diff options
-rw-r--r-- | src/org/euandre/queue.scm | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/src/org/euandre/queue.scm b/src/org/euandre/queue.scm index e9b6532..d8bf915 100644 --- a/src/org/euandre/queue.scm +++ b/src/org/euandre/queue.scm @@ -895,6 +895,7 @@ By default, the daemon runs in a container."))) (hostname postfix-configuration-hostname (default (gethostname))) (dkim-filter-listen postfix-configuration-dkim-filter-listen (default "[127.0.0.1]:10027")) (dkim-filter-relay postfix-configuration-dkim-filter-relay (default "127.0.0.1:10028")) + (sasl-dirname postfix-configuration-sasl-dirname (default "/etc/sasl2")) (run-in-container? postfix-configuration-run-in-container? (default #f)) (container-name postfix-configuration-container-name (default "postfix")) (container-namespaces postfix-configuration-container-namespaces (default (s1:fold delq container:%namespaces '(net)))) @@ -986,10 +987,7 @@ postlog unix-dgram n - n - 1 postlogd (key-file hostname) (or key-file (format #f "/etc/letsencrypt/live/~a~a/privkey.pem" prefix hostname)))) -(define (main.cf-internet-extra hostname cert key) -;; FIXME: shouldn't smtpd_tls_security_level be 'encrypt'? -;; smtpd_sasl_security_options = FIXME: deny all -;; smtpd_milters = FIXME +(define (main.cf-internet-extra hostname cert key sasl-dirname) (format #f " myhostname = ~a @@ -1013,14 +1011,15 @@ smtpd_relay_restrictions = $smtpd_recipient_restrictions smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes -cyrus_sasl_config_path = /etc/sasl2 +cyrus_sasl_config_path = ~a debug_peer_list = 127.0.0.1 milter_default_action = accept " hostname cert - key)) + key + sasl-dirname)) (define main.cf-local-extra " mynetworks = 127.0.0.0/8 @@ -1042,9 +1041,9 @@ smtp_sasl_mechanism_filter = login, plain (define (generate-main.cf config) (match-record config <postfix-configuration> (mail-in-home? enable-submission? mail-directory queue-directory data-directory - user setgid-group hostname main.cf-extra) + user setgid-group hostname main.cf-extra sasl-dirname) (format #f - "compatibility_level = 3.6 + "compatibility_level = 3.6 queue_directory = ~a data_directory = ~a @@ -1069,7 +1068,8 @@ header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGN (main.cf-internet-extra hostname (cert-for "" config) - (key-for "" config)) + (key-for "" config) + sasl-dirname) main.cf-local-extra)))) (define (postfix-etc-files config) |