aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

treewide: fix typos and other minor issues

Browse Source
This commit is contained in:
Martin Weinelt
2026-03-10 04:46:20 +01:00
parent d04d1a565b
commit 1c57aab586
11 changed files with 20 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+1 -1
View File
@@ -22,7 +22,7 @@ SNM branch corresponding to your NixOS version.
## Features ## Features
* [x] Continous Integration Testing * [x] Continuous Integration Testing
* [x] Multiple Domains * [x] Multiple Domains
* Postfix * Postfix
* [x] SMTP on port 25 * [x] SMTP on port 25
default.nix
+4 -3
View File
@@ -336,7 +336,7 @@ in
default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
defaultText = literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)"; defaultText = literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)";
description = '' description = ''
Certifificate trust anchors used to verify the LDAP server certificate. Certificate trust anchors used to verify the LDAP server certificate.
''; '';
}; };
@@ -948,10 +948,11 @@ in
]; ];
default = "rsa"; default = "rsa";
description = '' description = ''
The key type used for generating DKIM keys. ED25519 was introduced in RFC6376 (2018). The key type used for generating DKIM keys. Ed25519 support was
introduced in RFC6376 (2018).
:::{warning} :::{warning}
ED25519 DKIM keys are currently not recommended for primary use, as Ed25519 DKIM keys are currently not recommended for primary use, as
various DKIM validators out there lack support and consider the keypair invalid. various DKIM validators out there lack support and consider the keypair invalid.
::: :::
docs/backup-guide.rst
+1 -1
View File
@@ -12,7 +12,7 @@ anything works, as it is simply a folder with plenty of files in it. If
your backup solution does not preserve the owner of the files dont your backup solution does not preserve the owner of the files dont
forget to ``chown`` them to ``virtualMail:virtualMail`` if you copy them forget to ``chown`` them to ``virtualMail:virtualMail`` if you copy them
back (or whatever you specified as ``vmailUserName``, and back (or whatever you specified as ``vmailUserName``, and
``vmailGoupName``). ``vmailGroupName``).
If you enabled ``enableManageSieve`` then you also may want to backup If you enabled ``enableManageSieve`` then you also may want to backup
``/var/sieve`` or whatever you have specified as ``sieveDirectory``. ``/var/sieve`` or whatever you have specified as ``sieveDirectory``.
docs/fts.rst
+1 -1
View File
@@ -48,7 +48,7 @@ recommended to move indices in a different location, such as
When the value of the ``indexDir`` option is changed, all dovecot When the value of the ``indexDir`` option is changed, all dovecot
indices needs to be recreated: clients would need to resynchronize. indices needs to be recreated: clients would need to resynchronize.
Indexation itself is rather resouces intensive, in CPU, and for emails with Indexation itself is rather resource intensive, in CPU, and for emails with
large headers, in memory as well. Initial indexation of existing emails can take large headers, in memory as well. Initial indexation of existing emails can take
hours. If the indexer worker is killed or segfaults during indexation, it can hours. If the indexer worker is killed or segfaults during indexation, it can
be that it tried to allocate more memory than allowed. You can increase the memory be that it tried to allocate more memory than allowed. You can increase the memory
docs/howto-develop.rst
+2 -2
View File
@@ -38,8 +38,8 @@ You can then run the testsuite via
$ nix flake check -L $ nix flake check -L
Since Nix doesn't garantee your machine have enough resources to run Since Nix doesn't guarantee your machine have enough resources to run
all test VMs in parallel, some tests can fail. You would then haev to all test VMs in parallel, some tests can fail. You would then have to
run tests manually. For instance: run tests manually. For instance:
:: ::
docs/release-notes.rst
+3 -3
View File
@@ -35,14 +35,14 @@ NixOS 25.11
1024 bit keys should not be considered valid any longer. 1024 bit keys should not be considered valid any longer.
- IMAP access over port ``143/tcp`` is now default disabled in line - IMAP access over port ``143/tcp`` is now default disabled in line
with `RFC 8314 4.1`_. Use IMAP over implicit TLS on port ``993/tcp`` with `RFC 8314 4.1`_. Use IMAP over implicit TLS on port ``993/tcp``
instead. If you still require this feature you can reenable it using instead. If you still require this feature you can re-enable it using
``mailserver.enableImap``, but it is scheduled for removal after the 25.11 ``mailserver.enableImap``, but it is scheduled for removal after the 25.11
release. release.
- SMTP server and client now support and prefer a hybrid key exchange - SMTP server and client now support and prefer a hybrid key exchange
(X25519MLKEM768) (X25519MLKEM768)
- SMTP access over STARTTLS on port ``587/tcp`` is now default disabled in line - SMTP access over STARTTLS on port ``587/tcp`` is now default disabled in line
with `RFC 8314 3.3`_. If you still require this feature you can renable it using with `RFC 8314 3.3`_. If you still require this feature you can re-enable it
``mailserver.enableSubmission``. using ``mailserver.enableSubmission``.
