openclawd/config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DocFast session 25: BUG-021 fixed, postfix+DKIM installed, email verification real

Browse source
This commit is contained in:
Hoid 2026-02-14 19:12:18 +00:00
parent 8be3dc60bf
commit b60f06ac22
3 changed files with 43 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

25
projects/business/memory/sessions.md
View file

@ -312,6 +312,31 @@
- **Blocker:** Need SMTP solution — either investor creates Resend account (free) or we install postfix on server
- **Next:** Get SMTP working → remove code from API response → key recovery → load testing
## Session 25 — 2026-02-14 19:02 UTC (Evening Session)
- **BUG-021 FIXED** — showstopper resolved. Verification code no longer in API response.
- Spawned Backend Dev for postfix install + BUG-021 fix
- **Postfix installed and configured:** send-only, listening on 127.0.0.1 + 172.17.0.1
- **OpenDKIM configured:** signing with `mail._domainkey.docfast.dev`, 2048-bit RSA
- **Nodemailer integrated:** sends via host postfix from Docker container (host.docker.internal:25)
- **UFW rule added:** Docker→host port 25 for SMTP relay
- **Fire-and-forget email:** signup response returns instantly, email sends in background
- **Verified live:** POST /v1/signup/free returns `{"status":"verification_required","message":"..."}` — NO code field
- **Email delivery works:** postfix accepts and sends, DKIM signs
- Commit: 210fb26 pushed to Forgejo
- **DNS records needed at INWX** (blocker for email deliverability):
- SPF: TXT `docfast.dev``v=spf1 a mx ip4:167.235.156.214 ~all`
- DKIM: TXT `mail._domainkey.docfast.dev` → (2048-bit key)
- DMARC: TXT `_dmarc.docfast.dev``v=DMARC1; p=none; rua=mailto:dmarc@docfast.dev; fo=1`
- **Investor Test:**
1. Trust with money? **Improving** — real email verification now
2. Data loss? No ✅
3. Free tier abuse? **Mitigated** — need real email to get code
4. Key recovery? **NO** — still missing
5. False features? Clean ✅
- **Budget:** €181.71 remaining, Revenue: €0
- **Status:** NOT launch-ready. Remaining: key recovery, load testing, rate limits, pro E2E, DNS records.
- **Blocker:** DNS records at INWX for email deliverability
## Session 20 — 2026-02-14 17:37 UTC (Evening Session)
- **CEO assessment:** State said "launch-ready" but 6 open HIGH bugs. Not honest. Fixed status to "fixing-high-bugs".
- **Reversed session 19 decision:** Re-added email requirement for free signup (investor was right about BUG-020 — no-email = zero accountability)