Add a separate sendingFqdn option

This commit is contained in:
James ‘Twey’ Kay 2020-09-05 21:23:15 +01:00 committed by lewo
parent 358cfcdfbe
commit 5cd6f8e7b3
2 changed files with 28 additions and 2 deletions

View File

@ -1,4 +1,3 @@
# nixos-mailserver: a simple mail server # nixos-mailserver: a simple mail server
# Copyright (C) 2016-2018 Robin Raymond # Copyright (C) 2016-2018 Robin Raymond
# #
@ -555,6 +554,33 @@ in
''; '';
}; };
sendingFqdn = mkOption {
type = types.str;
default = cfg.fqdn;
defaultText = "config.mailserver.fqdn";
example = "myserver.example.com";
description = ''
The fully qualified domain name of the mail server used to
identify with remote servers.
If this server's IP serves purposes other than a mail server,
it may be desirable for the server to have a name other than
that to which the user will connect. For example, the user
might connect to mx.example.com, but the server's IP has
reverse DNS that resolves to myserver.example.com; in this
scenario, some mail servers may reject or penalize the
message.
This setting allows the server to identify as
myserver.example.com when forwarding mail, independently of
`fqdn` (which, for SSL reasons, should generally be the name
to which the user connects).
Set this to the name to which the sending IP's reverse DNS
resolves.
'';
};
policydSPFExtraConfig = mkOption { policydSPFExtraConfig = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";

View File

@ -125,7 +125,7 @@ in
services.postfix = { services.postfix = {
enable = true; enable = true;
hostname = "${fqdn}"; hostname = "${sendingFqdn}";
networksStyle = "host"; networksStyle = "host";
mapFiles."valias" = valiases_file; mapFiles."valias" = valiases_file;
mapFiles."vaccounts" = vaccounts_file; mapFiles."vaccounts" = vaccounts_file;