Custom Haraka Plugin Support for the Mail Addon
-
A regulation with the very German name "Grundsätze zur ordnungsmäßigen Führung und Aufbewahrung von Büchern, Aufzeichnungen und Unterlagen in elektronischer Form sowie zum Datenzugriff", abbreviated as GoBD, requires comprehensive archiving of all business communications. I struggled to find good English documentation on this, but Stripe provides a very brief overview here if you're interested: https://stripe.com/en-de/resources/more/gobd-in-germany.
I've been trying to implement compliant email archiving on Cloudron, but whatever I try, I'm running into roadblocks. The main issue is that we need to archive all emails, both incoming and outgoing, especially transactional emails from apps like Invoice Ninja, which handles sending invoices, which are extremely critical in regards to the GoBD.
I know there have been previous requests for an "Always BCC" feature:
https://forum.cloudron.io/topic/4785/bcc-all-outgoing-mail
https://forum.cloudron.io/topic/8836/is-the-always-bcc-now-is-avaiable-from-haraka-nowThe suggested workaround in these threads (client-side BCC rules) unfortunately won't work for compliance because:
- Users can accidentally delete or modify the rules
- Users could use the webmailer instead of their email client intermittently, mails sent there wouldn't be archived
- App-generated emails bypass user mailboxes entirely
A few months back, I tried writing a small Haraka plugin that implements a functionality like the always_bcc one from postfix for outgoing emails. I think I can handle incoming emails in a similar way. The plugin worked when I tested it manually, but there's no apparent way to integrate it with Cloudron's mail addon since any changes in the container get lost on the next restart and I then got side-tracked with other projects.
The issue now resurfaced for me and I wanted to ask if it would be possible to add support for custom Haraka plugins in the mail addon? I'm not looking for anything fancy, something like a directory mount into the container where we could place custom plugins that persist across updates would be incredibly helpful.
In combination with a working haraka plugin, this would solve our archiving compliance issue and even open up other customization possibilities for users with specific mailing requirements.
-
M milian.hackradt referenced this topic
-
From Cloudron's POV, Haraka is an implementation detail (while nothing that we have made lots of contributors to Haraka) . I think opening up Haraka to end users just sets up for future maintenance problems.
Maybe this can work another way: if you don't mind contributing the plugin, maybe we can work together to get it integrated into Cloudron itself? We have enough hooks in our custom Cloudron plugin already (for the eventlog) to capture the emails, I think. So, I guess we need to put all the mails in some database or equivalent.