Fri Jul 10 18:09:07+0200 2020
0dcd253
Attempt to use a tor hidden service for mail too
modules/config/mail.scm
| 71 | 71 | # For sending messages from outside of this server, you need to authenticate and | |
| 72 | 72 | # use TLS. | |
| 73 | 73 | listen on " interface " port 587 tls-require pki lepiller.eu mask-src auth <passwd> | |
| 74 | - | # On this server, you only need to authenticate on one of the available ports, | |
| 75 | - | # and you may use TLS. | |
| 76 | - | listen on lo port 25 tls pki lepiller.eu mask-src auth <passwd> | |
| 74 | + | # Localhost is used by the .onion, so we use the same configuration for | |
| 75 | + | # local connections. | |
| 76 | + | listen on lo port 25 tls pki lepiller.eu filter spam-filter | |
| 77 | + | # Since incoming connection uses tor, we don't need tls, but still require | |
| 78 | + | # authentication; we're not a relay | |
| 77 | 79 | listen on lo port 587 tls pki lepiller.eu mask-src auth <passwd> | |
| 78 | - | listen on lo port 10028 tag DKIM_OUT # DKIMproxy | |
| 80 | + | ||
| 81 | + | # DKIMproxy | |
| 82 | + | listen on lo port 10028 tag DKIM_OUT | |
| 83 | + | ||
| 84 | + | # The socket is considered an internal connection | |
| 85 | + | listen on socket mask-src | |
| 79 | 86 | ||
| 80 | 87 | # Maybe it'll work better if we connect to gmail only with v4? | |
| 81 | 88 | #limit mta for domain gmail.com inet4 |
systems/hermes.scm
| 76 | 76 | (tor-hidden-service "lepiller" | |
| 77 | 77 | '((22 "127.0.0.1:22") | |
| 78 | 78 | (80 "127.0.0.1:80"))) | |
| 79 | + | (tor-hidden-service "mail" | |
| 80 | + | '((25 "127.0.0.1:25") | |
| 81 | + | (143 "127.0.0.1:143") | |
| 82 | + | (587 "127.0.0.1:587") | |
| 83 | + | (993 "127.0.0.1:993"))) | |
| 79 | 84 | (service nginx-service-type | |
| 80 | 85 | (nginx-configuration | |
| 81 | 86 | (server-names-hash-bucket-size 128))) |