diff options
-rw-r--r-- | hosts/surtr/email/default.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 42b50c88..80611c3c 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
@@ -233,7 +233,11 @@ in { | |||
233 | "-o" "{smtpd_sender_restrictions = reject_unknown_sender_domain,reject_unverified_sender,check_policy_service unix:/run/postfix-ccert-sender-policy.sock}" | 233 | "-o" "{smtpd_sender_restrictions = reject_unknown_sender_domain,reject_unverified_sender,check_policy_service unix:/run/postfix-ccert-sender-policy.sock}" |
234 | "-o" "unverified_sender_reject_code=550" | 234 | "-o" "unverified_sender_reject_code=550" |
235 | "-o" "unverified_sender_reject_reason={Sender address rejected: undeliverable address}" | 235 | "-o" "unverified_sender_reject_reason={Sender address rejected: undeliverable address}" |
236 | "-o" "smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_tls_all_clientcerts,reject" | 236 | "-o" ''{smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,check_recipient_access pgsql:${pkgs.writeText "check_recipient_access.cf" '' |
237 | hosts = postgresql:///email | ||
238 | dbname = email | ||
239 | query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' | ||
240 | ''},permit_tls_all_clientcerts,reject}'' | ||
237 | "-o" "milter_macro_daemon_name=surtr.yggdrasil.li" | 241 | "-o" "milter_macro_daemon_name=surtr.yggdrasil.li" |
238 | "-o" ''smtpd_milters=${config.services.opendkim.socket}'' | 242 | "-o" ''smtpd_milters=${config.services.opendkim.socket}'' |
239 | ]; | 243 | ]; |