Fix DKIM config

2025-03-25 21:06:34 +01:00
2 changed files with 8 additions and 7 deletions
--- a/flake.lock
+++ b/flake.lock
@ -9,11 +9,11 @@
        "rust-overlay": "rust-overlay"
      },
      "locked": {
-        "lastModified": 1742970612,
-        "narHash": "sha256-+/irvF5TgMTCyHWE30BhearVDmeMHRFSBG4D6kCGlHc=",
+        "lastModified": 1742814048,
+        "narHash": "sha256-8BK8oLQcpxTsQQiOrP80pPWirdOIk50ecCZjkUYMLVI=",
        "ref": "refs/heads/main",
-        "rev": "a9a819e659c0fc1baa84c83c50ec839e6819249d",
-        "revCount": 24,
+        "rev": "3570db39fda3627d60fbd4ef9c6326b3de074eb8",
+        "revCount": 23,
        "type": "git",
        "url": "https://gitea.mathebau.de/fachschaft/alias_to_sieve"
      },
--- a/nixos/modules/mail.nix
+++ b/nixos/modules/mail.nix
@ -66,6 +66,7 @@ in {
        openFirewall = true;
        settings = {
          server = {
+            tracer.stdout.level = "trace";
            hostname = "fb04184.mathematik.tu-darmstadt.de"; # Because the DNS PTR of 130.83.2.184 is this and this should be used in SMTP EHLO.
            listener = {
              "smtp" = {
@ -240,7 +241,7 @@ in {
                private-key = "%{file:/run/secrets/dkim_rsa}%";
                domain = "${domain}";
                selector = "rsa-default";
-                headers = ["From" "To" "Cc" "Date" "Subject" "Message-ID" "Organization" "MIME-Version" "Content-Type" "In-Reply-To" "References" "List-Id" "User-Agent" "Thread-Topic" "Thread-Index"]; # default from https://stalw.art/docs/smtp/authentication/dkim/sign#signatures
+                headers = ["From" "To" "Cc" "Subject" "Date" "Message-ID" "Organization" "MIME-Version" "Content-Type" "In-Reply-To" "References" "List-Id" "Thread-Topic" "Thread-Index"]; # default from https://stalw.art/docs/smtp/authentication/dkim/sign#signatures except "User-Agent" which somehow breaks
                algorithm = "rsa-sha256";
                canonicalization = "relaxed/relaxed";
              };
@ -248,13 +249,13 @@ in {
                private-key = "%{file:/run/secrets/dkim_ed25519}%";
                domain = "${domain}";
                selector = "ed-default";
-                headers = ["From" "To" "Cc" "Date" "Subject" "Message-ID" "Organization" "MIME-Version" "Content-Type" "In-Reply-To" "References" "List-Id" "User-Agent" "Thread-Topic" "Thread-Index"];
+                headers = ["From" "To" "Cc" "Subject" "Date" "Message-ID" "Organization" "MIME-Version" "Content-Type" "In-Reply-To" "References" "List-Id" "Thread-Topic" "Thread-Index"]; # default from https://stalw.art/docs/smtp/authentication/dkim/sign#signatures except "User-Agent" which somehow breaks
                algorithm = "ed25519-sha256";
                canonicalization = "relaxed/relaxed";
              };
            };
          in
-            map signatureTemplate (["lists.mathebau.de"] ++ (map ({domain, ...}: domain) cfg.domains));
+            lib.attrsets.mergeAttrsList (map signatureTemplate (["lists.mathebau.de"] ++ (map ({domain, ...}: domain) cfg.domains)));

          authentication.fallback-admin = {
            user = "admin";