public
/
mail-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Nope, imap does need net access

This commit is contained in:
niten 2023-10-02 13:56:50 -07:00
parent 76333c0a7c
commit 186589dd5f
2 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mail-server.nix
View File

@ -322,7 +322,8 @@ in {
}; };
imap = { imap = {
service = { service = {
networks = [ "internal_network" "ldap_network" ]; networks =
[ "internal_network" "external_network" "ldap_network" ];
ports = [ "143:143" "993:993" ]; ports = [ "143:143" "993:993" ];
volumes = [ volumes = [
"${cfg.state-directory}/dovecot:/state" "${cfg.state-directory}/dovecot:/state"

9
postfix.nix
View File

@ -243,12 +243,13 @@ in {
cfg.blacklist.dns) ++ [ "reject" ]; cfg.blacklist.dns) ++ [ "reject" ];
relay-restrictions = [ relay-restrictions = [
"reject_unauth_pipelining"
"reject_unknown_sender_domain"
"permit_sasl_authenticated" "permit_sasl_authenticated"
"permit_mynetworks"
"reject_unknown_sender_domain"
"reject_unauth_destination"
"reject_unauth_pipelining"
] ++ (map (blacklist: "reject_rbl_client ${blacklist}") ] ++ (map (blacklist: "reject_rbl_client ${blacklist}")
cfg.blacklist.dns) cfg.blacklist.dns) ++ [ "permit" ];
++ [ "permit_mynetworks" "reject_unauth_destination" "permit" ];
recipient-restrictions = [ recipient-restrictions = [
"check_recipient_access ${mappedFile "reject_recipients"}" "check_recipient_access ${mappedFile "reject_recipients"}"