Brian Olsen
e32a915489
postfix: Use pypolicyd-spf for SPF checking
2018-06-29 21:35:16 +09:30
Brian Olsen
f209fa3bf3
postfix: use masterConfig option instead of extraMasterConf
...
extraMasterConf is just a string while masterConfig is a nix module so
the options are more explicit and has help text.
2018-06-29 21:35:16 +09:30
Brian Olsen
7036371f75
Use OpenDKIM instead of rmilter for DKIM
...
As part of #61 this moves DKIM handling from rmilter to OpenDKIM.
2018-06-29 21:35:16 +09:30
Brian Olsen
0c883d8bcd
tests/extern: Fix small errors
...
1. The lowquota test used the wrong fetchmail username and password
2. When running interactively repeatedly mkdir fails since dir exists
2018-06-29 21:35:16 +09:30
Brian Olsen
8a27b941bf
Start dovecot before postfix and add target for certificates
...
It seemed weird to me that preStart on postfix was used to generate
files not needed directly by postfix and for the self-signed
certificate which is also needed by dovecot. nginx.service was also
used as a proxy for when ACME certificate generation was done.
So I have created mailserver-certificates.target for when certificates
are available for other services. For self-signed that means that a
new oneshot service called mailserver-selfsigned-certificate has been
run. And for ACME this means that the target
acme-selfsigned-certificates has been reached (which is when acme has
created the self-signed certificates used before the actual
certificates provided by LetsEncrypt are created). This setup has the
added bonus that if you want to run a service to provide your own
certificates you can set that to run before
mailserver-certificates.target.
DH Parameters are only needed by dovecot so generation of that file has
been moved to the dovecot2 preStart.
And lastly the only remaining reason to for dovecot to start before
postfix was that the auth and lmtp sockets where located in a directory
created by postfix. But since they could just as well be located in
/run/dovecot2 as long as postfix has access to them I have moved them
there.
2018-06-29 21:35:16 +09:30
Brian Olsen
0fbfbafb6e
Make dovecot sockets use postfix user/group options
2018-06-29 21:35:16 +09:30
Robin Raymond
99f64355eb
Merge branch 'master' into 'master'
...
Master
See merge request simple-nixos-mailserver/nixos-mailserver!131
2018-06-27 14:15:15 +00:00
nico202
18da60451f
clean extra whitespaces
2018-06-27 14:48:15 +02:00
nico202
3541f76be5
Remove reference to github in sieveScript example
2018-06-27 14:48:15 +02:00
nico202
bb26860cf2
readme: remove references to github -> gitlab
2018-06-27 14:48:15 +02:00
Robin Raymond
ffc67fef46
remove cache
2018-06-09 15:21:21 +02:00
Robin Raymond
f016b9689a
Merge pull request #128 from Infinisil/fix-enable-conditions
...
fix conditions for enabling services
2018-06-09 15:18:46 +02:00
Robin Raymond
cfb8353f1a
Merge pull request #130 from phdoerfler/clamav-phishing
...
Disabled scanning of incoming mails for phishing attempts
2018-06-09 15:17:18 +02:00
Philipp Dörfler
92238c61f6
Disabled scanning of incoming mails for phishing attempts
2018-06-09 09:13:56 +00:00
Silvan Mosberger
845e06e61a
fix conditions for enabling services
...
Without this fix, kresd and others would get enabled even though the
main mailserver option is disabled.
2018-05-22 23:18:55 +02:00
Robin Raymond
68232ddf87
Merge pull request #116 from phdoerfler/post-upgrade-check
...
Added option for automatic reboot after a kernel upgrade.
2018-05-10 13:06:46 +02:00
Robin Raymond
6d3ab77a5d
Merge pull request #114 from geistesk/message-id
...
Fog user's hostname in the Message-ID
2018-05-10 13:05:32 +02:00
Robin Raymond
02b0e867d2
Merge pull request #124 from nlewo/pr-dh.pem
...
postfix: also create the dh.pem if it is empty
2018-05-10 13:04:35 +02:00
Robin Raymond
e0907f489b
Merge pull request #117 from tokudan/reject_recipients
...
Allow rejecting mails to selected local addresses from remote systems
2018-05-10 13:02:37 +02:00
Antoine Eiche
e9dea6cdb4
postfix: also create the dh.pem if it is empty
...
The dh.pem file is currently created by the postfix prestart
script. If the entropy of the system is to low, the postfix prestart
can timeout. In this case, an empty file is created.
If the user restarts the postfix service, the dh.pem is not created
because the file already exists (but is empty).