- DMARC reports are now sent with the ``noreply-dmarc`` localpart from the - DMARC reports are now sent with the ``noreply-dmarc`` localpart from the
system domain. system domain.
- DANE and MTA-STS are now validated for outgoing SMTP connections using - DANE and MTA-STS are now validated for outgoing SMTP connections using
docs/rspamd-tuning.rst
+1 -1
View File
@@ -94,7 +94,7 @@ With an nginx reverse-proxy
If you have a secured nginx reverse proxy set on the host, you can use it to expose the socket. If you have a secured nginx reverse proxy set on the host, you can use it to expose the socket.
**Keep in mind the UI is unsecured by default, you need to setup an authentication scheme**, for **Keep in mind the UI is unsecured by default, you need to setup an authentication scheme**, for
exemple with `basic auth <https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/>`_: example with `basic auth <https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/>`_:
.. code:: nix .. code:: nix
flake.nix
+1 -1
View File
@@ -155,7 +155,7 @@
markdownlint = { markdownlint = {
enable = true; enable = true;
settings.configuration = { settings.configuration = {
# Max line length, doesn't seem to correclty account for lines containing links # Max line length, doesn't seem to correctly account for lines containing links
# https://github.com/DavidAnson/markdownlint/blob/main/doc/md013.md # https://github.com/DavidAnson/markdownlint/blob/main/doc/md013.md
MD013 = false; MD013 = false;
}; };
mail-server/dovecot.nix
+2 -2
View File
@@ -145,7 +145,7 @@ let
lib.filterAttrs (_: v: v ? "specialUse" && v.specialUse == "Junk") cfg.mailboxes lib.filterAttrs (_: v: v ? "specialUse" && v.specialUse == "Junk") cfg.mailboxes
); );
junkMailboxNumber = builtins.length junkMailboxes; junkMailboxNumber = builtins.length junkMailboxes;
# The assertion garantees there is exactly one Junk mailbox. # The assertion guarantees there is exactly one Junk mailbox.
junkMailboxName = if junkMailboxNumber == 1 then builtins.elemAt junkMailboxes 0 else ""; junkMailboxName = if junkMailboxNumber == 1 then builtins.elemAt junkMailboxes 0 else "";
mkLdapSearchScope = mkLdapSearchScope =
@@ -206,7 +206,7 @@ in
}; };
}; };
# for sieve-test. Shelling it in on demand usually doesnt' work, as it reads # for sieve-test. Shelling it in on demand usually doesn't work, as it reads
# the global config and tries to open shared libraries configured in there, # the global config and tries to open shared libraries configured in there,
# which are usually not compatible. # which are usually not compatible.
environment.systemPackages = [ environment.systemPackages = [
tests/external.nix
+3 -3
View File
@@ -430,9 +430,9 @@
# fetchmail returns EXIT_CODE 0 when it retrieves mail # fetchmail returns EXIT_CODE 0 when it retrieves mail
client.succeed("fetchmail --nosslcertck -v") client.succeed("fetchmail --nosslcertck -v")
with subtest("catchAlls"): with subtest("domain catch-all"):
client.execute("rm ~/mail/*") client.execute("rm ~/mail/*")
# send email from chuck to non exsitent account # send email from chuck to non-existent account
client.succeed( client.succeed(
"msmtp -a test3 --tls=on --tls-certcheck=off --auth=on lol@example.com < /etc/root/email2 >&2" "msmtp -a test3 --tls=on --tls-certcheck=off --auth=on lol@example.com < /etc/root/email2 >&2"
) )
@@ -447,7 +447,7 @@
) )
server.wait_until_fails('[ "$(postqueue -p)" != "Mail queue is empty" ]') server.wait_until_fails('[ "$(postqueue -p)" != "Mail queue is empty" ]')
# fetchmail returns EXIT_CODE 1 when no new mail # fetchmail returns EXIT_CODE 1 when no new mail
# if this succeeds, it means that user1 recieved the mail that was intended for chuck. # if this succeeds, it means that user1 received the mail that was intended for chuck.
client.fail("fetchmail --nosslcertck -v") client.fail("fetchmail --nosslcertck -v")
with subtest("extraVirtualAliases"): with subtest("extraVirtualAliases"):
tests/ldap.nix
+1 -1
View File
@@ -135,7 +135,7 @@ in
# This function retrieves the ldap table file from a postconf # This function retrieves the ldap table file from a postconf
# command. # command.
# A key lookup is achived and the returned value is compared # A key lookup is achieved and the returned value is compared
# to the expected value. # to the expected value.
def test_lookup(postconf_cmdline, key, expected): def test_lookup(postconf_cmdline, key, expected):
conf = machine.succeed(postconf_cmdline).rstrip() conf = machine.succeed(postconf_cmdline).rstrip()