aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
910 Commits 9 Branches 0 Tags
75f9549a814221a2942f367bc1cabc9303569fa0
Commit Graph

910 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Antoine Eiche 8c1c4640b8 Increase the evaluation periodicity from 30s to 5m 
This has been asked by the Nix community for debugging and maintenance
purposes.
 2025-02-09 18:14:30 +01:00
euxane 6b425d13f5 tests: fix renamed options warnings 2025-01-24 17:40:48 +01:00
Guillaume Girol ade37b2765 fts xapian: adapt to newer versions 
fts xapian does not publish configuration changes in a changelog. As a
result, some options that nixos mailserver was setting for it have been
ignored for several years. New options (process_limit) are now
recommended. This adapts the module to these changes.

The default value of partial= is 2, but fts_xapian 1.8.3 now requires it
to be at least 3, and fails loudly in case it is 2. As a result, this
change is required to support fts_xapian 1.8.3 and later.
 2025-01-18 12:00:00 +00:00
Ryan Trinkle dc0569066e Make imap memory limit configurable 2024-12-26 16:25:46 +00:00
Ryan Trinkle 87ffaad9a3 Add quota-status memory limit 2024-12-26 16:25:46 +00:00
Ryan Trinkle 4a5eb4baea Make LMTP memory limit configurable 2024-12-26 16:25:46 +00:00
Antoine Eiche 63209b1def Release 24.11 2024-12-22 16:20:47 +00:00
lennart 26a56d0a8f Fix example for rejectSender 
A domain prepended with an at sign does not work to reject senders on
domain level. Thus misleading documentation is fixed by removing it.
 2024-12-20 00:15:57 +01:00
Sandro c43d8c4a3c Fix wrong userAttrs default 2024-12-16 17:37:58 +00:00
Jeremy Fleischman 6db6c0dc72 Add instructions about creating a AAAA record 2024-12-16 17:35:11 +00:00
Jany Doe e4aabd3de6 remove new line character if use agenix 2024-12-16 17:07:10 +00:00
Guillaume Girol 1cf6d01989 nix flake update 2024-11-24 00:16:56 +01:00
Guillaume Girol 0a801316cd tests: ignore debug message that looks like an error 2024-11-24 00:16:56 +01:00
Guillaume Girol 9919033068 tests: make the emails sent by mail-check.py look less like spam 
rspamd complains that these emails miss these headers
 2024-11-23 23:51:49 +01:00
Guillaume Girol e901c56849 services.dnsmasq.extraConfig was removed on nixos-unstable 2024-11-23 23:51:49 +01:00
Guillaume Girol 3a082011dc recent nixos-unstable requires larger dh params 2024-11-23 12:00:00 +00:00
Sandro Jäckel af7d3bf5da Wrap rspamc to avoid having to specific socket manually 2024-08-05 19:00:00 +02:00
Sandro Jäckel 059b50b2e7 Allow setting userAttrs to empty string 
This allows overwriting the default values for user_attrs to be empty
which is required when using virtual mailboxes with ldap accounts
that have posixAccount attributes set. When user_attrs is empty string
those are ignored then.
 2024-07-16 11:15:14 +02:00
Isabel 290a995de5 refactor: policyd-spf -> spf-engine 2024-06-18 09:03:27 +01:00
isabel 54cbacb6eb chore: remove flake utils 2024-06-14 21:52:49 +01:00
Antoine Eiche 29916981e7 Release 24.05 2024-06-11 07:36:43 +02:00
RoastedCheese 0d51a32e47 acme: test acmeCertificateName if module is enabled 2024-06-04 15:31:28 +00:00
Martin Weinelt ed80b589d3 postfix: remove deprecated smtpd_tls_eecdh_grade 
Causes a warning that suggests to just leave it at its default.
 2024-06-03 12:34:43 +02:00
Matthew Leach 46a0829aa8 acme: Add new option acmeCertificateName 
Allow the user to specify the name of the ACME configuration that the
mailserver should use. This allows users that request certificates that
aren't the FQDN of the mailserver, for example a wildcard certificate.
 2024-05-31 09:53:32 +01:00
jopejoe1 41059fc548 docs: use settings instead of config in radicale 2024-05-03 09:14:16 +02:00
Sandro Jäckel ef4756bcfc Quote ldap password 
Otherwise special characters like # do not work
 2024-04-28 10:02:48 +00:00
Sandro 9f6635a035 Drop default acmeRoot 2024-04-13 12:42:45 +00:00
Antoine Eiche 79c8cfcd58 Remove the support of 23.05 and 23.11 
This is because SNM now supports the new sieve nixpkgs interface,
which is not backward compatible with previous releases.
 2024-03-14 21:51:05 +01:00
Gaetan Lepage 799fe34c12 Update nixpkgs 2024-03-14 21:51:05 +01:00
Gaetan Lepage d507bd9c95 dovecot: no longer need to copy sieve scripts 2024-03-14 21:50:46 +01:00
Raito Bezarius fe6d325397 dovecot: support new sieve API in nixpkgs 
Since https://github.com/NixOS/nixpkgs/pull/275031 things have became more structured
when it comes to the sieve plugin.

