christian
/
nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
345 Commits 1 Branch 0 Tags 167 MiB
Commit Graph

51 Commits

Author SHA1 Message Date
Brian Olsen e32a915489 postfix: Use pypolicyd-spf for SPF checking 2018-06-29 21:35:16 +09:30
Brian Olsen f209fa3bf3 postfix: use masterConfig option instead of extraMasterConf 
extraMasterConf is just a string while masterConfig is a nix module so
the options are more explicit and has help text.
 2018-06-29 21:35:16 +09:30
Brian Olsen 7036371f75 Use OpenDKIM instead of rmilter for DKIM 
As part of #61 this moves DKIM handling from rmilter to OpenDKIM.
 2018-06-29 21:35:16 +09:30
Brian Olsen 8a27b941bf Start dovecot before postfix and add target for certificates 
It seemed weird to me that preStart on postfix was used to generate
files not needed directly by postfix and for the self-signed
certificate which is also needed by dovecot. nginx.service was also
used as a proxy for when ACME certificate generation was done.

So I have created mailserver-certificates.target for when certificates
are available for other services. For self-signed that means that a
new oneshot service called mailserver-selfsigned-certificate has been
run. And for ACME this means that the target
acme-selfsigned-certificates has been reached (which is when acme has
created the self-signed certificates used before the actual
certificates provided by LetsEncrypt are created). This setup has the
added bonus that if you want to run a service to provide your own
certificates you can set that to run before
mailserver-certificates.target.

DH Parameters are only needed by dovecot so generation of that file has
been moved to the dovecot2 preStart.

