Hi I’m trying to configure a mail server on my nixos machine, since I want to keep it simple, I’ve been using the simple mailserver configured as specified, in fact I’m not getting any kind of error.
But as stated as in the title the smtp and smtps ports are not opening even if I also tried to set them directly in the configuration file (the imaps port is working fine thou).
This is the mail server config:
{ config, pkgs, lib, ... }: {
imports = [
(builtins.fetchTarball {
# Pick a release version you are interested in and set its hash, e.g.
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-24.11/nixos-mailserver-nixos-24.11.tar.gz";
# To get the sha256 of the nixos-mailserver tarball, we can use the nix-prefetch-url command:
# release="nixos-24.11"; nix-prefetch-url "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz" --unpack
sha256 = "05k4nj2cqz1c5zgqa0c6b8sp3807ps385qca74fgs6cdc415y3qw";
})
];
services.roundcube = {
enable = true;
# this is the url of the vhost, not necessarily the same as the fqdn of
# the mailserver
hostName = "mail.domain.xyz";
extraConfig = ''
# starttls needed for authentication, so the fqdn required to match
# the certificate
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
mailserver = {
enable = true;
openFirewall = true;
enableImap = false;
enableImapSsl = true;
enableSubmission = false;
enableSubmissionSsl = true;
fqdn = "mail.domain.xyz";
sendingFqdn = "mail.domain.xyz";
domains = [ "domain.xyz" ];
# A list of all login accounts. To create the password hashes, use
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
loginAccounts = {
# "user" = {
# hashedPasswordFile = "/.passwd/user";
# };
"user@domain.xyz" = {
hashedPasswordFile = "/.passwd/user";
aliases = ["admin@domain.xyz" "root@domain.xyz"];
};
"test@domain.xyz" = {
hashedPasswordFile = "/.passwd/user";
};
};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80.
certificateScheme = "acme-nginx";
};
security.acme = {
acceptTerms = true;
defaults.email = "personalemail@mail.com";
};
networking.firewall.allowedTCPPorts = [
465
587
993
];
}
And this is the nmap output from the local interface of the server:
PORT STATE SERVICE
22/tcp open ssh
25/tcp closed smtp
80/tcp open http
443/tcp open https
465/tcp closed smtps
587/tcp closed submission
993/tcp open imaps
I’ve been losing my mind on this for too much time, so any kind of help is appreciated.
If I need to share more details to solve the problem, I’m ready to do it.
Thanks in advance to anyone who’ll stop by to help.