From deca5e9bf0cfd02c52c39e051753aeb9640a66f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sun, 5 Jan 2020 17:29:17 +0100 Subject: Change mail relay to opensmtpd --- modules/private/mail/opensmtpd.nix | 51 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 modules/private/mail/opensmtpd.nix (limited to 'modules/private/mail/opensmtpd.nix') diff --git a/modules/private/mail/opensmtpd.nix b/modules/private/mail/opensmtpd.nix new file mode 100644 index 0000000..7831ac0 --- /dev/null +++ b/modules/private/mail/opensmtpd.nix @@ -0,0 +1,51 @@ +{ lib, pkgs, config, name, ... }: +{ + config = lib.mkIf config.myServices.mailRelay.enable { + secrets.keys = [ + { + dest = "opensmtpd/creds"; + user = "smtpd"; + group = "smtpd"; + permissions = "0400"; + text = '' + eldiron ${name}:${config.myEnv.servers."${name}".ldap.password} + ''; + } + ]; + users.users.smtpd.extraGroups = [ "keys" ]; + services.opensmtpd = { + enable = true; + serverConfiguration = '' + table creds \ + "${config.secrets.fullPaths."opensmtpd/creds"}" + # FIXME: filtering requires 6.6 + # filter "fixfrom" \ + # proc-exec "${pkgs.procmail}/bin/formail -i 'From: ${name}@immae.eu'" + action "relay-rewrite-from" relay \ + helo ${config.hostEnv.FQDN} \ + host smtp+tls://eldiron@eldiron.immae.eu:587 \ + auth \ + mail-from ${name}@immae.eu + action "relay" relay \ + helo ${config.hostEnv.FQDN} \ + host smtp+tls://eldiron@eldiron.immae.eu:587 \ + auth + match for any !mail-from "@immae.eu" action "relay-rewrite-from" + match for any mail-from "@immae.eu" action "relay" + ''; + }; + environment.systemPackages = [ config.services.opensmtpd.package ]; + services.mail.sendmailSetuidWrapper = { + program = "sendmail"; + source = "${config.services.opensmtpd.package}/bin/smtpctl"; + setuid = false; + setgid = false; + }; + security.wrappers.mailq = { + program = "mailq"; + source = "${config.services.opensmtpd.package}/bin/smtpctl"; + setuid = false; + setgid = false; + }; + }; +} -- cgit v1.2.3