summaryrefslogtreecommitdiff
path: root/hosts
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-12-28 14:41:26 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-12-28 14:41:26 +0100
commit1ea789d49e44c4bdbe7f02bfbfc81db2b0725614 (patch)
treead4bfa914b61cc1af478431cef49be0e2f8e85f3 /hosts
parent33e9ba7f890a9b92c2f3741d64668963413003c3 (diff)
downloadnixos-1ea789d49e44c4bdbe7f02bfbfc81db2b0725614.tar
nixos-1ea789d49e44c4bdbe7f02bfbfc81db2b0725614.tar.gz
nixos-1ea789d49e44c4bdbe7f02bfbfc81db2b0725614.tar.bz2
nixos-1ea789d49e44c4bdbe7f02bfbfc81db2b0725614.tar.xz
nixos-1ea789d49e44c4bdbe7f02bfbfc81db2b0725614.zip
...
Diffstat (limited to 'hosts')
-rw-r--r--hosts/surtr/email/default.nix12
1 files changed, 12 insertions, 0 deletions
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix
index a2e93e32..3d0b43ee 100644
--- a/hosts/surtr/email/default.nix
+++ b/hosts/surtr/email/default.nix
@@ -228,6 +228,8 @@ in {
228 "-o" "smtpd_tls_wrappermode=yes" 228 "-o" "smtpd_tls_wrappermode=yes"
229 "-o" "smtpd_tls_ask_ccert=yes" 229 "-o" "smtpd_tls_ask_ccert=yes"
230 "-o" "smtpd_tls_req_ccert=yes" 230 "-o" "smtpd_tls_req_ccert=yes"
231 "-o" "smtpd_tls_received_header=no"
232 "-o" "cleanup_service_name=subcleanup"
231 "-o" "smtpd_client_restrictions=permit_tls_all_clientcerts,reject" 233 "-o" "smtpd_client_restrictions=permit_tls_all_clientcerts,reject"
232 "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}" 234 "-o" "{smtpd_data_restrictions = check_policy_service unix:/run/postfwd3/postfwd3.sock}"
233 "-o" "smtpd_relay_restrictions=permit_tls_all_clientcerts,reject" 235 "-o" "smtpd_relay_restrictions=permit_tls_all_clientcerts,reject"
@@ -243,6 +245,16 @@ in {
243 "-o" ''smtpd_milters=${config.services.opendkim.socket}'' 245 "-o" ''smtpd_milters=${config.services.opendkim.socket}''
244 ]; 246 ];
245 }; 247 };
248 subcleanup = {
249 command = "cleanup";
250 private = false;
251 maxproc = 0;
252 args = [
253 "-o" "header_checks=pcre:${pkgs.writeText "header_checks_submission" ''
254 /^Received: from [^ ]+ \([^ ]+ [^ ]+\)\s+(.*)$/ REPLACE Received: $1
255 ''}"
256 ];
257 };
246 dvlmtp = { 258 dvlmtp = {
247 command = "lmtp"; 259 command = "lmtp";
248 args = [ 260 args = [
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-21 14:33:20 +0000