From cb92ffc878fcb417bd66b3b30ef1ff189a5aa44c Mon Sep 17 00:00:00 2001
From: ene <ene@sils.li>
Date: Fri, 7 Apr 2023 22:02:24 +0200
Subject: Fix(system/mail): Allow opening ports in the firewall

As the previous configuration only opened some ports, receiving mail was
impossible. This allows NSM to open the required ports directly,
ensuring that none was missed.

SECURITY:
As all other options than SSL are still disabled, this change should not
introduce unencrypted mail transfer.
This has not been tested.
---
 system/mail/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/mail')

diff --git a/system/mail/default.nix b/system/mail/default.nix
index d2fd55c..b1da088 100644
--- a/system/mail/default.nix
+++ b/system/mail/default.nix
@@ -42,7 +42,7 @@ in {
   # SMTP
   enableSubmission = false;
   enableSubmissionSsl = true;
-  openFirewall = false; # handled below
+  openFirewall = true;
 
   keyFile = "/var/lib/acme/server1.vhack.eu/key.pem";
   certificateScheme = 1;
-- 
cgit 1.4.1