diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-15 14:41:49 +0200 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-15 14:41:49 +0200 |
| commit | 355b6d4ec02ad535b93ce314dd5734e8c6028dbc (patch) | |
| tree | 401e8e871f65e9b4fb153efc971f21c5323910af /hosts/surtr/email/default.nix | |
| parent | c4b323d77c1f34b294406052d598c6a37a045765 (diff) | |
| download | nixos-355b6d4ec02ad535b93ce314dd5734e8c6028dbc.tar nixos-355b6d4ec02ad535b93ce314dd5734e8c6028dbc.tar.gz nixos-355b6d4ec02ad535b93ce314dd5734e8c6028dbc.tar.bz2 nixos-355b6d4ec02ad535b93ce314dd5734e8c6028dbc.tar.xz nixos-355b6d4ec02ad535b93ce314dd5734e8c6028dbc.zip | |
surtr: ...
Diffstat (limited to 'hosts/surtr/email/default.nix')
| -rw-r--r-- | hosts/surtr/email/default.nix | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 2ddff519..57883864 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
| @@ -37,7 +37,7 @@ in { | |||
| 37 | services.postfix = { | 37 | services.postfix = { |
| 38 | enable = true; | 38 | enable = true; |
| 39 | hostname = "surtr.yggdrasil.li"; | 39 | hostname = "surtr.yggdrasil.li"; |
| 40 | recipientDelimiter = "+"; | 40 | recipientDelimiter = ""; |
| 41 | setSendmail = true; | 41 | setSendmail = true; |
| 42 | postmasterAlias = ""; rootAlias = ""; extraAliases = ""; | 42 | postmasterAlias = ""; rootAlias = ""; extraAliases = ""; |
| 43 | destination = []; | 43 | destination = []; |
| @@ -100,6 +100,11 @@ in { | |||
| 100 | "reject_unauth_pipelining" | 100 | "reject_unauth_pipelining" |
| 101 | "reject_non_fqdn_recipient" | 101 | "reject_non_fqdn_recipient" |
| 102 | "reject_unknown_recipient_domain" | 102 | "reject_unknown_recipient_domain" |
| 103 | "check_recipient_access pgsql:${pkgs.writeText "check_recipient_access.cf" '' | ||
| 104 | hosts = postgresql:///email | ||
| 105 | dbname = email | ||
| 106 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' | ||
| 107 | ''}" | ||
| 103 | "permit_mynetworks" | 108 | "permit_mynetworks" |
| 104 | "check_ccert_access ${relay_ccert}" | 109 | "check_ccert_access ${relay_ccert}" |
| 105 | "reject_non_fqdn_helo_hostname" | 110 | "reject_non_fqdn_helo_hostname" |
| @@ -156,7 +161,8 @@ in { | |||
| 156 | dbname = email | 161 | dbname = email |
| 157 | query = SELECT 1 FROM virtual_mailbox_mapping WHERE lookup = '%s' | 162 | query = SELECT 1 FROM virtual_mailbox_mapping WHERE lookup = '%s' |
| 158 | ''}''; | 163 | ''}''; |
| 159 | virtual_transport = "lmtp:unix:/run/postfix/dovecot-lmtp"; | 164 | dvlmtp_destination_recipient_limit = "1"; |
| 165 | virtual_transport = "dvlmtp:unix:/run/postfix/dovecot-lmtp"; | ||
| 160 | }; | 166 | }; |
| 161 | masterConfig = { | 167 | masterConfig = { |
| 162 | smtps = { | 168 | smtps = { |
| @@ -174,6 +180,12 @@ in { | |||
| 174 | "-o" ''smtpd_milters=${config.services.opendkim.socket}'' | 180 | "-o" ''smtpd_milters=${config.services.opendkim.socket}'' |
| 175 | ]; | 181 | ]; |
| 176 | }; | 182 | }; |
| 183 | dvlmtp = { | ||
| 184 | command = "lmtp"; | ||
| 185 | args = [ | ||
| 186 | "flags=DORX" | ||
| 187 | ]; | ||
| 188 | }; | ||
| 177 | }; | 189 | }; |
| 178 | }; | 190 | }; |
| 179 | 191 | ||
| @@ -375,7 +387,7 @@ in { | |||
| 375 | args = ${pkgs.writeText "dovecot-sql.conf" '' | 387 | args = ${pkgs.writeText "dovecot-sql.conf" '' |
| 376 | driver = pgsql | 388 | driver = pgsql |
| 377 | connect = dbname=email | 389 | connect = dbname=email |
| 378 | user_query = SELECT DISTINCT ON (local IS NULL) "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM lmtp_mapping WHERE (local = '%n' AND domain = '%d') OR (local IS NULL AND domain = '%d') ORDER BY (local IS NULL) ASC | 390 | user_query = SELECT DISTINCT ON (extension IS NULL, local IS NULL) "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM lmtp_mapping WHERE CASE WHEN extension IS NOT NULL AND local IS NOT NULL THEN ('%n' :: citext) = local || '+' || extension AND domain = ('%d' :: citext) WHEN local IS NOT NULL THEN (local = ('%n' :: citext) OR ('%n' :: citext) ILIKE local || '+%%') AND domain = ('%d' :: citext) WHEN extension IS NOT NULL THEN ('%n' :: citext) ILIKE '%%+' || extension AND domain = ('%d' :: citext) ELSE domain = ('%d' :: citext) END ORDER BY (extension IS NULL) ASC, (local IS NULL) ASC |
| 379 | ''} | 391 | ''} |
| 380 | 392 | ||
| 381 | skip = never | 393 | skip = never |
| @@ -387,7 +399,8 @@ in { | |||
| 387 | mail_plugins = $mail_plugins quota | 399 | mail_plugins = $mail_plugins quota |
| 388 | mailbox_list_index = yes | 400 | mailbox_list_index = yes |
| 389 | postmaster_address = postmaster@yggdrasil.li | 401 | postmaster_address = postmaster@yggdrasil.li |
| 390 | recipient_delimiter = + | 402 | recipient_delimiter = |
| 403 | auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-+_@ | ||
| 391 | 404 | ||
| 392 | service lmtp { | 405 | service lmtp { |
| 393 | vsz_limit = 1G | 406 | vsz_limit = 1G |