From 74c00497e61e612ea326e2eefeb814c8b8712b81 Mon Sep 17 00:00:00 2001 From: Aidan Date: Sat, 15 Feb 2025 22:00:29 -0500 Subject: [PATCH] clarify API security limitations and best practices --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index dd3c553..6bfd707 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,14 @@ mail-connect aims to connect your `docker-mailserver` to *anything* you can imag We provide an extendable API which interacts with the `setup` utility via a Docker socket. We have implemented a SQLite database with Drizzle ORM for faster polling of users, with strategic caching and updating. +## What this API is NOT + +This API is insecure by nature, however not completely. It's meant to be an internal API, and used in frontends which have their own protection systems in place. Think about it... would you like me to direct your mailserver security? I sure hope not... + +As such, users who have access to this API are able to create unlimited accounts, and modify anyone's email address. Thus, your code should be the only user of this API. Once again, **do not make this API public**. + +This provides more upsides than downsides, as it lets you implement enterprise-level security, or have simple IP-based ratelimits. Basic ratelimits have been added in case this API is abused on accident due to a failure in your system. You can configure this based on your expected traffic (plus a lot more, as sometimes you will get reasonable spikes of traffic). + ## Features All features marked with an **E** are extended features, and are not a part of the original `setup` utility.