caspervk/nixos
1
0
Fork 0
Code Activity Actions

Compare commits

base: caspervk:a594492dd1663fb35296f7592cc52490e9c64025
Branches Tags
caspervk:master
caspervk:dev
..
compare: caspervk:2dd56076c014ade124dd0683871d1bc9fd98322d
Branches Tags
caspervk:master
caspervk:dev

2 commits
a594492dd1 ... 2dd56076c0

Author SHA1 Message Date
Casper V. Kristensen
2dd56076c0 mail: send mail through icloud (cringe) 2025-01-22 03:29:15 +01:00
Casper V. Kristensen
c1d6f8ed03 flake.lock: Update 
Flake lock file updates:

• Updated input 'home-manager-unstable':
    'github:nix-community/home-manager/f8ef4541bb8a54a8b52f19b52912119e689529b3?narHash=sha256-0NBrY2A7buujKmeCbieopOMSbLxTu8TFcTLqAbTnQDw%3D' (2025-01-19)
  → 'github:nix-community/home-manager/4481a16d1ac5bff4a77c608cefe08c9b9efe840d?narHash=sha256-rk/cmrvq3In0TegW9qaAxw%2B5YpJhRWt2p74/6JStrw0%3D' (2025-01-21)
• Updated input 'secrets':
    'git+ssh://git@git.caspervk.net/caspervk/nixos-secrets.git?ref=refs/heads/master&rev=a5a11ce1f8e323f82dcbbe3b38ab112ce5f5fd7f' (2025-01-17)
  → 'git+ssh://git@git.caspervk.net/caspervk/nixos-secrets.git?ref=refs/heads/master&rev=725ccdd9169ae40d56f1b07f53918e4e27898c08' (2025-01-22)
 2025-01-22 02:48:34 +01:00
2 changed files with 49 additions and 22 deletions
Show stats Expand all files Collapse all files

14
flake.lock generated
View file

@ -85,11 +85,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1737299337, "lastModified": 1737480538,
"narHash": "sha256-0NBrY2A7buujKmeCbieopOMSbLxTu8TFcTLqAbTnQDw=", "narHash": "sha256-rk/cmrvq3In0TegW9qaAxw+5YpJhRWt2p74/6JStrw0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "f8ef4541bb8a54a8b52f19b52912119e689529b3", "rev": "4481a16d1ac5bff4a77c608cefe08c9b9efe840d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -214,11 +214,11 @@
}, },
"secrets": { "secrets": {
"locked": { "locked": {
"lastModified": 1737137052, "lastModified": 1737510423,
"narHash": "sha256-mizVntH8Pn7tzs3/5kZH5Cd28ztfT/vfenpdvphQ4cM=", "narHash": "sha256-FjyBCMyzYcQUW9J7VsMB9fTVrQpYHLlLNjcZpxdMB2I=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "a5a11ce1f8e323f82dcbbe3b38ab112ce5f5fd7f", "rev": "725ccdd9169ae40d56f1b07f53918e4e27898c08",
"revCount": 53, "revCount": 54,
"type": "git", "type": "git",
"url": "ssh://git@git.caspervk.net/caspervk/nixos-secrets.git" "url": "ssh://git@git.caspervk.net/caspervk/nixos-secrets.git"
}, },

57
hosts/sigma/mail.nix
View file

@ -11,29 +11,56 @@
# Simple NixOS Mailserver. # Simple NixOS Mailserver.
# https://nixos-mailserver.readthedocs.io # https://nixos-mailserver.readthedocs.io
# https://wiki.nixos.org/wiki/Imapsync # https://wiki.nixos.org/wiki/Imapsync
# INCOMING mail is delegated to mail.caspervk.net by each domain, e.g.
# vkristensen.dk.
# #
# DNS # vkristensen.dk.zone:
# Each domain delegates mail-handling to mail.caspervk.net using an MX
# record. mail.caspervk.net MUST be an A/AAAA record *NOT* CNAME. For spam
# purposes, the IP-addresses pointed to by mail.caspervk.net MUST point back
# to mail.caspervk.net using reverse-DNS.
# > dig mail.caspervk.net
# > dig -x 1.2.3.4
# Mail to e.g. vkristensen.dk should be delegated to mail.caspervk.net. Each
# domain's DKIM key in /var/dkim/ MUST be added to its DNS zone.
# > dig MX vkristensen.dk
# > dig TXT vkristensen.dk
# > dig TXT mail._domainkey.vkristensen.dk
# > dig TXT _dmarc.vkristensen.dk
# #
# @ IN MX 10 mail.caspervk.net.
#
# For anti-spam purposes, mail.caspervk.net MUST be an A/AAAA record (not
# CNAME) and the IP-addresses MUST point back to mail.caspervk.net using a
# reverse pointer record:
#
# caspervk.net.zone:
#
# mail IN A 49.13.33.75
# 75.33.13.49.in-addr.arpa. IN PTR mail.caspervk.net.
# OUTGOING mail is sent through icloud because email is a racket where the
# big providers only accept mail from the other big providers. Perfect
# SPF/DKIM? Well fuck you. If you're lucky we'll send you to spam, otherwise
# it's straight to /dev/null. What happened to the decentralised internet!?
# At least give me a chance until you've actually seen me send spam??
# https://www.icloud.com/icloudplus/customdomain
#
# Anyway.. Each domain delegates SPF and DMARC to mail.caspervk.net so we
# only have to define the policies once, and adds icloud's dkim key:
#
# vkristensen.dk.zone:
#
# @ IN TXT "v=spf1 redirect=mail.caspervk.net"
# _dmarc IN CNAME _dmarc.mail.caspervk.net.
# sig1._domainkey IN CNAME sig1.dkim.caspervk.net.at.icloudmailadmin.com.
#
# The SPF and DMARC policies are defined centrally.
#
# caspervk.net.zone:
#
# mail IN TXT "v=spf1 ..."
# _dmarc.mail IN TXT "v=DMARC1; ..."
# Online verification tools: # Online verification tools:
# https://dmarcchecker.app
# https://www.mail-tester.com/ # https://www.mail-tester.com/
# https://mxtoolbox.com/deliverability # https://mxtoolbox.com/deliverability
#
# Client Setup # Client Setup
# Account: casper@vkristensen.dk # Account: casper@vkristensen.dk
# IMAP: mail.caspervk.net:993 (SSL/TLS) # IMAP: mail.caspervk.net:993 (SSL/TLS)
# SMTP: mail.caspervk.net:465 (SSL/TLS) # SMTP: mail.caspervk.net:465 (SSL/TLS) TODO!
mailserver = { mailserver = {
enable = true; enable = true;
# Firewall is handled manually in networking.nix # Firewall is handled manually in networking.nix