From 538a4c1b67c9370185decd7bb3b158ac2144d5dd Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Sun, 27 Dec 2020 16:30:36 +0100 Subject: Add the SMTP configuration --- guix/vkraus/modules/mail.scm | 49 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 guix/vkraus/modules/mail.scm (limited to 'guix/vkraus') diff --git a/guix/vkraus/modules/mail.scm b/guix/vkraus/modules/mail.scm new file mode 100644 index 0000000..14d4682 --- /dev/null +++ b/guix/vkraus/modules/mail.scm @@ -0,0 +1,49 @@ +(define-module (vkraus modules mail) + #:use-module (gnu services) + #:use-module (gnu services mail) + #:use-module (guix gexp) + #:use-module (guix modules) + #:use-module (guix records) + #:use-module (ice-9 match) + #:use-module (ice-9 optargs) + #:use-module (vkraus services dkim-out-proxy)) + +(define-public (make-smtp-service domain) + (let ((cfg + (mixed-text-file "opensmtpd-configuration" + " +table aliases file:/etc/aliases +table blacklist file:" (plain-file "blacklist" "@toto.com") " + +pki " domain " cert \"/etc/letsencrypt/live/" domain "/fullchain.pem\" +pki " domain " key \"/etc/letsencrypt/live/" domain "/privkey.pem\" + +listen on 0.0.0.0 port 25 tls pki " domain " +listen on :: port 25 tls pki " domain " +listen on 0.0.0.0 port 587 tls-require pki " domain " mask-src auth +listen on :: port 587 tls-require pki " domain " mask-src auth +listen on socket mask-src +listen on lo port 10028 tag DKIM_SIGNED + +action receive maildir alias +action send relay helo " domain " +action sign relay host smtp://localhost:11333 + +match tag DKIM_SIGNED for any action send +match !from auth mail-from \"@" domain "\" for any reject +match from any mail-from reject +match from any for domain \"" domain "\" action receive +match from auth for local action receive +match from auth for any action sign +"))) + (service opensmtpd-service-type + (opensmtpd-configuration + (config-file cfg))))) + +(define-public (make-dkim-out-proxy the-domain) + (service dkim-out-proxy-service-type + (dkim-out-proxy-configuration + (input-port 11333) + (output-port 10028) + (domain domain) + (keyfile "/etc/dkim/privkey.pem")))) -- cgit v1.2.3