about summary refs log tree commit diff
path: root/nixosConfigurations/manwe
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2023-11-05 18:10:26 +0300
committerAzat Bahawi <azat@bahawi.net>2023-11-05 18:10:26 +0300
commit647ea0667423ced895e4bcdd73a9401b1fe3ee69 (patch)
tree700db0911e1e2193bf07e8e756910378b4f8d4eb /nixosConfigurations/manwe
parent2023-11-04 (diff)
2023-11-05
Diffstat (limited to 'nixosConfigurations/manwe')
-rw-r--r--nixosConfigurations/manwe/mailserver/default.nix8
1 files changed, 8 insertions, 0 deletions
diff --git a/nixosConfigurations/manwe/mailserver/default.nix b/nixosConfigurations/manwe/mailserver/default.nix
index 4f58df7..88edf25 100644
--- a/nixosConfigurations/manwe/mailserver/default.nix
+++ b/nixosConfigurations/manwe/mailserver/default.nix
@@ -54,6 +54,14 @@ with lib; {
   in {
     enable = true;
 
+    # Disable potentially insecure[1] STARTTLS connections. SSL-only connections
+    # are still enabled by default.
+    #
+    # [1]: https://www.rfc-editor.org/rfc/rfc3207#section-6
+    enableImap = false;
+    enablePop3 = false;
+    enableSubmission = false;
+
     fqdn = config.networking.domain;
     domains = with my.domain; [azahi gondor rohan shire];
 

Consider giving Nix/NixOS a try! <3