mailserver: Remove rejectSenders

This now gets handled by rspamd with a dynamic map.
This commit is contained in:
Simon Bruder 2023-05-31 13:40:48 +02:00
parent 5b39654159
commit db391a3907
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
5 changed files with 11 additions and 19 deletions

View file

@ -26,7 +26,6 @@
];
autoconfig.enable = true;
users = import ./secrets/mail-users.nix;
rejectSenders = import ./secrets/mail-reject-senders.nix;
};
};

View file

@ -79,15 +79,6 @@ in
"/^\\s*X-Originating-IP:/"
];
};
rejectSenders = mkOption {
type = listOf str;
description = "A list of senders to reject mails from";
default = [ ];
example = [
"newsletter@example.com"
"spammer@example.com"
];
};
};
imports = [

View file

@ -28,13 +28,6 @@ let
valiases = pkgs.writeText "valiases" aliasesString;
access_sender = pkgs.writeText
"access_sender"
(lib.concatMapStringsSep
"\n"
(sender: "${sender} REJECT")
cfg.rejectSenders);
submissionHeaderCleanupRules = pkgs.writeText "submission_header_cleanup_rules"
(lib.concatMapStringsSep
"\n"
@ -57,7 +50,7 @@ lib.mkIf cfg.enable {
recipientDelimiter = "+";
mapFiles = {
inherit access_sender valiases;
inherit valiases;
};
config = {
@ -86,7 +79,6 @@ lib.mkIf cfg.enable {
];
smtpd_sender_restrictions = listToString [
"check_sender_access hash:/var/lib/postfix/conf/access_sender"
"reject_non_fqdn_sender"
"reject_unknown_sender_domain"
];

View file

@ -43,6 +43,16 @@ in
extended_spam_headers = true;
'';
"multimap.conf".text = ''
SENDER_BLOCKED {
type = "from";
filter = "email:addr";
map = "/var/lib/rspamd/blocked_senders.map";
symbol = "SENDER_BLOCKED";
description = "Senders address is manually blocked";
prefilter = true;
action = "reject";
score = 30.0;
}
SENDER_DOMAIN_BLOCKED {
type = "from";
filter = "email:domain:tld";