[GH-ISSUE #505] Activation process for new account #487

New issue

Open

opened 2026-02-27 11:12:01 +03:00 by kerem · 6 comments

kerem commented 2026-02-27 11:12:01 +03:00

Owner

Copy link

Originally created by @patrickbenkoetter on GitHub (Jan 2, 2014).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/505

modo should offer an activation process for new accounts. The mailsystem should not route or filter messages for an account that hasn't been activated yet.

This gives us two advantages:

1. We don't accept and store spam/malware for an inactive account
2. The user explicitly has to consent to the domains filtering policy. The consent creates the legal ground. If spam is e.g. suppressed the user can't complain, because he/she consented in the first. Without consent the account must not be activated.

Originally created by @patrickbenkoetter on GitHub (Jan 2, 2014). Original GitHub issue: https://github.com/modoboa/modoboa/issues/505 modo should offer an activation process for new accounts. The mailsystem should not route or filter messages for an account that hasn't been activated yet. This gives us two advantages: 1. We don't accept and store spam/malware for an inactive account 2. The user explicitly has to consent to the domains filtering policy. The consent creates the legal ground. If spam is e.g. suppressed the user can't complain, because he/she consented in the first. Without consent the account must not be activated.

kerem added the

enhancement

label 2026-02-27 11:12:01 +03:00

kerem commented 2026-02-27 11:12:02 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Jan 3, 2014):

How would you to that? Display a specific wizard on first login?

<!-- gh-comment-id:31520033 --> @tonioo commented on GitHub (Jan 3, 2014): How would you to that? Display a specific wizard on first login?

kerem commented 2026-02-27 11:12:02 +03:00

Author

Owner

Copy link

@patrickbenkoetter commented on GitHub (Jan 3, 2014):

• Antoine Nguyen reply@reply.github.com:

  How would you to that? Display a specific wizard on first login?

Yes, I think that's how I would do it. The overall process I have on my mind
goes somewhat like this:

Before that an (domain)admin would have to describe a filter policy and enable
the activation process.

A new account would be created, but not activated.

Maybe we would drop a message into the accounts mailbox telling the recipient
she would have to follow this URL to activate the account.

When the user logs into modo she would - immediately after login - have to
read the/a page that describes the filter policy.

Maybe modo/the admin would let the user choose if a certain content class
should be rejected, quarantined or delivered? The choice could lead to
appropriate amavis SQL entries.

Maybe the user would have no choice except accepting the given policy.

If the user accepts the filter policies, the account will be activated; the
user may send and receive messages. The activation date would be noted in the
database. The admin could have a 'lastlogin' command to tell which accounts
have been activated and when.

If the user rejects the policy the mailbox remains deactivated. Maybe a
notification about this should be sent to the (domain)admin.

p@rick

[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

<!-- gh-comment-id:31560548 --> @patrickbenkoetter commented on GitHub (Jan 3, 2014): - Antoine Nguyen reply@reply.github.com: > How would you to that? Display a specific wizard on first login? Yes, I think that's how I would do it. The overall process I have on my mind goes somewhat like this: Before that an (domain)admin would have to describe a filter policy and enable the activation process. A new account would be created, but not activated. Maybe we would drop a message into the accounts mailbox telling the recipient she would have to follow _this URL_ to activate the account. When the user logs into modo she would - immediately after login - have to read the/a page that describes the filter policy. Maybe modo/the admin would let the user choose if a certain content class should be rejected, quarantined or delivered? The choice could lead to appropriate amavis SQL entries. Maybe the user would have no choice except accepting the given policy. If the user accepts the filter policies, the account will be activated; the user may send and receive messages. The activation date would be noted in the database. The admin could have a 'lastlogin' command to tell which accounts have been activated and when. If the user rejects the policy the mailbox remains deactivated. Maybe a notification about this should be sent to the (domain)admin. p@rick ## [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein

kerem commented 2026-02-27 11:12:02 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Jan 4, 2014):

Ok I see. That's an interesting idea, I guess it would be usefull for ISP.

<!-- gh-comment-id:31578525 --> @tonioo commented on GitHub (Jan 4, 2014): Ok I see. That's an interesting idea, I guess it would be usefull for ISP.

kerem commented 2026-02-27 11:12:02 +03:00

Author

Owner

Copy link

@patrickbenkoetter commented on GitHub (Jan 4, 2014):

• Antoine Nguyen reply@reply.github.com:

  Ok I see. That's an interesting idea, I guess it would be usefull for ISP.

I think it would be useful to any commercial organization that wants a good
mail administration frontend - at least in Germany.

p@rick

[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

<!-- gh-comment-id:31582841 --> @patrickbenkoetter commented on GitHub (Jan 4, 2014): - Antoine Nguyen reply@reply.github.com: > Ok I see. That's an interesting idea, I guess it would be usefull for ISP. I think it would be useful to any commercial organization that wants a good mail administration frontend - at least in Germany. p@rick ## [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein

kerem commented 2026-02-27 11:12:02 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Jan 4, 2014):

Le 04/01/2014 17:57, Patrick Ben Koetter a écrit :

• Antoine Nguyen reply@reply.github.com:

  Ok I see. That's an interesting idea, I guess it would be usefull
  for ISP.

