Fossil

Check-in [aeb98be8]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add an initial draft of design notes for the email notification system.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: aeb98be80f1d51f583b478de25919b2153d49c3a577925b8c6864b7ecfd67bd2
User & Date: drh 2018-06-23 15:48:49.031
Context
2018-06-23
15:49
Add the decode-email.c utility program source code. ... (check-in: 17b4d3e4 user: drh tags: trunk)
15:48
Add an initial draft of design notes for the email notification system. ... (check-in: aeb98be8 user: drh tags: trunk)
14:24
Rework the internal email sending logic so that it is connection-oriented. This makes it more efficient and makes it easier to add support for an SMTP sending method at a later date. ... (check-in: b4218987 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Added tools/email-monitor.tcl.






































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/tcl
#
# Monitor the database file named on the command line for
# incoming email messages.  Print the "To:" line of each
# email on standard output as it is received.
#
# It should be relatively easy to modify this scribe to actually
# deliver the emails to a real email transfer agent such as
# Postfix.
#
# For long-term use, set the polling interval to something
# greater than the default 100 milliseconds.  Polling once
# every 10 seconds is probably sufficient.
#
set POLLING_INTERVAL 100   ;# milliseconds

set dbfile [lindex $argv 0]
if {[llength $argv]!=1} {
  puts stderr "Usage: $argv0 DBFILE"
  exit 1
}
package require sqlite3
puts "SQLite version [sqlite3 -version]"
sqlite3 db $dbfile
db timeout 2000
catch {db eval {PRAGMA journal_mode=WAL}}
db eval {
  CREATE TABLE IF NOT EXISTS email(
    emailid INTEGER PRIMARY KEY,
    msg TXT
  );
}
while {1} {
  db transaction immediate {
    set n 0
    db eval {SELECT msg FROM email} {
      set email ???
      regexp {To: \S*} $msg to
      puts "$to ([string length $msg] bytes)"
      incr n
    }
    if {$n>0} {
      db eval {DELETE FROM email}
    }
    # Hold the write lock a little longer in order to exercise
    # the SQLITE_BUSY handling logic on the writing inside of
    # Fossil.  Probably comment-out this line for production use.
    after 100
  }
  after $POLLING_INTERVAL
}
Added www/emaildesign.md.


























































































































































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
Design of Email Notification
============================

This document contains high-level design notes for the email
notification system in Fossil.  Use this document to get a better
understanding of how Fossil handles email notification, to help
with doing custom configurations, or to help contribute features.

This document assumes expert-level systems knowledge.  A separate
tutorial for setting up email notification by non-experts will be
generated once the email notification systems stablizes.

Email notification is under active development as of this writing
(2018-06-23).  Check back frequently for updates.

Data Design
-----------

There are three new tables in the repository database.  These tables
are not created in new repositories by default.  The tables only
come into existance if email notification is configured and used.


  *  <b>SUBSCRIBER</b> &rarr;
     The subscriber table records the email address for people who
     want to receive email notifications.  Each subscriber has a
     "subscriberCode" which is a random 32-byte blob that uniquely
     identifies the subscriber.  There are also fields to indicate
     what kinds of notifications the subscriber wishes to receive,
     whether or not the email address of the subscriber has been
     verified, etc.

  *  <b>PENDING\_ALERT</b> &rarr;
     The PENDING\_ALERT table contains records that define events
     about which notification emails might need to be sent.
     A pending\_alert always refers to an entry in the
     EVENT table.  The EVENT table is part of the standard schema
     and records timeline entries.  In other words, there is one
     row in the EVENT table for each possible timeline entry.  The
     PENDING\_ALERT table refers to EVENT table entries for which
     we might need to send notification emails.

  *  <b>EMAIL\_BOUNCE</b> &rarr;
     This table is intended to record email bounce history so that
     subscribers with excessive bounces can be turned off.  That
     logic has not yet been implemented so the EMAIL\_BOUNCE table
     is currently unused.

Note that "subscribers" are distinct from "users" in the USER table.
A "user" is someone who has a login and password.  A "subscriber" is
an email address that receives notification events.  Users can be
subscribers, and there is a SUBSCRIBER.SUNAME field that records
the linkage between users and subscribers.  But it is also possible
to be a user without being a subscriber, or to be a subscriber without
being a user.

Sending Email Messages
----------------------

Fossil expects to interact with an external mail agent.
There are currently three different methods for sending outbound
email messages from Fossil to the external mail agent:

  1.  <b>"pipe"</b> &rarr; Invoke an external command that accepts
      the email message on standard input.  This is useful if the
      host computer has a command like /usr/sbin/sendmail that will
      accept well-formed email messages from standard input and forward
      them to the appropriate destination.

  2.  <b>"db"</b> &rarr; Write outgoing email messages into an
      SQLite database file.  The self-hosting Fossil website will
      probably use this technique because Fossil runs inside a
      reduced-privilege chroot jail and cannot invoke commands
      like /usr/sbin/sendmail.  A separate TCL script running on
      the outside of the jail monitors the database and forwards
      email messages to the Postfix mail transfer agent.  There is
      an example TCL script in the
      [tools/email-monitor.tcl](/file/tools/email-monitor.tcl) file
      of the source tree that shows how to do this.

  3.  <b>"dir"</b> $rarr; Write outgoing email messages as individual
      files in a designated directory.  This might be useful for
      testing and debugging.

Internally, there is a fourth email sending method named "stdout"
which simply writes the text of the email message on standard output.
The "stdout" method is used for testing and debugging.

Perhaps we will add an "smtp" sending method in the future.

The emails transmitted have a well-formed header.  The downstream
processing is expected to extract the "To:", "From:", "Subject:" and
whatever other attributes it needs from the email header text.

All emails are text/plain and use a transfer-encoding of base64.

There is a utility command-line program named 
["tools/decode-email.c"](/file/tools/decode-email.c) in
the Fossil source tree.  If you compile this program, you can use it
to convert the base64 transfer-encoding into human-readable output for
testing and debugging.

Receiving Email Messages
------------------------

Inbound email messages (for example bounces from failed notification
emails) should be relayed to the "fossil email inbound" command.  That
command is currently a no-op place-holder.  At some point, we will need
to design and write a bounce-message processing system for Fossil.