1 files changed, 15 insertions, 4 deletions

diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix
index 85f3a439..c993bb18 100644
--- a/hosts/surtr/email/default.nix
+++ b/hosts/surtr/email/default.nix
@@ -268,13 +268,24 @@ in {
         virtual_transport = "dvlmtp:unix:/run/dovecot-lmtp";
         smtputf8_enable = false;
 
-        authorized_submit_users = "inline:{ postfwd= dovecot2= }";
-        authorized_flush_users = "fail:flush_users";
-        authorized_mailq_users = "fail:mailq_users";
+        authorized_submit_users = "inline:{ root= postfwd= dovecot2= }";
+        authorized_flush_users = "inline:{ root= }";
+        authorized_mailq_users = "inline:{ root= }";
 
         postscreen_access_list = "";
         postscreen_denylist_action = "drop";
         postscreen_greet_action = "enforce";
+
+        sender_bcc_maps = ''pgsql:${pkgs.writeText "sender_bcc_maps.cf" ''
+          hosts = postgresql:///email
+          dbname = email
+          query = SELECT value FROM sender_bcc_maps WHERE key = '%s'
+        ''}'';
+        recipient_bcc_maps = ''pgsql:${pkgs.writeText "recipient_bcc_maps.cf" ''
+          hosts = postgresql:///email
+          dbname = email
+          query = SELECT value FROM recipient_bcc_maps WHERE key = '%s'
+        ''}'';
       };
       masterConfig = {
         "465" = {
@@ -392,7 +403,7 @@ in {
       enable = true;
       user = "postfix"; group = "postfix";
       socket = "local:/run/opendkim/opendkim.sock";
-      domains = ''csl:${concatStringsSep "," (["surtr.yggdrasil.li"] ++ emailDomains)}'';
+      domains = ''csl:${concatStringsSep "," (["surtr.yggdrasil.li" "yggdrasil.li" "141.li" "kleen.li" "synapse.li" "praseodym.org"] ++ emailDomains)}'';
       selector = "surtr";
       configFile = builtins.toFile "opendkim.conf" ''
         Syslog true