aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add support for sender rewriting using postsrsd

Browse Source 
With SRS we support forwarding of mails without (fully) breaking SPF
alignment.
This commit is contained in:
Martin Weinelt
2025-07-10 23:10:45 +02:00
parent b633223a33
commit eeda8ba39e
9 changed files with 160 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/release-notes.rst
View File

@@ -7,6 +7,8 @@ NixOS 25.11
- The ``systemName`` and ``systemDomain`` options have been introduced to have
reusable configurations for automated reports (DMARC, TLSRPT). They come with
reasonable defaults, but it is suggested to check and change them as needed.
- Support for the `Sender Rewriting Scheme`_ has been added, which allows
forwarding mail without breaking SPF by rewriting the envelope address.
- The default key length for new DKIM RSA keys was increased to 2048 bits as
recommended in `RFC 8301 3.2`_.
We recommend rotating existing keys, as the RFC advises that signatures from
@@ -29,6 +31,7 @@ NixOS 25.11
`tlsrpt-reporter`_. They can be enabled with the ``mailserver.tlsrpt.enable``
option.
.. _Sender Rewriting Scheme: srs.html
.. _RFC 8301 3.2: https://www.rfc-editor.org/rfc/rfc8301#section-3.2
.. _RFC 8314 3.3: https://www.rfc-editor.org/rfc/rfc8314#section-3.3
.. _RFC 8314 4.1: https://www.rfc-editor.org/rfc/rfc8314#section-4.1