cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-14 01:44:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added MTA-STS records and .well-known file

Browse Source
This commit is contained in:
missytake
2023-11-13 17:04:00 +01:00
parent 4478270fc9
commit 5305dfab12
3 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
deploy-chatmail/src/deploy_chatmail/__init__.py
View File

@@ -207,7 +207,7 @@ def _configure_dovecot(mail_server: str, debug: bool = False) -> bool:
return need_restart
def _configure_nginx(domain: str, debug: bool = False) -> bool:
def _configure_nginx(domain: str, mail_server: str) -> bool:
"""Configures nginx HTTP server."""
need_restart = False
@@ -231,6 +231,16 @@ def _configure_nginx(domain: str, debug: bool = False) -> bool:
)
need_restart |= autoconfig.changed
mta_sts_config = files.template(
src=importlib.resources.files(__package__).joinpath("nginx/mta-sts.txt.j2"),
dest="/var/www/html/.well-known/mta-sts.txt",
user="root",
group="root",
mode="644",
config={"mail_server": mail_server},
)
need_restart |= mta_sts_config.changed
return need_restart

4
deploy-chatmail/src/deploy_chatmail/nginx/mta-sts.txt.j2 Normal file
View File

@@ -0,0 +1,4 @@
version: STSv1
mode: enforce
max_age: 2419200 # 28 days
mx: {{ config.mail_server }}

3
scripts/generate-dns-zone.sh
View File

@@ -16,5 +16,8 @@ _submissions._tcp.$CHATMAIL_DOMAIN. SRV 0 1 465 $CHATMAIL_DOMAIN.
_imap._tcp.$CHATMAIL_DOMAIN. SRV 0 1 143 $CHATMAIL_DOMAIN.
_imaps._tcp.$CHATMAIL_DOMAIN. SRV 0 1 993 $CHATMAIL_DOMAIN.
$CHATMAIL_DOMAIN. IN CAA 128 issue "letsencrypt.org; accounturi=$ACME_ACCOUNT_URL"
_mta-sts.$CHATMAIL_DOMAIN. IN TXT "v=STSv1; id=$(date -u '+%Y%m%d%H%M')"
_mta-sts.$CHATMAIL_DOMAIN. IN CNAME $CHATMAIL_DOMAIN.
_smtp._tls.$CHATMAIL_DOMAIN. IN TXT "v=TLSRPTv1; rua=mailto:$EMAIL"
EOF
$SSH opendkim-genzone -F | sed 's/^;.*$//;/^$/d'