summaryrefslogtreecommitdiff
path: root/sys/mta/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'sys/mta/default.nix')
-rw-r--r--sys/mta/default.nix4
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/mta/default.nix b/sys/mta/default.nix
index 64e08f3..7a10146 100644
--- a/sys/mta/default.nix
+++ b/sys/mta/default.nix
@@ -161,6 +161,10 @@ in
# Nota: smtpd_tls_dh1024_param_file fue deprecado en 3.9
tls_append_default_CA = false; # Crítico
+
+ # https://linux-audit.com/postfix-hardening-guide-for-security-and-privacy/
+ smtpd_helo_required = true;
+ disable_vrfy_command = true;
} // optionalAttrs isPrimary {
virtual_alias_maps = mkAfter [ "pcre:/etc/postfix/virtual_rules" ];
virtual_mailbox_domains = attrNames virtualDomains;
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-10 14:24:51 +0000