diff options
| author | Alyssa Ross <hi@alyssa.is> | 2023-12-25 21:04:58 +0100 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2023-12-25 21:04:58 +0100 |
| commit | dd691ab6c1fabf1a4915cfe397a5b173e10f77af (patch) | |
| tree | 600ed57c2038f563676140dd91dd380482b4edbd /modules | |
| parent | 6acf696944a55960f00d257553c0de74db90d6ff (diff) | |
| download | nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.tar nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.tar.gz nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.tar.bz2 nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.tar.lz nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.tar.xz nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.tar.zst nixlib-dd691ab6c1fabf1a4915cfe397a5b173e10f77af.zip | |
modules/server/postfix: forbid bare newline
Fixes: CVE-2023-51764
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/server/spectrum/postfix/default.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/server/spectrum/postfix/default.nix b/modules/server/spectrum/postfix/default.nix index 16c2acf95269..978cb47726e6 100644 --- a/modules/server/spectrum/postfix/default.nix +++ b/modules/server/spectrum/postfix/default.nix @@ -5,6 +5,7 @@ services.postfix.enableSubmission = true; services.postfix.hostname = "atuin.qyliss.net"; services.postfix.config.smtp_tls_loglevel = "1"; + services.postfix.config.smtpd_forbid_bare_newline = true; services.postfix.config.disable_mime_output_conversion = true; services.postfix.sslCert = "/var/lib/acme/spectrum-os.org/fullchain.pem"; services.postfix.sslKey = "/var/lib/acme/spectrum-os.org/key.pem"; |