From 27f7cdda6474cfe28706733c346012003866bc16 Mon Sep 17 00:00:00 2001
From: Martin Ashby <martin@ashbysoft.com>
Date: Sat, 15 Feb 2020 22:35:32 +0000
Subject: [PATCH] Added settings for implicit TLS support

---
 config/config.go              | 12 ++++++++----
 imap/imap_server.go           | 14 ++++++++++++++
 smtp/mail_submission_agent.go | 20 ++++++++++++++++++++
 3 files changed, 42 insertions(+), 4 deletions(-)

diff --git a/config/config.go b/config/config.go
index 5f6f979..8555d15 100644
--- a/config/config.go
+++ b/config/config.go
@@ -24,10 +24,12 @@ const (
 	ServerName = "ServerName"
 
 	// Ports / addresses to listen on for various services
-	MsaAddress      = "MsaAddress"
-	MtaAddress      = "MtaAddress"
-	ImapAddress     = "ImapAddress"
-	WebAdminAddress = "WebAdminAddress"
+	MsaAddress             = "MsaAddress"
+	MsaImplicitTLSAddress  = "MsaImplicitTLSAddress"
+	MtaAddress             = "MtaAddress"
+	ImapAddress            = "ImapAddress"
+	ImapImplicitTLSAddress = "ImapImplicitTLSAddress"
+	WebAdminAddress        = "WebAdminAddress"
 
 	// DNS
 	DnsServer      = "DnsServer"
@@ -85,8 +87,10 @@ func SetupConfig() {
 	viper.SetDefault(ServerName, "mail.example.com")
 
 	viper.SetDefault(MsaAddress, ":587")
+	viper.SetDefault(MsaImplicitTLSAddress, ":465")
 	viper.SetDefault(MtaAddress, ":25")
 	viper.SetDefault(ImapAddress, ":143")
+	viper.SetDefault(ImapImplicitTLSAddress, ":993")
 	viper.SetDefault(WebAdminAddress, ":443")
 	viper.SetDefault(WebAdminUseTls, true)
 
diff --git a/imap/imap_server.go b/imap/imap_server.go
index bc34665..2584a54 100644
--- a/imap/imap_server.go
+++ b/imap/imap_server.go
@@ -38,6 +38,20 @@ func StartImap(db *sql.DB, tls *tls.Config) {
 			log.Fatal(err)
 		}
 	}()
+
+	// Also start one on the
+	if config.GetBool(config.ImapUseTls) {
+		s := server.New(be)
+		s.Addr = config.GetString(config.ImapImplicitTLSAddress)
+		s.Debug = os.Stdout
+		s.TLSConfig = tls
+		go func() {
+			log.Println("Starting IMAP server with implicit TLS at ", s.Addr)
+			if err := s.ListenAndServeTLS(); err != nil {
+				log.Fatal(err)
+			}
+		}()
+	}
 }
 
 type imapBackend struct {
diff --git a/smtp/mail_submission_agent.go b/smtp/mail_submission_agent.go
index 130276e..d9b794b 100644
--- a/smtp/mail_submission_agent.go
+++ b/smtp/mail_submission_agent.go
@@ -39,6 +39,26 @@ func StartMsa(db *sql.DB, proc process.MsgProcessor, tls *tls.Config) {
 			log.Fatal(err)
 		}
 	}()
+
+	// Also start one on the implicit TLS port if we're using TLS
+	if config.GetBool(config.MsaUseTls) {
+		s := smtp.NewServer(be)
+		s.Addr = config.GetString(config.MsaImplicitTLSAddress)
+		s.Domain = config.GetString(config.ServerName)
+		//TODO come back to this
+		// s.ReadTimeout = time.Duration config.GetInt(config.MaxIdleSeconds)
+		s.MaxMessageBytes = config.GetInt(config.MaxMessageBytes)
+		s.MaxRecipients = config.GetInt(config.MaxRecipients)
+		s.AllowInsecureAuth = !config.GetBool(config.MsaUseTls)
+		s.Debug = os.Stdout
+		s.TLSConfig = tls
+		go func() {
+			log.Println("Starting mail submission agent with implicit TLS at ", s.Addr)
+			if err := s.ListenAndServeTLS(); err != nil {
+				log.Fatal(err)
+			}
+		}()
+	}
 }
 
 type smtpSubmissionBackend struct {