the postfix nixos module has stupid defaults
This commit is contained in:
parent
c2149ec639
commit
ec5f15946e
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
domain = config.networking.domain;
|
||||
hostname = "mail.${config.networking.domain}";
|
||||
|
@ -46,7 +46,7 @@ in
|
|||
smtpd_banner = "${config.networking.rDNS} ESMTP $mail_name";
|
||||
# allow non-tls connections for server-to-server communication
|
||||
smtp_tls_security_level = "may";
|
||||
smtpd_tls_security_level = "encrypt";
|
||||
smtpd_tls_security_level = lib.mkForce "encrypt";
|
||||
smtpd_tls_auth_only = true;
|
||||
smtpd_tls_protocols = [
|
||||
"!SSLv2"
|
||||
|
|
Loading…
Reference in a new issue