verify mail senders
This commit is contained in:
parent
93baff94f1
commit
ffeb47cd5e
|
@ -24,6 +24,11 @@ let
|
|||
/^\s*X-Originating-IP/ IGNORE
|
||||
/^\s*Mime-Version/ IGNORE
|
||||
'';
|
||||
# https://unix.stackexchange.com/questions/294300/postfix-prevent-users-from-changing-the-real-e-mail-address
|
||||
login_maps = pkgs.writeText "login_maps.pcre" ''
|
||||
# basic username => username@ifsr.de
|
||||
/^([^@+]*)(\+[^@]*)?@ifsr\.de$/ ''${1}
|
||||
'';
|
||||
in
|
||||
{
|
||||
sops.secrets."rspamd-password".owner = config.users.users.rspamd.name;
|
||||
|
@ -119,6 +124,13 @@ in
|
|||
smtpd_data_restrictions = [
|
||||
"reject_unauth_pipelining"
|
||||
];
|
||||
smtpd_sender_restrictions = [
|
||||
"reject_authenticated_sender_login_mismatch"
|
||||
];
|
||||
smtpd_sender_login_maps = [
|
||||
"pcre:/etc/special-aliases.pcre"
|
||||
"pcre:${login_maps}"
|
||||
];
|
||||
smtp_header_checks = "pcre:${header_cleanup}";
|
||||
# smtpd_sender_login_maps = [ "ldap:${ldap-senders}" ];
|
||||
alias_maps = [ "hash:/etc/aliases" ];
|
||||
|
|
Loading…
Reference in a new issue