system and if there are any improvements that you're looking to make in that overall deployment story. Yes. Originally, the the installer was
[00:21:04] Unknown:
was made for for individuals trying to set up on a single server. So my my my target was to to to set up a a functional system pretty pretty quickly, a functional and secured system pretty quickly. So the configuration, configuration, and configurations are pretty standard, but, but I think it it fits most most of the use cases you either you would have as an individual. There are improvement improvements I want to do. The first 1 is allowing people to choose the options they they want to they want to activate, before launching launching the the instead of because, right now, you need to you need to modify the configuration file and reload the installer to to apply them. Some another another improvement that I want to to add is the possibility to to upgrade to upgrade an an existing setup because this is a this is a common issue I'm aware about. Many people are asking to for for a simpler update, update mechanism, but, that's not something, something so easy to to do. And maybe, yes, another improvement is to support more, line explosions and maybe other other operating systems like, FreeBSD or NetBSD or some some other BSD systems. And, the last improvement I'm thinking about is, the possibility to to maybe deploy on more than 1 server, but, I don't think, the the installer is the right way to do this.
Maybe I I will work on on, maybe I will work with Hensibor or or Docker for for this improvement because I don't want to to even do it. So
[00:23:01] Unknown:
And does the installer do any sort of hardening of the system at all, or is it purely concerned with installing the mail components and the actual system security is more left as an exercise to the user?
[00:23:14] Unknown:
There is no the no. The does not deal with the with hardening the underlying operating system, but that's something I could do. But once again, I have to I have to check, on which, operating system I'm running and and so, which are the the mechanism available to to harden the system. So, as long as I as long as I stay on on simple distribution distributions like maybe I know who are going to, maybe send to us. That's pretty easy. But, for example, if if, 1 day, I, I had the agenda agenda support, it will be more difficult to add in the system. So I just need to find the the the the the right way to do this.
[00:24:01] Unknown:
And have you looked at all into providing, prebuilt cloud images for people to be able to deploy on some of the various different cloud providers, using something like Packer or, something like that to be so where somebody can just go to Amazon or Linode or wherever and just say, this is the application that I wanna be able to run and just have something that they can just click a button and deploy?
[00:24:25] Unknown:
Not yet. Not yet. I was thinking about, about Docker for a start. I I know some hardware provider like, you know, Synology, Global already provides, images of of the pre installed model for their for their system. But, that that's all for now. But, definitely, that that would be something, yeah, something great to have. Once again, that's that's a a matter of of time. I I would be really, really happy to to to receive your contributions, about this, but, for now, I'm still waiting.
[00:25:02] Unknown:
So what are some of the most challenging aspects of building and maintaining Motoboa? And what are the pieces that you enjoy the most?
[00:25:10] Unknown:
Today, I receive, I receive more and more, feature request bug bug reports, questions from the community and the users, and it it requires a lot of time. So that's the most difficult part to to manage. I'd like to have more time to work on new features, maybe rebuild some some features I did in the past and and that outdated today, or maybe I did it too quickly. And I'm not always happy with the with with the the code that I I made. So I want to I want to refactor it, but I think that's, that's a common that's a common practice, with with developers. So I'd like to have more more time about this, but, but I think now I have to I have to focus on the on the support, on the support part. So that that that's why I propose, professional services and support, support plans to users. But, but it's not, it's not enough, right now to to allocate me more time to work on model. And what was the the last part of the of your question?
[00:26:17] Unknown:
The part that you enjoy most about working on Modiboa?
[00:26:21] Unknown:
Learning new stuff and trying new stuff. That's Modiboa has always been a a a playground to me, a project where I where I could try new technologies, new frameworks, trying to set up something something difficult. And and this is this is a demonstration of my skills also. I can well, when I when I when I'm asked in a job interview what are my skills, how I can demonstrate it, what I know, the the the answer is pretty is pretty easy because I I can say, okay. I'm the maintainer of this software. Go to the GitHub GitHub account. Check my code. Check the website. Check, the documentation I write. This is this is pretty pretty complete. So that's that's what I, that's why I'm I'm I'm proud of today.
