From a436ce952a30b49ba2da98c12cbdfbd5feba6c3f Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Fri, 16 Dec 2022 20:58:41 +0100 Subject: ... --- hosts/surtr/email/default.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'hosts/surtr') diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 42b50c88..80611c3c 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix @@ -233,7 +233,11 @@ in { "-o" "{smtpd_sender_restrictions = reject_unknown_sender_domain,reject_unverified_sender,check_policy_service unix:/run/postfix-ccert-sender-policy.sock}" "-o" "unverified_sender_reject_code=550" "-o" "unverified_sender_reject_reason={Sender address rejected: undeliverable address}" - "-o" "smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_tls_all_clientcerts,reject" + "-o" ''{smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,check_recipient_access pgsql:${pkgs.writeText "check_recipient_access.cf" '' + hosts = postgresql:///email + dbname = email + query = SELECT action FROM virtual_mailbox_access WHERE lookup = '%s' + ''},permit_tls_all_clientcerts,reject}'' "-o" "milter_macro_daemon_name=surtr.yggdrasil.li" "-o" ''smtpd_milters=${config.services.opendkim.socket}'' ]; -- cgit v1.2.3