ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2024-11-11 11:29:17 +05:00
Code Issues Packages Projects Releases Wiki Activity

Fog user's hostname in the Message-ID

Browse Source
This commit is contained in:
geistesk 2018-04-08 20:58:30 +02:00
parent 1dd394e63f
commit 386faf960c
3 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
default.nix
View File

@ -433,6 +433,16 @@ in
'';
};
rewriteMessageId = mkOption {
type = types.bool;
default = false;
description = ''
Rewrites the Message-ID's hostname-part of outgoing emails to the FQDN.
Please be aware that this may cause problems with some mail clients
relying on the original Message-ID.
'';
};
monitoring = {
enable = mkEnableOption "monitoring via monit";

10
mail-server/postfix.nix
View File

@ -66,7 +66,7 @@ let
# The user's own address is already in all_valiases_postfix.
vaccounts_file = builtins.toFile "vaccounts" (lib.concatStringsSep "\n" all_valiases_postfix);
submissionHeaderCleanupRules = pkgs.writeText "submission_header_cleanup_rules" ''
submissionHeaderCleanupRules = pkgs.writeText "submission_header_cleanup_rules" (''
# Removes sensitive headers from mails handed in via the submission port.
# See https://thomas-leister.de/mailserver-debian-stretch/
# Uses "pcre" style regex.
@ -76,7 +76,13 @@ let
/^X-Mailer:/ IGNORE
/^User-Agent:/ IGNORE
/^X-Enigmail:/ IGNORE
'';
'' + lib.optionalString cfg.rewriteMessageId ''
# Replaces the user submitted hostname with the server's FQDN to hide the
# user's host or network.
/^Message-ID:\s+<(.*?)@.*?>/ REPLACE Message-ID: <$1@${cfg.fqdn}>
'');
in
{
config = with cfg; lib.mkIf enable {

14
tests/extern.nix
View File

@ -29,6 +29,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
fqdn = "mail.example.com";
domains = [ "example.com" "example2.com" ];
dhParamBitLength = 512;
rewriteMessageId = true;
loginAccounts = {
"user1@example.com" = {
@ -65,9 +66,14 @@ import <nixpkgs/nixos/tests/make-test.nix> {
echo grep '${clientIP}' "$@" >&2
exec grep '${clientIP}' "$@"
'';
check-mail-id = pkgs.writeScriptBin "check-mail-id" ''
#!${pkgs.stdenv.shell}
echo grep '^Message-ID:.*@mail.example.com>$' "$@" >&2
exec grep '^Message-ID:.*@mail.example.com>$' "$@"
'';
in {
environment.systemPackages = with pkgs; [
fetchmail msmtp procmail findutils grep-ip
fetchmail msmtp procmail findutils grep-ip check-mail-id
];
environment.etc = {
"root/.fetchmailrc" = {
@ -128,6 +134,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
'';
};
"root/email1".text = ''
Message-ID: <12345qwerty@host.local.network>
From: User2 <user2@example.com>
To: User1 <user1@example.com>
Cc:
@ -140,6 +147,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
how are you doing today?
'';
"root/email2".text = ''
Message-ID: <232323abc@host.local.network>
From: User <user@example2.com>
To: User1 <user1@example.com>
Cc:
@ -154,6 +162,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
XOXO User1
'';
"root/email3".text = ''
Message-ID: <asdfghjkl42@host.local.network>
From: Postmaster <postmaster@example.com>
To: Chuck <chuck@example.com>
Cc:
@ -167,6 +176,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
XOXO Postmaster
'';
"root/email4".text = ''
Message-ID: <sdfsdf@host.local.network>
From: Single Alias <single-alias@example.com>
To: User1 <user1@example.com>
Cc:
@ -181,6 +191,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
XOXO User1 aka Single Alias
'';
"root/email5".text = ''
Message-ID: <789asdf@host.local.network>
From: User2 <user2@example.com>
To: Multi Alias <multi-alias@example.com>
Cc:
@ -234,6 +245,7 @@ import <nixpkgs/nixos/tests/make-test.nix> {
$client->succeed("cat ~/mail/* >&2");
## make sure our IP is _not_ in the email header
$client->fail("grep-ip ~/mail/*");
$client->succeed("check-mail-id ~/mail/*");
};
subtest "have correct fqdn as sender", sub {