2026-02-10 21:19:13 +00:00
|
|
|
# Rust Migration Plan
|
|
|
|
|
|
|
|
|
|
## Completed Phases
|
|
|
|
|
|
|
|
|
|
### Phase 3: Rust Primary Backend (DKIM/SPF/DMARC/IP Reputation)
|
|
|
|
|
- Rust is the mandatory security backend — no TS fallbacks
|
|
|
|
|
- All DKIM signing/verification, SPF, DMARC, IP reputation through Rust bridge
|
|
|
|
|
|
|
|
|
|
### Phase 5: BounceManager + ContentScanner
|
|
|
|
|
- BounceManager bounce detection delegated to Rust `detectBounce` IPC command
|
|
|
|
|
- ContentScanner pattern matching delegated to new Rust `scanContent` IPC command
|
|
|
|
|
- New module: `rust/crates/mailer-security/src/content_scanner.rs` (10 Rust tests)
|
|
|
|
|
- ~215 lines removed from BounceManager, ~350 lines removed from ContentScanner
|
|
|
|
|
- Binary attachment scanning (PE headers, VBA macros) stays in TS
|
|
|
|
|
- Custom rules (runtime-configured) stay in TS
|
|
|
|
|
- Net change: ~-560 TS lines, +265 Rust lines
|
|
|
|
|
|
|
|
|
|
## Deferred
|
|
|
|
|
|
|
|
|
|
| Component | Rationale |
|
|
|
|
|
|-----------|-----------|
|
|
|
|
|
| EmailValidator | Already thin; uses smartmail; minimal gain |
|
|
|
|
|
| DNS record generation | Pure string building; zero benefit from Rust |
|
|
|
|
|
| MIME building (`toRFC822String`) | Sync in TS, async via IPC; too much blast radius |
|
