summaryrefslogtreecommitdiff
path: root/ymir.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2016-04-28 18:00:10 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2016-04-28 18:00:10 +0200
commit6811e39f4b065bf2271b57d0dd5aa58db14e9b7e (patch)
tree9864aeb21767550b8825ab5b4555ba9d3e7d0ee1 /ymir.nix
parente52549d862beb629970b12b349b959f11955d93f (diff)
downloadnixos-6811e39f4b065bf2271b57d0dd5aa58db14e9b7e.tar
nixos-6811e39f4b065bf2271b57d0dd5aa58db14e9b7e.tar.gz
nixos-6811e39f4b065bf2271b57d0dd5aa58db14e9b7e.tar.bz2
nixos-6811e39f4b065bf2271b57d0dd5aa58db14e9b7e.tar.xz
nixos-6811e39f4b065bf2271b57d0dd5aa58db14e9b7e.zip
basic restrictions
Diffstat (limited to 'ymir.nix')
-rw-r--r--ymir.nix22
1 files changed, 22 insertions, 0 deletions
diff --git a/ymir.nix b/ymir.nix
index 8b2e1b12..80f1f11f 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -335,6 +335,28 @@ in rec {
335 smtpd_sasl_security_options = noanonymous, noplaintext 335 smtpd_sasl_security_options = noanonymous, noplaintext
336 smtpd_sasl_tls_security_options = noanonymous 336 smtpd_sasl_tls_security_options = noanonymous
337 smtpd_tls_auth_only = yes 337 smtpd_tls_auth_only = yes
338
339 smtpd_delay_reject = yes
340 smtpd_helo_required = yes
341 smtpd_helo_restrictions =
342 permit_mynetworks,
343 reject_non_fqdn_helo_hostname,
344 reject_invalid_helo_hostname,
345 permit
346
347 smtpd_sender_restrictions =
348 permit_mynetworks,
349 reject_non_fqdn_sender,
350 reject_unknown_sender_domain,
351 permit
352
353 smtpd_recipient_restrictions =
354 reject_unauth_pipelining,
355 reject_non_fqdn_recipient,
356 reject_unknown_recipient_domain,
357 permit_mynetworks,
358 reject_unauth_destination,
359 permit
338 ''; 360 '';
339 extraMasterConf = '' 361 extraMasterConf = ''
340 uucp unix - n n - - pipe flags=Fqhu user=uucp argv=/var/setuid-wrappers/uux -z -a$sender - $nexthop!rmail ($recipient) 362 uucp unix - n n - - pipe flags=Fqhu user=uucp argv=/var/setuid-wrappers/uux -z -a$sender - $nexthop!rmail ($recipient)