Commit graph

603 commits

Author SHA1 Message Date
Mynacol
7e09d8f537 docs: add submissions DNS record for autodiscovery
Add the submissions autodiscovery SRV DNS record for implicit TLS in
SMTP (submission) connections according to
[RFC 8314](https://www.rfc-editor.org/rfc/rfc8314#section-5.1).
2023-05-29 15:09:08 +02:00
Antoine Eiche
1bcfcf786b Remove the NixOS 22.11 support
Because the option `nodes.domain1.services.dnsmasq.settings' does not
exist.
2023-05-24 23:37:17 +02:00
Naïm Favier
a948c49ca7 Allow using existing ACME certificates
Add a certificate scheme for using an existing ACME certificate without
setting up Nginx.

Also use names instead of magic numbers for certificate schemes.
2023-05-24 21:10:02 +00:00
Naïm Favier
42c5564791 tests: use services.dnsmasq.settings
Gets rid of the warning about `extraConfig` being deprecated.
2023-05-24 21:10:02 +00:00
Antoine Eiche
fd605a419b Fix test names 2023-05-24 23:06:29 +02:00
Lafiel
d8131ffc61 dovecot: split passdb and userdb 2023-05-23 20:41:36 +00:00
Maximilian Bosch
bd99079363 mail-server/dovecot: also learn spam/ham on APPEND
The current configuration doesn't work when moving spam from the INBOX
to Junk on a local maildir and then syncing the result to the IMAP
server with `mbsync(1)`. This is because `mbsync(1)` doesn't support a
mvoe-detection[1] (i.e. an IMAP MOVE which subsequently causes a Sieve
COPY according to RFC6851 which then triggers report{h,sp}am.sieve), but
instead sends `APPEND` (and removes the message in the src mailbox after
that).

Tested on my own mailserver that this fixes spam learning.

This doesn't work the other way round though because `APPEND` doesn't
have an origin. However, learning mails as spam happens more often than
learning spam as ham, so this is IMHO still useful.

[1] https://sourceforge.net/p/isync/mailman/isync-devel/thread/87y2p1tihz.fsf%40ericabrahamsen.net/#msg37030483
2023-05-23 19:49:59 +00:00
Juergen Fitschen
c04e4f22da opendkim: make public key world-readable 2023-05-14 07:11:48 +00:00
Maximilian Bosch
e2ca6e45f3 docs: add instructions for rfc6186-compliant setup 2023-05-14 07:08:27 +00:00
Naïm Favier
6d0d9fb966
Update nixpkgs
Option values are now rendered correctly as Nix thanks to
https://github.com/NixOS/nixpkgs/pull/199363
2022-12-22 20:45:03 +01:00
Naïm Favier
0bbb2ac74e
docs: drop options.md from the repository
Generate the file on the readthedocs builder using Nix. Since there is
no root access or user namespaces, we have to use proot (see
https://nixos.wiki/wiki/Nix_Installation_Guide#PRoot).
2022-12-22 20:45:03 +01:00
Naïm Favier
4fcab839d7
docs: use MarkDown for option docs 2022-12-22 20:45:01 +01:00
Antoine Eiche
bc667fb6af Release 22.11 2022-12-21 22:46:04 +01:00
Antoine Eiche
31eadb6388 doc: regenerate it 2022-11-30 21:03:13 +01:00
Antoine Eiche
033b3d2a45 Removing 22.05 release
Because of some incompabilities with the 22.11 release.
2022-11-30 20:59:39 +01:00
Naïm Favier
694e7d34f6
docs: option docs improvements
- add missing description and defaultText fields
- add dmarcReporting option group
- render examples
2022-11-30 12:30:29 +01:00
Martin Weinelt
fe36e7ae0d rspamd: allow configuring dmarc reporting
Enabling collects DMARC results in Redis and sends out aggregated
reports (RUA) on a daily basis.
2022-11-27 20:34:38 +00:00
Antoine Eiche
3f0b7a1b5c ci: pin nixpkgs to 22.05
Because hydra-cli build is currently broken on unstable.
2022-11-27 20:43:25 +01:00
Antoine Eiche
737eb4f398 docs: explicitly mention a reverse DNS entry is required
Fixes https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/234
2022-11-27 19:14:52 +00:00
Linus Heckemann
a40e9c3abb htpasswd -> mkpasswd 2022-11-27 19:14:22 +00:00
Martin Weinelt
004c229ca4
Convert minimal test to python test driver 2022-07-19 23:54:04 +02:00
Antoine Eiche
f535d8123c Release 22.05 2022-06-22 22:39:06 +02:00
Ryan Mulligan
15cf252a0d monit/rspamd: monitor by process name 2022-05-24 20:15:37 +00:00
Niklas Hambüchen
6284a20f77 acme: Switch from postRun to reloadServices to fix hangs. Fixes #232 2022-05-24 20:11:52 +00:00
Ryan Mulligan
4396125ebb docs/full text search: fix typo; improve ux
docecot -> dovecot

