nixcfg/systems/x86_64-linux/mx/rspamd.nix

{ pkgs, lib, ... }:
let
  domains = ''
    epicgames.com
    dmail.ai
    twitter.com
    x.com
    gmx.de
    chess.com
  '';
in
{
  services.rspamd.workers.controller.bindSockets = [{
    socket = "/run/rspamd/worker-controller.sock";
    mode = "0660";
  }];
  services.rspamd.locals = {
    "settings.conf".text = ''
      bogenschiessen {
        from = "bogensport-jugend@gmx.de";
        apply {
          actions {
            reject = 100.0;
            greylist = null; # Disable greylisting (from 1.8.1)
            "add header" = 100.0; # Please note the space, NOT an underscore
          }
        }
      }
    '';
    "maps.d/spf_whitelist.inc.local".text = domains;
    "maps.d/spf_dkim_whitelist.inc.local".text = domains;
    "maps.d/dmarc_whitelist.inc.local".text = domains;
    "greylist-whitelist-domains.inc".text = domains;
  };
  services.rspamd.extraConfig = ''
    actions {
      reject = null;
      greylist = 4; # Apply greylisting when reaching this score
      add_header = 4; # Add header when reaching this score
    }
  '';
}