When a ssl is established with dovecot, it fails with this message:
imap-login: `Error:Failed to initialize SSL server context: Couldn't parse DH parameters:
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH
PARAMETERS`
With this patch, the postfix service creates the dh.pem if the dh.pem
doesn't exist or if it is empty. It doesn't fix the entropy or
timeout issue but at least, the user knows something is failing:/
2018-05-10 01:04:02 +02:00
Robin Raymond
31dae8a5f3
Merge pull request #121 from nlewo/pr-relaxed
...
dkim: set header canonicalization to relaxed
2018-05-06 11:32:37 +02:00
Antoine Eiche
0f75894b4f
dkim: set header canonicalization to relaxed
...
Instead of simple canonicalization which is the default one.
Fixes #120
2018-05-04 19:55:25 +02:00
Daniel Frank
f613779999
Allow rejecting mails to selected local addresses from remote systems
2018-04-15 01:49:26 +02:00
Philipp Dörfler
610a4008dc
Added option for automatic reboot after a kernel upgrade.
2018-04-12 10:31:49 +00:00
geistesk
386faf960c
Fog user's hostname in the Message-ID
2018-04-09 22:14:17 +02:00
Robin Raymond
1dd394e63f
Allow longer cachings
2018-04-08 17:57:16 +02:00
Robin Raymond
ea2cc9fbfa
simplify travis.yml
2018-04-08 17:05:25 +02:00
Robin Raymond
37ba2c656c
test both 18.03 and unstable
2018-04-08 16:54:53 +02:00
Robin Raymond
52b4733f22
log failures
2018-04-08 16:26:15 +02:00
Robin Raymond
6bc15dd52c
move travis ci to 18.03
2018-04-08 16:03:16 +02:00
Robin Raymond
b8314865fa
version update
2018-04-08 15:59:48 +02:00
Robin Raymond
e4c6682eb9
Merge branch 'master' of github.com:r-raymond/nixos-mailserver
2018-04-08 15:28:58 +02:00
Robin Raymond
c28d7756c1
Merge pull request #101 from tokudan/mydestination
...
Avoid accepting mail to xyz@localhost from remote systems
2018-04-08 15:25:48 +02:00
Robin Raymond
319a6dd793
Merge pull request #112 from tokudan/catchAll_doc
...
Clarify distinction between aliases and catchAll
2018-04-08 15:25:22 +02:00
Daniel Frank
c0e51245bb
Clarify distinction between aliases and catchAll
2018-04-04 19:20:53 +02:00
Robin Raymond
8e0984de9b
Merge pull request #109 from geistesk/multiple-aliases
...
Support for multiple extraVirtualAliases
2018-04-03 13:51:13 +02:00
geistesk
c0df22aaae
Support for multiple extraVirtualAliases
...
Should fix #104 by introducing
```
extraVirtualAliases = {
"single-alias@domain.foobar" = "user1@domain.foobar";
"multi-alias@domain.foobar" = [
"user1@domain.foobar" "user2@domain.foobar" ];
};
```
2018-04-03 11:52:03 +02:00
Robin Raymond
234f92f8a8
Merge pull request #106 from phdoerfler/mail_max_userip_connections
...
Added dovecot option for mail_max_userip_connections defaulting to 100
2018-03-14 15:26:37 +01:00
Philipp Dörfler
4f36b72dd6
Added dovecot option for mail_max_userip_connections defaulting to 100
2018-03-13 10:43:30 +00:00
Robin Raymond
e3a12093b7
Merge pull request #93 from phdoerfler/borgbackup
...
Added basic support for borgbackup
2018-03-10 18:20:19 +01:00
Daniel Frank
f283b6750b
Avoid accepting mail to xyz@localhost. Local email should be aliased to another user anyway.
2018-03-10 17:13:30 +01:00
Robin Raymond
f69081226d
Merge pull request #98 from tokudan/fix_backscatter
...
Avoid backscattering on unknown recipients. Fixes #97
2018-03-06 16:00:54 +01:00
Robin Raymond
465da44b29
Merge pull request #96 from dotlambda/fix-94
...
Don't include identity twice in vaccounts
2018-03-06 15:42:56 +01:00
Daniel Frank
330cc73089
Avoid backscattering on unknown recipients. Fixes #97
2018-03-05 20:29:02 +01:00
Robert Schütz
f9820b55ab
Don't include identity twice in vaccounts
...
fixes #94
2018-03-05 16:20:54 +01:00
Robin Raymond
9a68daea0f
Merge branch 'master' of github.com:r-raymond/nixos-mailserver
2018-03-05 09:19:34 +01:00
Robert Schütz
23d06c9665
Add test for #94
...
Ensure that no warnings or errors are in the journal
2018-03-04 23:36:32 +01:00
Philipp Dörfler
b53364715d
Added basic support for borgbackup
2018-03-04 14:36:42 +00:00
Robin Raymond
95dad50dcb
Move development to wiki page
2018-02-28 14:07:50 +01:00
Robin Raymond
6c2bfe55e8
Link to contributors
2018-02-28 14:03:31 +01:00