heartles/egirls-nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add firewall rules that mitigate spam

Browse source
This commit is contained in:
jaina heartles 2025-03-09 22:22:33 -04:00
parent 2c9ccff84b
commit 11afd23d99
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
postfix.nix
View file

@ -1,6 +1,12 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
{ {
networking.firewall.extraCommands = let user = config.services.postfix.user;
in ''
iptables -I OUTPUT -m owner ! --uid-owner ${user} -m tcp -p tcp --dport 25 -j REJECT --reject-with icmp-admin-prohibited
ip6tables -I OUTPUT -m owner ! --uid-owner ${user} -m tcp -p tcp --dport 25 -j REJECT --reject-with icmp6-adm-prohibited
'';
services.postfix = { services.postfix = {
enable = true; enable = true;
enableSubmission = true; enableSubmission = true;