diff options
author | tv <tv@krebsco.de> | 2022-12-07 20:03:15 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2022-12-07 20:03:39 +0100 |
commit | 1796bf491246bc3e728d8b8502cc27c7ea9d06ea (patch) | |
tree | eb06aaf3a59e597ed35ff8308ca12ef9ffe56454 /krebs/3modules | |
parent | df93a24faae49012aae107031b12c43f2e6e5c54 (diff) |
exim-smarthost: make SPF check optional
Diffstat (limited to 'krebs/3modules')
-rw-r--r-- | krebs/3modules/exim-smarthost.nix | 67 |
1 files changed, 36 insertions, 31 deletions
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 218d83ab4..7c176d224 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -12,6 +12,8 @@ let api = { enable = mkEnableOption "krebs.exim-smarthost"; + enableSPFVerification = mkEnableOption "SPF verification"; + authenticators = mkOption { type = types.attrsOf types.str; default = {}; @@ -181,37 +183,40 @@ let accept acl_check_mail: - accept - authenticated = * - accept - sender_domains = +sender_domains - hosts = +relay_from_hosts - deny - spf = fail : softfail - log_message = spf=$spf_result - message = SPF validation failed: \ - $sender_host_address is not allowed to send mail from \ - ''${if def:sender_address_domain\ - {$sender_address_domain}\ - {$sender_helo_name}} - deny - spf = permerror - log_message = spf=$spf_result - message = SPF validation failed: \ - syntax error in SPF record(s) for \ - ''${if def:sender_address_domain\ - {$sender_address_domain}\ - {$sender_helo_name}} - defer - spf = temperror - log_message = spf=$spf_result; deferred - message = temporary error during SPF validation; \ - please try again later - warn - spf = none : neutral - log_message = spf=$spf_result - accept - add_header = $spf_received + ${if cfg.enableSPFVerification then indent /* exim */ '' + accept + authenticated = * + accept + hosts = +relay_from_hosts + deny + spf = fail : softfail + log_message = spf=$spf_result + message = SPF validation failed: \ + $sender_host_address is not allowed to send mail from \ + ''${if def:sender_address_domain\ + {$sender_address_domain}\ + {$sender_helo_name}} + deny + spf = permerror + log_message = spf=$spf_result + message = SPF validation failed: \ + syntax error in SPF record(s) for \ + ''${if def:sender_address_domain\ + {$sender_address_domain}\ + {$sender_helo_name}} + defer + spf = temperror + log_message = spf=$spf_result; deferred + message = temporary error during SPF validation; \ + please try again later + warn + spf = none : neutral + log_message = spf=$spf_result + accept + add_header = $spf_received + '' else indent /* exim */ '' + accept + ''} begin routers |