# This file is the default config file for Mailtrain. To use a environment specific # configuration add new file {ENV}.{ext} (eg. production.yaml) to the same folder. # {ENV} is defined by NODE_ENV environment variable. # # Do not modify this file directly, otherwise you might lose your modifications when upgrading # # You should only define the options you want to change in your additional config file. # For example if the only thing you want to change is the port number for the www server # then your additional config file should look like this: # # production.yaml # www: # port: 80 # Process title visible in monitoring logs and process listing title: mailtrain # GDPR related settings (https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) gdpr: # If enabled, after a user unsubscribes or complains, his/her data are removed from the subscription. # Only hashed email remains to prevent resubscription via import deleteDataAfterUnsubscribe: enabled: true secondsAfterUnsubscribe: 86400 # 1 day # If enabled, after the time below, an entry of a subscriber that unsubscribed or complained # is completely removed from the subscribers list (including the hashed email) deleteSubscriptionAfterUnsubscribe: enabled: true secondsAfterUnsubscribe: 2592000 # 30 days # Enabled HTML editors editors: - grapesjs - mosaico - mosaicoWithFsTemplate - ckeditor4 - codeeditor # Default language to use defaultLanguage: en-US # Enabled languages enabledLanguages: - en-US - fk-FK # Inject custom scripts in subscription/layout.mjml.hbs # customSubscriptionScripts: [/custom/hello-world.js] # Enable to use Redis session cache or disable if Redis is not installed redis: enabled: false host: localhost port: 6379 db: 5 # Uncomment if your Redis installation requires a password # password="" # If you start out as a root user (eg. if you want to use ports lower than 1000) # then you can downgrade the user once all services are up and running #user: mailtrain #group: mailtrain # If Mailtrain is started as root, Reports feature drops the privileges of script generating the report to disallow # any modifications of Mailtrain code and even prohibits reading the production configuration (which contains the MySQL # password for read/write operations). The roUser/roGroup determines the user to be used #roUser: nobody #roGroup: nogroup log: # silly|verbose|info|http|warn|error|silent level: info www: # HTTP port to listen on for trusted requests (logged-in users) trustedPort: 3000 # HTTP port to listen on for sandboxed requests (logged-in users) sandboxPort: 3003 # HTTP port to listen on for public requests (campaign recipients) publicPort: 3004 # HTTP interface to listen on host: 0.0.0.0 # URL base for trusted urls (logged-in users). It must be absolute (starting with http:// or https://). If Mailtrain is served on # a non-standard port (e.g. 3000), the URL must also specify the port. trustedUrlBase: http://localhost:3000 # URL base for sandbox urls (logged-in users). It must be absolute (starting with http:// or https://) and contain the sandbox port. sandboxUrlBase: http://localhost:3003 # URL base for public urls (campaign recipients). It must be absolute (starting with http:// or https://) and contain the sandbox port. publicUrlBase: http://localhost:3004 # Secret for signing the session ID cookie secret: a cat # Session length in seconds when remember me is checked remember: 2592000 # 30 days # logger interface for expressjs morgan log: dev # Is the server behind a proxy? true/false # Set this to true if you are serving Mailtrain as a virtual domain through Nginx or Apache proxy: false # maximum POST body size postSize: 2MB mysql: host: localhost user: mailtrain password: mailtrain database: mailtrain # Some installations, eg. MAMP can use a different port (8889) # MAMP users should also turn on Allow network access to MySQL otherwise MySQL might not be accessible port: 3306 charset: utf8mb4 # The timezone configured on the MySQL server. This can be 'local', 'Z', or an offset in the form +HH:MM or -HH:MM # If the MySQL server runs on the same server as Mailtrain, use 'local' timezone: local verp: # Enable to start an MX server that detects bounced messages using VERP # In most cases you do not want to use it # Requires root privileges enabled: false port: 2525 host: 0.0.0.0 # With DMARC, the Return-Path and From address must match the same domain. # By default we get around this by using the VERP address in the Sender header, # with the side effect that some email clients diplay an ugly on behalf of message. # You can safely disable this Sender header if you're not using DMARC or your # VERP hostname is in the same domain as the From address. # disablesenderheader: true ldap: # enable to use ldap user backend enabled: false # method is ldapjs or ldapauth - it chooses the library to be used. If not given, it chooses the one present. # method: ldapjs host: localhost port: 3002 baseDN: ou=users,dc=company filter: (|(username={{username}})(mail={{username}})) # Username field in LDAP (uid/cn/username) uidTag: username # nameTag identifies the attribute to be used for user's full name nameTag: username passwordresetlink: newUserRole: master # Global namespace id