From 5cd6f8e7b3f5d5bf56e407c5e79a682cb250d911 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?James=20=E2=80=98Twey=E2=80=99=20Kay?= Date: Sat, 5 Sep 2020 21:23:15 +0100 Subject: [PATCH] Add a separate sendingFqdn option --- default.nix | 28 +++++++++++++++++++++++++++- mail-server/postfix.nix | 2 +- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/default.nix b/default.nix index 6b96acd..22180ec 100644 --- a/default.nix +++ b/default.nix @@ -1,4 +1,3 @@ - # nixos-mailserver: a simple mail server # Copyright (C) 2016-2018 Robin Raymond # @@ -555,6 +554,33 @@ in ''; }; + sendingFqdn = mkOption { + type = types.str; + default = cfg.fqdn; + defaultText = "config.mailserver.fqdn"; + example = "myserver.example.com"; + description = '' + The fully qualified domain name of the mail server used to + identify with remote servers. + + If this server's IP serves purposes other than a mail server, + it may be desirable for the server to have a name other than + that to which the user will connect. For example, the user + might connect to mx.example.com, but the server's IP has + reverse DNS that resolves to myserver.example.com; in this + scenario, some mail servers may reject or penalize the + message. + + This setting allows the server to identify as + myserver.example.com when forwarding mail, independently of + `fqdn` (which, for SSL reasons, should generally be the name + to which the user connects). + + Set this to the name to which the sending IP's reverse DNS + resolves. + ''; + }; + policydSPFExtraConfig = mkOption { type = types.lines; default = ""; diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index d3ca4fe..f41bd38 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -125,7 +125,7 @@ in services.postfix = { enable = true; - hostname = "${fqdn}"; + hostname = "${sendingFqdn}"; networksStyle = "host"; mapFiles."valias" = valiases_file; mapFiles."vaccounts" = vaccounts_file;