- users.users."${config.services.opendmarc.user}".extraGroups = [ "keys" ];
- services.opendmarc = {
- enable = true;
- socket = "local:${config.myServices.mail.milters.sockets.opendmarc}";
- configFile = pkgs.writeText "opendmarc.conf" ''
- AuthservID HOSTNAME
- FailureReports false
- FailureReportsBcc postmaster@localhost.immae.eu
- FailureReportsOnNone true
- FailureReportsSentBy postmaster@immae.eu
- IgnoreAuthenticatedClients true
- IgnoreHosts ${config.secrets.fullPaths."opendmarc/ignore.hosts"}
- SoftwareHeader true
- SPFSelfValidate true
- TrustedAuthservIDs HOSTNAME, immae.eu, nef2.ens.fr
- UMask 002
- '';
- group = config.services.postfix.group;
- };
- services.filesWatcher.opendmarc = {
- restart = true;
- paths = [
- config.secrets.fullPaths."opendmarc/ignore.hosts"
- ];
- };
+ systemd.services.milter_verify_from = {
+ description = "Verify from milter";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];