X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fmail%2Fpostfix.nix;h=4791b418a60d9194c67cf8fa31ebbbaa49d47f60;hb=5400b9b6f65451d41a9106fae6fc00f97d83f4ef;hp=2af184907ee918c27585c0192a074179b59a9cf2;hpb=ef0a9217fba817d7fb71ccd4cca65919dd89ebec;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix index 2af1849..4791b41 100644 --- a/modules/private/mail/postfix.nix +++ b/modules/private/mail/postfix.nix @@ -274,7 +274,7 @@ in pkgs.writeText "host-sender-login" (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses)); host_dummy_mailboxes = pkgs.writeText "host-virtual-mailbox" - (builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (n: v: "${n}@immae.eu dummy") nodes)); + (builtins.concatStringsSep "\n" (["immae-eu@immae.eu dummy"] ++ lib.attrsets.mapAttrsToList (n: v: "${n}@immae.eu dummy") nodes)); }; in recipient_maps // relay_restrictions // virtual_map // sasl_access; @@ -292,7 +292,7 @@ ### Virtual mailboxes config virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"} ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}"; virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains - ++ lib.remove "localhost.immae.eu" (lib.remove null (lib.flatten (map + ++ lib.remove null (lib.flatten (map (zone: map (e: if e.receive then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}" @@ -301,7 +301,7 @@ (zone.withEmail or []) ) config.myEnv.dns.masterZones - ))); + )); virtual_mailbox_maps = "hash:/etc/postfix/host_dummy_mailboxes mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}"; dovecot_destination_recipient_limit = "1"; virtual_transport = "dovecot"; @@ -377,15 +377,13 @@ ]; smtpd_recipient_restrictions = "permit_sasl_authenticated,reject"; milter_macro_daemon_name = "ORIGINATING"; - smtpd_milters = "unix:${config.myServices.mail.milters.sockets.opendkim}"; + smtpd_milters = builtins.concatStringsSep "," [ + # FIXME: put it back when opensmtpd is upgraded and able to + # rewrite the from header + #"unix:/run/milter_verify_from/verify_from.sock" + "unix:${config.myServices.mail.milters.sockets.opendkim}" + ]; }; - # FIXME: Mail adressed to localhost.immae.eu will still have mx-1 as - # prioritized MX, which provokes "mail for localhost.immae.eu loops - # back to myself" errors. This transport entry forces to push - # e-mails to its right destination. - transport = '' - localhost.immae.eu smtp:[immae.eu]:25 - ''; destination = ["localhost"]; # This needs to reverse DNS hostname = config.hostEnv.fqdn; @@ -430,7 +428,7 @@ }; }; }; - security.acme2.certs."mail" = { + security.acme.certs."mail" = { postRun = '' systemctl restart postfix.service '';