[00:27:10] Unknown:
And on top of all of the mechanics of sending and receiving mail and managing the spam filtering, etcetera, there's also decent amount of UI that you've built on top of it as far as being able to gather and report on metrics of the volume and types of mail that are being sent and received at account management. So I'm wondering if you can just give a high level list of some of the most notable features and maybe some of the features that you are working on and have planned for future releases.
[00:27:42] Unknown:
Yes. I can do that. I'm just opening my issues list. So, on the user side, I want to as I said, I want to introduce a nice calendar feature into. And with that, a synchronization feature, I had I, added the contact management plug in a few months ago. So now the only missing part is the calendar. I think I'm going to to rewrite the web mail a bit because, really, it is it is too buggy. I did it very, very quickly for for, not a customer, but a use case in the past, And, and today, I don't want to I don't want to work on this version. I just want to to to to rewrite it rewrite it completely. So I think I'm going to do this, in the next month.
On the admin side, I I want to introduce more, more features to to to make, the the DNS configuration more easy. Maybe some, XMPP integration with the with the instant messaging plug in. I'm thinking about this. I already work with, Prosody, which is a an XMPP server right in in Leway. I'm already working with this on my private server, but, there is no integration with the with the web UI. So maybe I will propose something, in the next month if I, if I have enough time. And, what can I say? There there is a lot of, of features waiting in the in my backlog, but I don't remember every 1 of them. Sorry.
[00:29:24] Unknown:
Sure. So are there any other aspects of Motoboa that you think we should talk about or anything associated with it that you wanna bring up before we start to close out the show?
[00:29:33] Unknown:
Yes. The I think the last, the last thing I should or I should work on or maybe the community should work on is the documentation because today, it's all it's only, the edge deals with configuration setup, but there is no, there is no real guide about, about all the possibilities, you have with the with the web UI. So a good user documentation will be will be really appreciated.
[00:30:06] Unknown:
Alright. Well, hopefully, we can help the help help you make that a reality. Thank you. So for anyone who wants to get in touch with you and follow what you're up to, I'll have you add your preferred contact information to the show notes. And so with that, I'll move us to the picks. And for my pick today, I'm going to choose the dropbox paper web app because that's what I've been using for the show notes for the episodes for quite a while now, and it's been great. 1 of the things I like most about it is the fact that it actually supports markdown syntax so that I can just copy and paste the end result into my CMS and click publish and not have to go through any pains of reformatting or converting from 1 format to another, like I was having to do with things like, Google Docs. And they've been adding a lot of new features and functionality, so it seems like they've got some sort of, minimal project management templates and things like that. So it seems like they're doing a lot of work on making it very useful and making it be a pretty full fledged competitor to some of the other online collaborative document editors out there. So for anybody who is looking for something like that, definitely recommend taking a look. And so with that, I'll pass it to you. Do you have any picks for us this week, Antoine?
[00:31:22] Unknown:
Yes. So also to to to contact me, you you can send me an email. So my, my email address is, toioarabasngyn.org. You can follow me on Twitter if you want. My Twitter account is, a n t n g u, and that's all. So this is this is the new this is the new the new year, so everything, start again. And I I I I practice I practice, martial arts since 15 years now. This is Kapua, and this is Brazilian martial art, which, which follow which follows me for many years now. This is the other thing the other thing I do, the most after, after.
[00:32:13] Unknown:
For anyone who isn't familiar with Capoeira, it's definitely quite fascinating to watch, and I have an immense amount of respect for anyone who can actually do it.
[00:32:23] Unknown:
Thank you.
[00:32:24] Unknown:
Well, I, appreciate you taking the time out of your day to talk to me about the work that you're doing with Motoboa. Definitely seems like an interesting platform, and I wish you the best of luck on that. And I hope you, find a lot more use for that. And I hope a lot of people who are listening to the show are able to gain some value from it. So thank you for your time, and I hope you enjoy the rest of your day. Yeah. I, I I hope to. And, thank you for contacting me.
Introduction and Guest Introduction
Antoine Ngoian's Background and Career
First Encounter with Python
Overview of Motoboa
Importance of Self-Hosting Email Servers
Reputation Management in Motoboa
Components and Layers of Motoboa
Security and Configuration Management
Target Users and Scalability
Installer and Deployment Improvements
Challenges and Enjoyments of Developing Motoboa
Notable Features and Future Plans
Documentation and Community Contributions
Contact Information and Closing Remarks