newUserNamespaceId: 1 # Use a different user to bind LDAP (final bind DN will be: {{uidTag}}: {{bindUser}},{{baseDN}}) bindUser: name@company.net bindPassword: mySecretPassword postfixbounce: # Enable to allow writing Postfix bounce log to Mailtrain listener # If enabled, tail mail.log to Mailtrain with the following command: # tail -f -n +0 /var/log/mail.log | nc localhost 5699 - enabled: false port: 5699 # allow connections from localhost only host: 127.0.0.1 # extra options for nodemailer nodemailer: #textEncoding: base64 queue: # How many parallel sender processes to spawn processes: 2 cors: # Allow subscription widgets to be embedded # origins: ['https://www.example.com'] mosaico: # Installed templates fsTemplates: - key: versafix-1 label: Versafix One # Inject custom scripts # customscripts: # - /mosaico/custom/my-mosaico-plugin.js grapesjs: # Installed templates templates: - key: demo label: HTML Template - key: aves label: MJML Template reports: # The whole reporting functionality can be disabled below if the they are not needed and the DB cannot be # properly protected. # Reports rely on custom user defined Javascript snippets defined in the report template. The snippets are run on the # server when generating a report. As these snippets are stored in the DB, they pose a security risk because they can # help gaining access to the server if the DB cannot # be properly protected (e.g. if it is shared with another application with security weaknesses). # Mailtrain mitigates this problem by running the custom Javascript snippets in a chrooted environment and under a # DB user that cannot modify the database (see userRO in [mysql] above). However the chrooted environment is available # only if Mailtrain is started as root. The chrooted environment still does not prevent the custom JS script in # performing network operations and in generating XSS attacks as part of the report. # The bottom line is that if people who are creating report templates or have write access to the DB cannot be trusted, # then it's safer to switch off the reporting functionality below. enabled: true testServer: # Starts a vanity server that redirects all mail to /dev/null # Mostly needed for local development enabled: false port: 5587 mailboxServerPort: 3001 host: 0.0.0.0 username: testuser password: testpass logger: false builtinZoneMTA: enabled: true host: localhost port: 2525 mongo: mongodb://127.0.0.1:27017/zone-mta redis: redis://localhost:6379/2 log: level: warn seleniumWebDriver: browser: phantomjs roles: global: master: name: Master admin: true description: All permissions permissions: [rebuildPermissions, createJavascriptWithROAccess, manageBlacklist, manageSettings, setupAutomation] rootNamespaceRole: master namespace: master: name: Master description: All permissions permissions: [view, edit, delete, share, createNamespace, createList, createCustomForm, createReport, createReportTemplate, createTemplate, createMosaicoTemplate, createSendConfiguration, createCampaign, manageUsers] children: sendConfiguration: [viewPublic, viewPrivate, edit, delete, share, sendWithoutOverrides, sendWithAllowedOverrides, sendWithAnyOverrides] list: [view, edit, delete, share, viewFields, manageFields, viewSubscriptions, manageSubscriptions, viewSegments, manageSegments, viewImports, manageImports] customForm: [view, edit, delete, share] campaign: [view, edit, delete, share, viewFiles, manageFiles, viewAttachments, manageAttachments, viewTriggers, manageTriggers, send, viewStats] template: [view, edit, delete, share, viewFiles, manageFiles] report: [view, edit, delete, share, execute, viewContent, viewOutput] reportTemplate: [view, edit, delete, share, execute] mosaicoTemplate: [view, edit, delete, share, viewFiles, manageFiles] namespace: [view, edit, delete, share, createNamespace, createList, createCustomForm, createReport, createReportTemplate, createTemplate, createMosaicoTemplate, createSendConfiguration, createCampaign, manageUsers] sendConfiguration: master: name: Master description: All permissions permissions: [viewPublic, viewPrivate, edit, delete, share, sendWithoutOverrides, sendWithAllowedOverrides, sendWithAnyOverrides] list: master: name: Master description: All permissions permissions: [view, edit, delete, share, viewFields, manageFields, viewSubscriptions, manageSubscriptions, viewSegments, manageSegments, viewImports, manageImports] customForm: master: name: Master description: All permissions permissions: [view, edit, delete, share] campaign: master: name: Master description: All permissions permissions: [view, edit, delete, share, viewFiles, manageFiles, viewAttachments, manageAttachments, viewTriggers, manageTriggers, send, viewStats, manageMessages] template: master: name: Master description: All permissions permissions: [view, edit, delete, share, viewFiles, manageFiles] report: master: name: Master description: All permissions permissions: [view, edit, delete, share, execute, viewContent, viewOutput] reportTemplate: master: name: Master description: All permissions permissions: [view, edit, delete, share, execute] mosaicoTemplate: master: name: Master description: All permissions permissions: [view, edit, delete, share, viewFiles, manageFiles]