wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

Fix IPv6 mail sending, add noreply alias

Browse source
This commit is contained in:
Lyn Fugmann 2023-07-06 01:10:47 +02:00
parent 1d9359416d
commit 9be95bc7d7
Signed by: fugi
GPG key ID: 4472A20091BFA792
1 changed files with 33 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
modules/mail.nix
View file

@ -39,7 +39,7 @@ in
domain = "${domain}"; domain = "${domain}";
origin = "${domain}"; origin = "${domain}";
destination = [ "${hostname}" "${domain}" "localhost" ]; destination = [ "${hostname}" "${domain}" "localhost" ];
networks = [ "127.0.0.1" "141.30.30.169" ]; networksStyle = "host"; # localhost and own public IP
sslCert = "/var/lib/acme/${hostname}/fullchain.pem"; sslCert = "/var/lib/acme/${hostname}/fullchain.pem";
sslKey = "/var/lib/acme/${hostname}/key.pem"; sslKey = "/var/lib/acme/${hostname}/key.pem";
relayDomains = [ "hash:/var/lib/mailman/data/postfix_domains" ]; relayDomains = [ "hash:/var/lib/mailman/data/postfix_domains" ];
@ -47,7 +47,6 @@ in
extraAliases = '' extraAliases = ''
# Taken from kaki, maybe we can throw out some at some point # Taken from kaki, maybe we can throw out some at some point
# General redirections for pseudo accounts # General redirections for pseudo accounts
postmaster: root
bin: root bin: root
daemon: root daemon: root
named: root named: root
@ -62,9 +61,13 @@ in
dumper: root dumper: root
operator: root operator: root
abuse: postmaster abuse: postmaster
postmaster: root
# trap decode to catch security attacks # trap decode to catch security attacks
decode: root decode: root
# yeet into the void
noreply: /dev/null
''; '';
config = { config = {
home_mailbox = "Maildir/"; home_mailbox = "Maildir/";
@ -153,37 +156,36 @@ in
pkgs.dovecot_pigeonhole pkgs.dovecot_pigeonhole
]; ];
extraConfig = '' extraConfig = ''
auth_username_format = %Ln auth_username_format = %Ln
passdb { passdb {
driver = ldap driver = ldap
args = ${dovecot-ldap-args} args = ${dovecot-ldap-args}
}
userdb {
driver = ldap
args = ${dovecot-ldap-args}
}
service auth {
unix_listener /var/lib/postfix/auth {
group = postfix
mode = 0660
user = postfix
} }
userdb { }
driver = ldap service managesieve-login {
args = ${dovecot-ldap-args} inet_listener sieve {
port = 4190
} }
service auth { service_count = 1
unix_listener /var/lib/postfix/auth { }
group = postfix service lmtp {
mode = 0660 unix_listener dovecot-lmtp {
user = postfix group = postfix
} mode = 0600
user = postfix
} }
service managesieve-login { client_limit = 1
inet_listener sieve { }
port = 4190
}
service_count = 1
}
service lmtp {
unix_listener dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
client_limit = 1
}
''; '';
}; };
opendkim = { opendkim = {
@ -191,7 +193,7 @@ in
domains = "csl:${config.fsr.domain}"; domains = "csl:${config.fsr.domain}";
selector = config.networking.hostName; selector = config.networking.hostName;
configFile = pkgs.writeText "opendkim-config" '' configFile = pkgs.writeText "opendkim-config" ''
UMask 0117 UMask 0117
''; '';
}; };
rspamd = { rspamd = {