And lastly the only remaining reason to for dovecot to start before
postfix was that the auth and lmtp sockets where located in a directory
created by postfix. But since they could just as well be located in
/run/dovecot2 as long as postfix has access to them I have moved them
there.
 2018-06-29 21:35:16 +09:30
Robin Raymond 6d3ab77a5d
Merge pull request #114 from geistesk/message-id 
Fog user's hostname in the Message-ID
 2018-05-10 13:05:32 +02:00
Daniel Frank f613779999 Allow rejecting mails to selected local addresses from remote systems 2018-04-15 01:49:26 +02:00
geistesk 386faf960c Fog user's hostname in the Message-ID 2018-04-09 22:14:17 +02:00
Robin Raymond e4c6682eb9 Merge branch 'master' of github.com:r-raymond/nixos-mailserver 2018-04-08 15:28:58 +02:00
Robin Raymond c28d7756c1
Merge pull request #101 from tokudan/mydestination 
Avoid accepting mail to xyz@localhost from remote systems
 2018-04-08 15:25:48 +02:00
geistesk c0df22aaae Support for multiple extraVirtualAliases 
Should fix #104 by introducing

```
extraVirtualAliases = {
  "single-alias@domain.foobar" = "user1@domain.foobar";
  "multi-alias@domain.foobar" = [
    "user1@domain.foobar" "user2@domain.foobar" ];
};
```
 2018-04-03 11:52:03 +02:00
Daniel Frank f283b6750b Avoid accepting mail to xyz@localhost. Local email should be aliased to another user anyway. 2018-03-10 17:13:30 +01:00
Robin Raymond f69081226d
Merge pull request #98 from tokudan/fix_backscatter 
Avoid backscattering on unknown recipients. Fixes #97
 2018-03-06 16:00:54 +01:00
Daniel Frank 330cc73089 Avoid backscattering on unknown recipients. Fixes #97 2018-03-05 20:29:02 +01:00
Robert Schütz f9820b55ab Don't include identity twice in vaccounts 
fixes #94
 2018-03-05 16:20:54 +01:00
Robin Raymond c1c4706519 remove deprecated virtualAliases 2018-02-23 16:48:13 +01:00
Robin Raymond a3043b2242 fixes #87 2018-02-23 14:52:11 +01:00
Robin Raymond 436cf0513b add vitual mail users 2018-02-18 12:17:32 +01:00
Robin Raymond aca43875dc update copywright 2018-01-29 10:34:27 +01:00
Robin Raymond eeb7fd64af implement qutoas 2017-12-22 16:58:35 +01:00
Robin Raymond 2d0648e0f4 move from real users to passwd file 2017-12-22 16:08:42 +01:00
Ruben Maher 3a333ab71a mail-server/postfix: add each loginAccount to virtual_alias_maps 2017-12-20 10:54:57 +10:30
Robin Raymond fc9b63f0e6 add explicit catchAlls #49 2017-12-18 12:26:54 +01:00
geistesk 0091ae1761 Postfix: set hostname to FQDN 
This should fix #43
 2017-11-26 11:56:34 +01:00
Robin Raymond 8ce3d42c13 implement extraVirtualAliases 2017-11-21 11:52:16 +01:00
Robin Raymond 67c29a561c concat all valiases 2017-11-21 11:35:52 +01:00
Robin Raymond d94b8acd78 implement alias list 2017-11-21 11:18:07 +01:00
Ruben Maher f076a0af65 mail-server/postfix.nix: set mydestination to localhost 
In the event that your `cfg.fqdn` is the same as a domain in `cfg.domains`, you
will not be able to receive mail for users like `user1@fqdn` because postfix
will try to deliver the mail locally.
 2017-11-14 09:16:53 +10:30
Robin Raymond b89d6e7b27 fix fqdn in smtp banner 2017-11-11 14:19:05 +01:00
John Boehr 16fb41de01 Change domain to fqdn and extraDomains to domains 2017-11-11 09:45:06 +00:00
John Boehr f372754052
Qualify user names 2017-11-09 14:17:03 -08:00
John Boehr ebd0f656ed
Preliminary multi-domain support 2017-11-09 13:13:27 -08:00
Robin Raymond 2f7e3a9f0c initial acme support; needs testing 2017-09-23 09:56:09 +02:00
r-raymond bc48b701c8 Merge pull request #15 from phdoerfler/patch-3 
Added header filtering for removing sensitive information.
 2017-09-20 15:31:06 +02:00
Robin Raymond 875db33579 comments on extra lines 2017-09-20 09:26:42 +02:00
Philipp Dörfler 4e5dd5db95 Removed superflous tls_auth_only = yes 2017-09-20 09:00:17 +02:00
Philipp Dörfler 893c6db5cd Now using pkgs.writeText 
this places header cleanup rules into /store out of /etc and avoids the name clash.
 2017-09-20 08:38:40 +02:00
Philipp Dörfler 16e31c6a0d Added header filtering for removing sensitive information. 2017-09-20 00:05:01 +02:00
Philipp Dörfler 46d14bcdf0 Increased security of TLS encryption 2017-09-19 23:54:40 +02:00
Robin Raymond b98654f99a fixes #9 2017-09-14 10:56:22 +02:00
Philipp Dörfler 71d6d41f9b Fixed issue #6 2017-09-12 22:47:13 +02:00
Robin Raymond 28225fb1d6 complete module rewrite 2017-09-03 11:13:34 +02:00
Robin Raymond b5fccc7e39 camelCase 2017-09-02 13:23:37 +02:00
Silvan Mosberger 692a677194 make configuration a nixos module 2017-08-30 15:09:38 +02:00
Robin Raymond 7d4809038f add virus scanning 2017-08-13 21:51:07 +02:00
Robin Raymond 72f45af1ca fix submission port 2017-08-13 14:05:40 +02:00
Robin Raymond b68e64ec72 certificate scheme 2 
On the fly create certificates via openssl (Maybe change this to
libressl in the future?). This is probably the best scheme to get
something that simply works. Self signed certificates only pose a
problem when connecting to retrieve the email via imap or pop3.
 2017-08-13 11:51:07 +02:00
Robin Raymond be5d8c09d8 add rmilter and certificate files 2017-08-12 18:27:22 +02:00
Robin Raymond f8b5e03b78 get postfix working 
I still have to decide what to do with the certificate file
 2017-08-12 16:14:16 +02:00
Robin Raymond 60574841c6 restructuring; now works with 17.03/17.09-pre 
I had to remove some of the features, they need to be slowely added in
again.
 2017-08-12 11:27:19 +02:00
Robin Raymond 938158b3a6 fix arguments of functions 2017-08-11 14:05:58 +02:00