diff options
| -rw-r--r-- | hel.nix | 62 |
1 files changed, 38 insertions, 24 deletions
| @@ -257,40 +257,54 @@ | |||
| 257 | destination = []; | 257 | destination = []; |
| 258 | relayHost = "uucp:ymir"; | 258 | relayHost = "uucp:ymir"; |
| 259 | recipientDelimiter = "+"; | 259 | recipientDelimiter = "+"; |
| 260 | extraMasterConf = '' | 260 | masterConfig = { |
| 261 | uucp unix - n n - - pipe flags=Fqhu user=uucp argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient) | 261 | uucp = { |
| 262 | sshsendmail unix - n n - - pipe flags=Fq user=postfix_ssh argv=${pkgs.openssh}/bin/ssh -F /var/db/postfix_ssh/ssh.config $nexthop sendmail -f $sender -G $recipient | 262 | type = "unix"; |
| 263 | ''; | 263 | private = true; |
| 264 | privileged = true; | ||
| 265 | chroot = false; | ||
| 266 | command = "pipe"; | ||
| 267 | args = [ "flags=Fqhu" "user=uucp" ''argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient)'' ]; | ||
| 268 | }; | ||
| 269 | sshsendmail = { | ||
| 270 | type = "unix"; | ||
| 271 | private = true; | ||
| 272 | privileged = true; | ||
| 273 | chroot = false; | ||
| 274 | command = "pipe"; | ||
| 275 | args = [ "flags=Fq" "user=postfix_ssh" ''argv=argv=${pkgs.openssh}/bin/ssh -F /var/db/postfix_ssh/ssh.config $nexthop sendmail -f $sender -G $recipient'' ]; | ||
| 276 | }; | ||
| 277 | }; | ||
| 264 | transport = '' | 278 | transport = '' |
| 265 | odin.asgard.yggdrasil uucp:odin | 279 | odin.asgard.yggdrasil uucp:odin |
| 266 | ''; | 280 | ''; |
| 267 | extraConfig = '' | 281 | config = { |
| 268 | always_bcc = gkleen+sent@odin.asgard.yggdrasil | 282 | always_bcc = "gkleen+sent@odin.asgard.yggdrasil"; |
| 269 | 283 | ||
| 270 | default_transport = uucp:ymir | 284 | default_transport = "uucp:ymir"; |
| 271 | 285 | ||
| 272 | inet_interfaces = loopback-only | 286 | inet_interfaces = "loopback-only"; |
| 273 | 287 | ||
| 274 | authorized_submit_users = !uucp, static:anyone | 288 | authorized_submit_users = ["!uucp" "static:anyone"]; |
| 275 | message_size_limit = 0 | 289 | message_size_limit = 0; |
| 276 | 290 | ||
| 277 | sender_dependent_default_transport_maps = regexp:${pkgs.writeText "sender_relay" '' | 291 | sender_dependent_default_transport_maps = ''regexp:${pkgs.writeText "sender_relay" '' |
| 278 | /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ sshsendmail:math60.mathinst.loc | 292 | /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ sshsendmail:math60.mathinst.loc |
| 279 | /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de | 293 | /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de |
| 280 | /@campus\.lmu\.de$/ smtp:postout.lrz.de | 294 | /@campus\.lmu\.de$/ smtp:postout.lrz.de |
| 281 | ''} | 295 | ''}''; |
| 282 | 296 | ||
| 283 | smtp_sasl_auth_enable = yes | 297 | smtp_sasl_auth_enable = true; |
| 284 | smtp_sender_dependent_authentication = yes | 298 | smtp_sender_dependent_authentication = true; |
| 285 | smtp_sasl_tls_security_options = noanonymous | 299 | smtp_sasl_tls_security_options = "noanonymous"; |
| 286 | smtp_tls_security_level = dane | 300 | smtp_tls_security_level = "dane"; |
| 287 | smtp_sasl_password_maps = texthash:/var/db/postfix/sasl_passwd | 301 | smtp_sasl_password_maps = "texthash:/var/db/postfix/sasl_passwd"; |
| 288 | smtp_cname_overrides_servername = no | 302 | smtp_cname_overrides_servername = false; |
| 289 | smtp_always_send_ehlo = yes | 303 | smtp_always_send_ehlo = true; |
| 290 | 304 | ||
| 291 | smtp_tls_loglevel = 1 | 305 | smtp_tls_loglevel = 1; |
| 292 | smtp_dns_support_level = dnssec | 306 | smtp_dns_support_level = "dnssec"; |
| 293 | ''; | 307 | }; |
| 294 | }; | 308 | }; |
| 295 | 309 | ||
| 296 | printing = { | 310 | printing = { |