Also, `indexDir` is not expecting to see %d/%n being passed to that
parameter, so remove that to make it easier to cpy the path into
there.
2022-05-08 16:02:12 -07:00
Fatih Altinok
4ce864f52a Fix typo in title 2022-04-16 18:17:48 +00:00
Guillaume Girol
75728d2686 tests: compatibility with fts xapian 1.5.4 2022-03-05 12:00:00 +00:00
Guillaume Girol
7de138037f docs: add how-to to setup roundcube 2022-02-26 17:06:52 +00:00
Antoine Eiche
021b5c8f73 ci: enable the nix-command feature 2022-02-25 09:24:52 +01:00
Naïm Favier
46ef908c91
rspamd: set default port for redis
Since we are now using services.redis.servers.rspamd, the port defaults
to 0 (i.e. do not bind a TCP socket). We still want rspamd to connect to
redis via TCP, so set a default port that is one above the default redis port.
2022-02-24 22:06:20 +01:00
Naïm Favier
53af883255 Regenerate options.rst 2022-02-24 20:51:40 +00:00
Naïm Favier
4ed684481b Update nixos-unstable and drop 21.11 2022-02-24 20:51:40 +00:00
Naïm Favier
f4c14572fc Drop 21.05 branch 2022-02-24 20:51:40 +00:00
Naïm Favier
ef03562eba make option documentation compatible with nixos-search 2022-02-24 20:51:40 +00:00
Antoine Eiche
11ad4742aa Fix CI job because of Nix new CLI options 2022-02-24 20:49:27 +00:00
Antoine Eiche
665aa181e6 ci: make release-21.11 a flake job 2022-02-20 11:29:33 +01:00
Antoine Eiche
6e3a7b2ea6 Release nixos-21.11 2021-12-07 22:09:14 +01:00
Izorkin
f3d967f830
nginx: generate certificates for custom domains and subdomains 2021-12-05 20:53:21 +03:00
Kerstin Humm
7c7ed5ce06 Revert "rspamd: make sure redis is started over TCP socket"
This reverts commit 4f0f0128d8.

Redis does seem to run fine with both unixSocket and TCP enabled. This
broke people's setups.
2021-12-01 01:01:03 +01:00
Lionello Lunesu
822c5f22bd Fix fullTextSearch.enable=false 2021-11-26 04:57:43 +00:00
DwarfMaster
4f0f0128d8 rspamd: make sure redis is started over TCP socket 2021-11-17 17:59:32 +01:00
Lionello Lunesu
6e8142862f opendkim: don't recreate keys if private key is present 2021-11-07 19:57:12 +00:00
Guillaume Girol
a13526a6e3 nginx.nix: don't reload nginx
Fixes #227

Reloading nginx manually is actually not needed (see
nginx-config-reload.service) and causes deadlocks.
2021-11-07 19:10:00 +00:00
Antoine Eiche
9d3a87905e docs: add .readthedocs.yml conf file to pin Python dependencies 2021-11-07 11:13:06 +01:00
Lionello
ef8ca96c5d Fix typos in indexDir example 2021-11-01 23:18:18 +00:00
Ero Sennin
0d9a880c0e Set DKIM policy to relaxed/relaxed
And make this policy configurable.
2021-10-14 18:45:21 +00:00
Antoine Eiche
acaba31d8f docs: fix the test which could never fail 2021-10-14 09:07:32 +02:00
Antoine Eiche
74bb227990 docs: remove output paths from generated documentation
Otherwise, the `testRstOptions` test would fail too often!
2021-10-14 09:06:14 +02:00
Steve Purcell
fb85a3fe9e Ensure locally-delivered mails have the X-Original-To header
See #223
2021-08-11 12:20:16 +00:00
Antoine Eiche
72748d7b6d Use the Junk mailbox name defined in the mailboxes attrs
Previously, the static Junk mailbox was used in sieve script to move
spam messages. This patch gets the Junk mailbox defined in the dovecot
mailboxes attribute instead.

Fixes #224
2021-08-06 16:21:03 +00:00