diff options
Diffstat (limited to 'sys/mta')
| -rw-r--r-- | sys/mta/default.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/mta/default.nix b/sys/mta/default.nix index 64e08f3..7a10146 100644 --- a/sys/mta/default.nix +++ b/sys/mta/default.nix @@ -161,6 +161,10 @@ in # Nota: smtpd_tls_dh1024_param_file fue deprecado en 3.9 tls_append_default_CA = false; # CrÃtico + + # https://linux-audit.com/postfix-hardening-guide-for-security-and-privacy/ + smtpd_helo_required = true; + disable_vrfy_command = true; } // optionalAttrs isPrimary { virtual_alias_maps = mkAfter [ "pcre:/etc/postfix/virtual_rules" ]; virtual_mailbox_domains = attrNames virtualDomains; |