Relies on https://github.com/NixOS/nixpkgs/pull/281001 for full
features.
 2024-03-09 23:23:17 +01:00
Christian Theune 572c1b4d69 rspamd: fix duplicate and syntactically wrong header settings 
Fixes #280
 2024-03-08 14:52:52 +01:00
Sleepful 9e36323ae3 Update roundcube example configuration: smtp_server is deprecated 
Related issue on GH: https://github.com/roundcube/roundcubemail/issues/8756
 2024-01-31 17:08:06 -06:00
Antoine Eiche e47f3719f1 Release 23.11 2024-01-25 22:52:54 +01:00
Antoine Eiche b5023b36a1 postfix: exclude $mynetwork from smtpd_forbid_bare_newline 2023-12-27 09:46:26 +01:00
Alvar Penning 3f526c08e8 postfix: SMTP Smuggling Protection 
Enable Postfix SMTP Smuggling protection, introduced in Postfix 3.8.4,
which is, currently, only available within the nixpkgs' master branch.

- https://github.com/NixOS/nixpkgs/pull/276104
- https://github.com/NixOS/nixpkgs/pull/276264

For information about SMTP Smuggling:

- https://www.postfix.org/smtp-smuggling.html
- https://www.postfix.org/postconf.5.html#smtpd_forbid_bare_newline
 2023-12-23 20:15:16 +01:00
Naïm Favier 8aaa71f86e docs: fix rspamd syntax 
See https://rspamd.com/doc/configuration/metrics.html
 2023-12-11 15:34:03 +01:00
Lafiel 008d78cc21 dovecot: add support store mailbox names on disk using UTF-8 2023-11-16 01:02:33 +03:00
Jean-Baptiste Giraudeau 84783b661e Add tests for regex (PCRE) aliases 2023-09-28 16:13:00 +02:00
Jean-Baptiste Giraudeau 93221e4b25 Add support for regex (PCRE) aliases. 2023-09-05 14:58:10 +02:00
Naïm Favier c63f6e7b05 docs: fix link 2023-07-21 23:55:54 +02:00
Bjørn Forsman a3b03d1b5a Use umask for race-free permission setting 
Without using umask there's a small time window where paths are world
readable. That is a bad idea to do for secret files (e.g. the dovecot
code path).
 2023-07-17 18:22:16 +02:00
Antoine Eiche 69a4b7ad67 ldap: add an entry in the doc 2023-07-11 19:31:20 +00:00
Antoine Eiche 71b4c62d85 dovecot: fix a typo on userAttrs 2023-07-11 19:31:20 +00:00
Antoine Eiche 6775502be3 ldap: set assertions to forbid ldap and loginAccounts simultaneously 2023-07-11 19:31:20 +00:00
Antoine Eiche 7695c856f1 ldap: improve the documentation 2023-07-11 19:31:20 +00:00
Antoine Eiche fb3210b932 ldap: do not write password to the Nix store 2023-07-11 19:31:20 +00:00
Antoine Eiche 33554e57ce Make the ldap test working 
- The smtp/imap user name is now user@domain.tld
- Make the test_lookup function much more robust: it was now getting
  the correct file from the store.
 2023-07-11 19:31:20 +00:00
Martin Weinelt 8b03ae5701 Create LDAP test 
Sets up a declaratively configured OpenLDAP instance with users alice
and bob. They each own one email address,

First we test that postfix can communicate with LDAP and do the expected
lookups using the defined maps.

Then we use doveadm to make sure it can look up the two accounts.

Next we check the binding between account and mail address, by logging
in as alice and trying to send from bob@example.com, which alice is not
allowed to do. We expect postfix to reject the sender address here.

Finally we check mail delivery between alice and bob. Alice tries to
send a mail from alice@example.com to bob@example.com and bob then
checks whether it arrived in their mailbox.
 2023-07-11 19:31:20 +00:00
Martin Weinelt 42e245b069 scripts/mail-check: allow passing the smtp username 
Will be prefered over the from address when specified.
 2023-07-11 19:31:20 +00:00