summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ymir.nix30
1 files changed, 17 insertions, 13 deletions
diff --git a/ymir.nix b/ymir.nix
index 4983dd43..6f65fb03 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -604,6 +604,16 @@ in rec {
604 sender_canonical_classes = "envelope_sender"; 604 sender_canonical_classes = "envelope_sender";
605 recipient_canonical_maps = "tcp:localhost:10002"; 605 recipient_canonical_maps = "tcp:localhost:10002";
606 recipient_canonical_classes = ["envelope_recipient" "header_recipient"]; 606 recipient_canonical_classes = ["envelope_recipient" "header_recipient"];
607
608 smtpd_discard_ehlo_keyword_address_maps = "cidr:${pkgs.writeText "esmtp_access" ''
609 # Allow DSN requests from local subnet only
610 192.168.0.0/16 silent-discard
611 172.16.0.0/12 silent-discard
612 10.0.0.0/8 silent-discard
613 0.0.0.0/0 silent-discard, dsn
614 fd00::/8 silent-discard
615 ::/0 silent-discard, dsn
616 ''}";
607 }; 617 };
608 masterConfig = { 618 masterConfig = {
609 uucp = { 619 uucp = {
@@ -683,18 +693,6 @@ in rec {
683 ''; 693 '';
684 }; 694 };
685 695
686 services.postgrey = {
687 enable = false;
688 socket = {
689 path = "/var/lib/postfix/queue/private/policy-greylist";
690 mode = "0777";
691 };
692 delay = 60;
693 autoWhitelist = 1;
694 maxAge = 7;
695 retryWindow = 1;
696 };
697
698 services.dovecot2 = { 696 services.dovecot2 = {
699 enable = true; 697 enable = true;
700 enableImap = true; 698 enableImap = true;
@@ -1092,8 +1090,14 @@ in rec {
1092 }; 1090 };
1093 locals = { 1091 locals = {
1094 "milter_headers.conf".text = '' 1092 "milter_headers.conf".text = ''
1095 extended_spam_headers = true; 1093 use = ["authentication-results", "x-spamd-bar", "x-stat-signature"];
1094 '';
1095 "actions.conf".text = ''
1096 reject = 150;
1097 add_header = 6;
1098 greylist = 4;
1096 ''; 1099 '';
1097 }; 1100 };
1098 }; 1101 };
1102
1099} 1103}