A complete and Simple Nixos Mailserver
Go to file
Kerstin Humm 7c7ed5ce06 Revert "rspamd: make sure redis is started over TCP socket"
This reverts commit 4f0f0128d8.

Redis does seem to run fine with both unixSocket and TCP enabled. This
broke people's setups.
2021-12-01 01:01:03 +01:00
.hydra ci: reenable 20.09 and 21.05 jobs :/ 2021-07-12 23:28:02 +02:00
docs docs: add .readthedocs.yml conf file to pin Python dependencies 2021-11-07 11:13:06 +01:00
mail-server Revert "rspamd: make sure redis is started over TCP socket" 2021-12-01 01:01:03 +01:00
nixops add flake support 2020-12-15 16:14:44 +01:00
scripts docs: remove output paths from generated documentation 2021-10-14 09:06:14 +02:00
tests tests: update fts indexer log messages 2021-07-12 22:57:01 +02:00
.editorconfig Remove makefile section from editorconfig 2017-11-11 09:47:25 +00:00
.gitignore add gitignore file for result links 2017-12-21 11:55:22 +01:00
.gitlab-ci.yml ci: simplify the hydra-cli call 2020-11-30 08:56:57 +01:00
.readthedocs.yaml docs: add .readthedocs.yml conf file to pin Python dependencies 2021-11-07 11:13:06 +01:00
default.nix Fix typos in indexDir example 2021-11-01 23:18:18 +00:00
flake.lock Update nixpkgs-unstable 2021-07-24 09:42:30 +02:00
flake.nix docs: fix the test which could never fail 2021-10-14 09:07:32 +02:00
LICENSE Initial commit 2016-07-21 18:09:04 +02:00
README.md Move the logo 2021-07-27 19:58:33 +00:00
shell.nix add flake support 2020-12-15 16:14:44 +01:00
update.sh automatically update readme hash 2019-12-18 09:33:52 +01:00

Simple Nixos MailServer

license pipeline status

Release branches

For each NixOS release, we publish a branch. You then have to use the SNM branch corresponding to your NixOS version.

Subscribe to SNM Announcement List This is a very low volume list where new releases of SNM are announced, so you can stay up to date with bug fixes and updates. All announcements are signed by the gpg key with fingerprint

D9FE 4119 F082 6F15 93BD  BD36 6162 DBA5 635E A16A

Features

v2.0

  • Continous Integration Testing
  • Multiple Domains
  • Postfix MTA
    • smtp on port 25
    • submission tls on port 465
    • submission starttls on port 587
    • lmtp with dovecot
  • Dovecot
    • maildir folders
    • imap with tls on port 993
    • pop3 with tls on port 995
    • imap with starttls on port 143
    • pop3 with starttls on port 110
  • Certificates
    • manual certificates
    • on the fly creation
    • Let's Encrypt
  • Spam Filtering
    • via rspamd
  • Virus Scanning
    • via clamav
  • DKIM Signing
    • via opendkim
  • User Management
    • declarative user management
    • declarative password management
  • Sieves
    • A simple standard script that moves spam
    • Allow user defined sieve scripts
    • ManageSieve support
  • User Aliases
    • Regular aliases
    • Catch all aliases

In the future

  • DKIM Signing
    • Allow a per domain selector

Get in touch

  • Subscribe to the mailing list
  • Join the Libera Chat IRC channel #nixos-mailserver

Quick Start

   { config, pkgs, ... }:
   let release = "nixos-21.05";
   in {
     imports = [
       (builtins.fetchTarball {
         url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz";
         # This hash needs to be updated
         sha256 = "0000000000000000000000000000000000000000000000000000";
       })
     ];

     mailserver = {
       enable = true;
       fqdn = "mail.example.com";
       domains = [ "example.com" "example2.com" ];
       loginAccounts = {
           "user1@example.com" = {
               # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 > /hashed/password/file/location
               hashedPasswordFile = "/hashed/password/file/location";

               aliases = [
                   "info@example.com"
                   "postmaster@example.com"
                   "postmaster@example2.com"
               ];
           };
       };
     };
   }

For a complete list of options, see default.nix.

How to Set Up a 10/10 Mail Server Guide

Check out the Complete Setup Guide in the project's documentation.

How to Backup

Checkout the Complete Backup Guide. Backups are easy with SNM.

Development

See the How to Develop SNM wiki page.

Release notes

nixos-20.03

  • Rspamd is upgraded to 2.0 which deprecates the SQLite Bayes backend. We then moved to the Redis backend (the default since Rspamd 2.0). If you don't want to relearn the Redis backend from the scratch, we could manually run

    rspamadm statconvert --spam-db /var/lib/rspamd/bayes.spam.sqlite --ham-db /var/lib/rspamd/bayes.ham.sqlite -h 127.0.0.1:6379 --symbol-ham BAYES_HAM --symbol-spam BAYES_SPAM
    

    See the Rspamd migration notes and this SNM Merge Request for details.

Contributors

See the contributor tab

Alternative Implementations

Credits