{ pkgs, lib, config, ... }: let domain = "sourcephile.fr"; in { systemd.services.postfix.after = [ "${domain}.key.pem-key.service" ]; services.postfix = { config = { virtual_mailbox_domains = [ domain ]; }; virtual = '' root@${domain} julm@${domain} admin@${domain} julm@${domain} webmaster@${domain} julm@${domain} postmaster@${domain} julm@${domain} ''; config = { virtual_alias_maps = [ ("ldap:"+pkgs.writeText "ldap-forward.cf" '' version = 3 debuglevel = 0 server_host = ldapi:// bind = sasl sasl_mechs = EXTERNAL search_base = ou=posix,dc=sourcephile,dc=fr scope = sub dereference = 0 query_filter = (&(mail=%s)(mailEnabled=TRUE)) result_format = %s result_attribute = mailForwardingAddress '') ("ldap:"+pkgs.writeText "ldap-virtual_alias_maps.cf" '' version = 3 debuglevel = 0 server_host = ldapi:// bind = sasl sasl_mechs = EXTERNAL search_base = ou=posix,dc=sourcephile,dc=fr scope = sub dereference = 0 query_filter = (&(mailAlias=%s)(mailEnabled=TRUE)) result_format = %s result_attribute = mail '') ]; }; # Allowed MAIL FROM addresses that belong to a given SASL authenticated user. submissions.smtpd_sender_login_maps = [ ("ldap:"+pkgs.writeText "ldap-senders.cf" '' version = 3 debuglevel = 0 server_host = ldapi:// bind = sasl sasl_mechs = EXTERNAL search_base = ou=posix,dc=sourcephile,dc=fr scope = sub dereference = 0 query_filter = (&(|(mail=%s)(mailAlias=%s))(mailEnabled=TRUE)) result_format = %s result_attribute = uid '') ]; }; }