Martin Weinelt fac7efe946 postfix: Support opportunistic DANE TLS ... This migrates the security level for outgoing SMTP connections to dane[1]. Either a server is configured for DANE or it now uses mandatory unauthenticated TLS. If DANE validation fails, the delivery will be tempfailed. If DANE is invalid or unusable the connection will fall back to unauthenticated mandatory TLS This has been the default in various mail distributions: - Mailcow since December 2016[2] - mailinabox since July 2014[3] [1] https://www.postfix.org/TLS_README.html#client_tls_dane [2] 47a5166383 [3] e713af5f5a		2025-05-07 02:23:32 +02:00
..
dovecot	Remove use of the deprecated string type	2019-09-22 13:32:37 +00:00
assertions.nix	assertions: Allow mailserver.forwards with LDAP set up	2025-05-06 05:32:45 +02:00
borgbackup.nix	fix conditions for enabling services	2018-05-22 23:18:55 +02:00
clamav.nix	Remove non longer supported configurations (<21.05)	2021-07-24 09:57:44 +02:00
common.nix	remove new line character if use agenix	2024-12-16 17:07:10 +00:00
dovecot.nix	mail-server/dovecot: check if quota is non-null instead of string	2025-05-06 02:27:36 +00:00
environment.nix	Use rspamd for DKIM signing, drop OpenDKIM	2025-05-06 01:05:10 +02:00
kresd.nix	kresd: no need to explicitly set nameserver	2021-06-03 05:58:42 +00:00
monit.nix	fix conditions for enabling services	2018-05-22 23:18:55 +02:00
networking.nix	Allow using existing ACME certificates	2023-05-24 21:10:02 +00:00
nginx.nix	acme: Add new option acmeCertificateName	2024-05-31 09:53:32 +01:00
postfix.nix	postfix: Support opportunistic DANE TLS	2025-05-07 02:23:32 +02:00
rsnapshot.nix	fix conditions for enabling services	2018-05-22 23:18:55 +02:00
rspamd.nix	Use rspamd for DKIM signing, drop OpenDKIM	2025-05-06 01:05:10 +02:00
systemd.nix	Use rspamd for DKIM signing, drop OpenDKIM	2025-05-06 01:05:10 +02:00
users.nix	Use umask for race-free permission setting	2023-07-17 18:22:16 +02:00