rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

mail: a lot of improvements

Browse source
This commit is contained in:
Rouven Seifert 2024-03-04 20:04:18 +01:00
parent 6159a76a85
commit cb11bc0764
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
1 changed files with 10 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
hosts/falkenstein/modules/mail/default.nix
View file

@ -81,7 +81,6 @@ in
smtpd_sasl_path = "/var/lib/postfix/auth"; smtpd_sasl_path = "/var/lib/postfix/auth";
smtpd_sasl_type = "dovecot"; smtpd_sasl_type = "dovecot";
mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; mailbox_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp";
}; };
}; };
@ -203,31 +202,26 @@ in
password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy"; password = "$2$g1jh7t5cxschj11set5wksd656ixd5ie$cgwrj53hfb87xndqbh5r3ow9qfi1ejii8dxok1ihbnhamccn1rxy";
''; '';
"redis.conf".text = '' "redis.conf".text = ''
read_servers = "127.0.0.1"; read_servers = "/run/redis-rspamd/redis.sock";
write_servers = "127.0.0.1"; write_servers = "/run/redis-rspamd/redis.sock";
''; '';
"milter_headers.conf".text = '' "milter_headers.conf".text = ''
use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ]; use = ["x-spam-level", "x-spam-status", "x-spamd-result", "authentication-results" ];
''; '';
"dmarc.conf".text = '' "dmarc.conf".text = ''
reporting { reporting {
# Required attributes enabled = true;
enabled = true; # Enable reports in general email = 'reports@${config.networking.domain}';
email = 'reports@${config.networking.domain}'; # Source of DMARC reports domain = '${config.networking.domain}';
domain = '${config.networking.domain}'; # Domain to serve org_name = '${config.networking.domain}';
org_name = '${config.networking.domain}'; # Organisation
from_name = 'DMARC Aggregate Report'; from_name = 'DMARC Aggregate Report';
} }
''; '';
"dkim_signing.conf".text = '' "dkim_signing.conf".text = ''
selector = "rspamd"; selector = "rspamd";
allow_username_mismatch = true; allow_username_mismatch = true;
domain { allow_hdrfrom_mismatch = true;
rfive.de { path = /var/lib/rspamd/dkim/$domain.key;
path = /var/lib/rspamd/dkim/rfive.key;
selector = "rspamd";
}
}
''; '';
}; };
}; };
@ -235,7 +229,6 @@ in
vmOverCommit = true; vmOverCommit = true;
servers.rspamd = { servers.rspamd = {
enable = true; enable = true;
port = 6379;
}; };
}; };
}; };
@ -262,6 +255,7 @@ in
}; };
}; };
}; };
users.users.rspamd.extraGroups = [ "redis-rspamd" ];
systemd = { systemd = {
services.rspamd-dmarc-report = { services.rspamd-dmarc-report = {
description = "rspamd dmarc reporter"; description = "rspamd dmarc reporter";
@ -271,16 +265,7 @@ in
User = "rspamd"; User = "rspamd";
Group = "rspamd"; Group = "rspamd";
}; };
startAt = "daily";
}; };
timers.rspamd-dmarc-report = {
description = "Timer for daily dmarc reports";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Unit = "rspamd-dmarc-report.service";
};
};
}; };
} }