1 { lib, pkgs, config, name, ... }:
3 config = lib.mkIf config.myServices.mailRelay.enable {
4 secrets.keys."opensmtpd/creds" = {
9 eldiron ${name}:${config.hostEnv.ldap.password}
12 users.users.smtpd.extraGroups = [ "keys" ];
13 services.opensmtpd = {
15 serverConfiguration = let
16 filter-rewrite-from = pkgs.runCommand "filter-rewrite-from.py" {
17 buildInputs = [ pkgs.python3 ];
19 cp ${./filter-rewrite-from.py} $out
24 "${config.secrets.fullPaths."opensmtpd/creds"}"
25 # FIXME: filtering requires 6.6, uncomment following lines when
28 # proc-exec "${filter-rewrite-from} ${name}@immae.eu"
29 # listen on socket filter "fixfrom"
30 action "relay-rewrite-from" relay \
31 helo ${config.hostEnv.fqdn} \
32 host smtp+tls://eldiron@eldiron.immae.eu:587 \
34 mail-from ${name}@immae.eu
35 action "relay" relay \
36 helo ${config.hostEnv.fqdn} \
37 host smtp+tls://eldiron@eldiron.immae.eu:587 \
39 match for any !mail-from "@immae.eu" action "relay-rewrite-from"
40 match for any mail-from "@immae.eu" action "relay"
43 environment.systemPackages = [ config.services.opensmtpd.package ];
44 services.mail.sendmailSetuidWrapper = {
46 source = "${config.services.opensmtpd.package}/bin/smtpctl";
50 security.wrappers.mailq = {
52 source = "${config.services.opensmtpd.package}/bin/smtpctl";