infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-07-12 13:04:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

for external domains (for which we only accept external dmarc reports), don't try to fetch tls certificates at startup for autoconfig host

Browse Source
This commit is contained in:
Mechiel Lukkien
2023-11-14 00:26:18 +01:00
parent 651fa68067
commit 51e314f65a
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
mox-/config.go
View File

@ -251,6 +251,12 @@ func (c *Config) allowACMEHosts(checkACMEHosts bool) {
}
for _, dom := range c.Dynamic.Domains {
if dom.DMARC != nil && dom.DMARC.Domain != "" && dom.DMARC.DNSDomain != dom.Domain {
// Do not allow TLS certificates for domains for which we only accept DMARC reports
// as external party.
continue
}
if l.AutoconfigHTTPS.Enabled && !l.AutoconfigHTTPS.NonTLS {
if d, err := dns.ParseDomain("autoconfig." + dom.Domain.ASCII); err != nil {
xlog.Errorx("parsing autoconfig domain", err, mlog.Field("domain", dom.Domain))