I think it would be useful to any commercial organization that wants a
good
mail administration frontend - at least in Germany.

I don't know for other countries. France for example doesn't require
such a process.

<!-- gh-comment-id:31583900 --> @tonioo commented on GitHub (Jan 4, 2014): Le 04/01/2014 17:57, Patrick Ben Koetter a écrit : > - Antoine Nguyen reply@reply.github.com: > > Ok I see. That's an interesting idea, I guess it would be usefull > for ISP. > > I think it would be useful to any commercial organization that wants a > good > mail administration frontend - at least in Germany. > > I don't know for other countries. France for example doesn't require > such a process.

kerem commented 2026-02-27 11:12:02 +03:00

Author

Owner

Copy link

@almereyda commented on GitHub (Nov 23, 2016):

In my reading this would assume the secondary email option mandatory, am I right @patrickbenkoetter?

Also it may be linked to https://github.com/tonioo/modoboa/issues/892#issuecomment-262417834

<!-- gh-comment-id:262422074 --> @almereyda commented on GitHub (Nov 23, 2016): In my reading this would assume the secondary email option mandatory, am I right @patrickbenkoetter? Also it may be linked to https://github.com/tonioo/modoboa/issues/892#issuecomment-262417834

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

fix/sievefilters-allow-email-in-rule-name

dependabot/npm_and_yarn/frontend/axios-1.15.0

translations_04c0b653215cb5fa48ab101eae1a1917_ja_JP

translations_5d93982e9fd6dab991db4faf93ce9ded_ja_JP

fix/login-issue-3995

fix/sievefilters-issues

add-vitepress-openapi

2974-dmarc-empty-email

2.3.x

updated-doc-2.3.0

feature/OIDC

delete-all-alarms

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_af_ZA

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_ar

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_ca

1.x

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_sk

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_tr

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_es_ES

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_uk

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_zh_CN

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_de_DE

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_da_DK

1.8.x

1.7.x

1.6.x

1.4.x

1.3.x

1.2.x

2.8.2

2.8.1

2.8.0

2.7.2

2.7.1

2.7.0

2.6.5

2.6.4

2.6.3

2.6.2

2.6.1

2.6.0

2.5.1

2.5.0

2.4.11

2.4.10

2.4.9

2.4.8

2.4.7

2.4.6

2.4.5

2.4.4

2.4.3

2.4.2

2.4.1

2.4.0

2.3.6

2.3.5

2.3.4

2.3.3

2.3.2

2.3.1

2.3.0

2.3.0-beta.4

2.3.0-beta.3

2.3.0-beta.2

2.3.0-beta.1

2.2.4

2.2.3

2.2.2

2.2.1

2.2.0

2.1.2

2.1.1

2.1.0

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

2.0.0-beta.3

2.0.0-beta.2

2.0.0-beta.1

1.17.0

1.16.1

1.16.0

1.15.0

1.14.0

1.13.1

1.13.0

1.12.2

1.12.1

1.12.0

1.11.1

1.11.0

1.10.7

1.10.6

1.10.5

1.10.4

1.10.3

1.10.2

1.10.1

1.10.0

1.9.1

1.9.0

1.8.3

1.8.2

1.8.1

1.8.0

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.3

1.6.2

1.6.1

1.6.0

1.5.3

1.5.2

1.5.1

1.5.0

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.5

1.3.4

1.2.2

1.3.3

1.3.2

1.3.1

1.3.0

1.2.1

1.2.0

1.2.0-rc2

1.2.0-rc1

1.1.7

1.1.6

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.1

1.0.0

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9

0.8.8

0.8.7

0.8.6.1

0.8.6

0.8.5

0.8.4

0.8.3

0.8.3-rc1

0.8.2

0.8.1

0.8

0.8-rc2

0.8-rc1

0.7.2

0.7.1

0.7

0.6.1

0.6

0.5

0.3

0.2

0.1

Labels

Clear labels   

bug

  

bug

  

dependencies

  

design

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

feedback-needed

  

help-needed

  

help-needed

  

installer

  

invalid

  

looking-for-sponsors

  

modoboa-contacts

  

new-ui

  

new-ui

  

pr

  

pull-request

Mirrored from GitHub Pull Request

  

pyconfr

  

python

  

question

  

security

  

stale

  

webmail

  

wontfix

No labels

bug

bug

dependencies

design

documentation

duplicate

enhancement

enhancement

enhancement

feedback-needed

help-needed

help-needed

installer

invalid

looking-for-sponsors

modoboa-contacts

new-ui

new-ui

pr

pull-request

pyconfr

python

question

security

stale

webmail

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/modoboa-modoboa#487

No description provided.