Maddy: Difference between revisions

(4 intermediate revisions by 4 users not shown)

Line 124:

=== MTA-STS ===

MTA-STS enforces secure TLS configuration for servers which support this standard. We already advertised this feature in the DNS records above, but we also have to serve a static configuration file using a web server. We use the web server [[Caddy]] to do this but of course you can ~~[[Category:Web_Servers use others~~ too]].

MTA-STS enforces secure TLS configuration for servers which support this standard. We already advertised this feature in the DNS records above, but we also have to serve a static configuration file using a web server. We use the web server [[Caddy]] to do this but of course you can other Web Servers too.

{{file|/etc/nixos/configuration.nix|nix|<nowiki>

Line 154:

# nix shell nixpkgs#hash-slinger --command tlsa --~~create --selector 1~~ --protocol tcp ~~-p 25 --create~~ mx1.example.org

# nix shell nixpkgs#hash-slinger --command tlsa --port=25 --protocol=tcp mx1.example.org

</syntaxhighlight>

Add the key to a new TLSA record in your nameserver

Or you can generate it directly from the TLS-certificate that you are using with maddy:<syntaxhighlight lang="console">

# openssl x509 -in cert.pem -pubkey -noout | openssl ec -pubin -outform der | sha256sum

</syntaxhighlight>Add the key to a new TLSA record in your nameserver

{{file|/etc/nixos/configuration.nix|nix|<nowiki>

Line 348:

Line 350:

== See also ==

* [https://maddy.email Maddy homepage and documentation]

* [[Stalwart]], an open-source, all-in-one mail server solution that supports JMAP, IMAP4, and SMTP protocols

* [https://nixos-mailserver.readthedocs.io/en/latest Simple NixOS Mailserver]

* [[Imapsync]], useful tool to migrate mailboxes to a new server

[[Category:Mail Server]]

[[Category:Server]]

@@ Line 124: / Line 124: @@
 === MTA-STS ===
-MTA-STS enforces secure TLS configuration for servers which support this standard. We already advertised this feature in the DNS records above, but we also have to serve a static configuration file using a web server. We use the web server [[Caddy]] to do this but of course you can [[Category:Web_Servers use others too]].
+MTA-STS enforces secure TLS configuration for servers which support this standard. We already advertised this feature in the DNS records above, but we also have to serve a static configuration file using a web server. We use the web server [[Caddy]] to do this but of course you can other Web Servers too.
 {{file|/etc/nixos/configuration.nix|nix|<nowiki>
@@ Line 154: / Line 154: @@
 <syntaxhighlight lang="console">
-# nix shell nixpkgs#hash-slinger --command tlsa  --create --selector 1 --protocol tcp -p 25 --create mx1.example.org
+# nix shell nixpkgs#hash-slinger --command tlsa --port=25 --protocol=tcp mx1.example.org
 </syntaxhighlight>
-Add the key to a new TLSA record in your nameserver
+Or you can generate it directly from the TLS-certificate that you are using with maddy:<syntaxhighlight lang="console">
+# openssl x509 -in cert.pem -pubkey -noout | openssl ec -pubin -outform der | sha256sum
+</syntaxhighlight>Add the key to a new TLSA record in your nameserver
 {{file|/etc/nixos/configuration.nix|nix|<nowiki>
@@ Line 348: / Line 350: @@
 == See also ==
 * [https://maddy.email Maddy homepage and documentation]
+* [[Stalwart]], an open-source, all-in-one mail server solution that supports JMAP, IMAP4, and SMTP protocols
+* [https://nixos-mailserver.readthedocs.io/en/latest Simple NixOS Mailserver]
 * [[Imapsync]], useful tool to migrate mailboxes to a new server
 [[Category:Mail Server]]
+[[Category:Server]]