diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml
index 37346948b289..b02d99438de0 100644
--- a/nixos/doc/manual/release-notes/rl-1909.xml
+++ b/nixos/doc/manual/release-notes/rl-1909.xml
@@ -506,6 +506,12 @@
been removed.
+
+
+ The rmilter package was removed with associated module and options due deprecation by upstream developer.
+ Use rspamd in proxy mode instead.
+
+
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 1047df95cdf5..ac741caa953b 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -251,7 +251,7 @@
gale = 223;
matrix-synapse = 224;
rspamd = 225;
- rmilter = 226;
+ # rmilter = 226; # unused, removed 2019-08-22
cfdyndns = 227;
gammu-smsd = 228;
pdnsd = 229;
@@ -559,7 +559,7 @@
gale = 223;
matrix-synapse = 224;
rspamd = 225;
- rmilter = 226;
+ # rmilter = 226; # unused, removed 2019-08-22
cfdyndns = 227;
pdnsd = 229;
octoprint = 230;
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 388f4788b59e..437a118bf679 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -387,7 +387,6 @@
./services/mail/spamassassin.nix
./services/mail/rspamd.nix
./services/mail/rss2email.nix
- ./services/mail/rmilter.nix
./services/mail/roundcube.nix
./services/mail/nullmailer.nix
./services/misc/airsonic.nix
diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index 65014b4beed4..348ad094e5ad 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -72,8 +72,8 @@ with lib;
# PAM
(mkRenamedOptionModule [ "security" "pam" "enableU2F" ] [ "security" "pam" "u2f" "enable" ])
- (mkRemovedOptionModule [ "services" "rmilter" "bindInetSockets" ] "Use services.rmilter.bindSocket.* instead")
- (mkRemovedOptionModule [ "services" "rmilter" "bindUnixSockets" ] "Use services.rmilter.bindSocket.* instead")
+ # rmilter/rspamd
+ (mkRemovedOptionModule [ "services" "rmilter" ] "Use services.rspamd.* instead to set up milter service")
# Xsession script
(mkRenamedOptionModule [ "services" "xserver" "displayManager" "job" "logsXsession" ] [ "services" "xserver" "displayManager" "job" "logToFile" ])
diff --git a/nixos/modules/services/mail/rmilter.nix b/nixos/modules/services/mail/rmilter.nix
deleted file mode 100644
index 466365b6b305..000000000000
--- a/nixos/modules/services/mail/rmilter.nix
+++ /dev/null
@@ -1,252 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
- rspamdCfg = config.services.rspamd;
- postfixCfg = config.services.postfix;
- cfg = config.services.rmilter;
-
- inetSocket = addr: port: "inet:${addr}:${toString port}";
- unixSocket = sock: "unix:${sock}";
-
- systemdSocket = if cfg.bindSocket.type == "unix" then cfg.bindSocket.path
- else "${cfg.bindSocket.address}:${toString cfg.bindSocket.port}";
- rmilterSocket = if cfg.bindSocket.type == "unix" then unixSocket cfg.bindSocket.path
- else inetSocket cfg.bindSocket.address cfg.bindSocket.port;
-
- rmilterConf = ''
- pidfile = /run/rmilter/rmilter.pid;
- bind_socket = ${if cfg.socketActivation then "fd:3" else rmilterSocket};
- tempdir = /tmp;
- '' + (with cfg.rspamd; if enable then ''
- spamd {
- servers = ${concatStringsSep ", " servers};
- connect_timeout = 1s;
- results_timeout = 20s;
- error_time = 10;
- dead_time = 300;
- maxerrors = 10;
- reject_message = "${rejectMessage}";
- ${optionalString (length whitelist != 0) "whitelist = ${concatStringsSep ", " whitelist};"}
-
- # rspamd_metric - metric for using with rspamd
- # Default: "default"
- rspamd_metric = "default";
- ${extraConfig}
- };
- '' else "") + cfg.extraConfig;
-
- rmilterConfigFile = pkgs.writeText "rmilter.conf" rmilterConf;
-
-in
-
-{
-
- ###### interface
-
- options = {
-
- services.rmilter = {
-
- enable = mkOption {
- type = types.bool;
- default = false;
- description = "Whether to run the rmilter daemon.";
- };
-
- debug = mkOption {
- type = types.bool;
- default = false;
- description = "Whether to run the rmilter daemon in debug mode.";
- };
-
- user = mkOption {
- type = types.string;
- default = "rmilter";
- description = ''
- User to use when no root privileges are required.
- '';
- };
-
- group = mkOption {
- type = types.string;
- default = "rmilter";
- description = ''
- Group to use when no root privileges are required.
- '';
- };
-
- bindSocket.type = mkOption {
- type = types.enum [ "unix" "inet" ];
- default = "unix";
- description = ''
- What kind of socket rmilter should listen on. Either "unix"
- for an Unix domain socket or "inet" for a TCP socket.
- '';
- };
-
- bindSocket.path = mkOption {
- type = types.str;
- default = "/run/rmilter.sock";
- description = ''
- Path to Unix domain socket to listen on.
- '';
- };
-
- bindSocket.address = mkOption {
- type = types.str;
- default = "[::1]";
- example = "0.0.0.0";
- description = ''
- Inet address to listen on.
- '';
- };
-
- bindSocket.port = mkOption {
- type = types.int;
- default = 11990;
- description = ''
- Inet port to listen on.
- '';
- };
-
- socketActivation = mkOption {
- type = types.bool;
- default = true;
- description = ''
- Enable systemd socket activation for rmilter.
-
- Disabling socket activation is not recommended when a Unix
- domain socket is used and could lead to incorrect
- permissions.
- '';
- };
-
- rspamd = {
- enable = mkOption {
- type = types.bool;
- default = rspamdCfg.enable;
- description = "Whether to use rspamd to filter mails";
- };
-
- servers = mkOption {
- type = types.listOf types.str;
- default = ["r:/run/rspamd/rspamd.sock"];
- description = ''
- Spamd socket definitions.
- Is server name is prefixed with r: it is rspamd server.
- '';
- };
-
- whitelist = mkOption {
- type = types.listOf types.str;
- default = [ ];
- description = "list of ips or nets that should be not checked with spamd";
- };
-
- rejectMessage = mkOption {
- type = types.str;
- default = "Spam message rejected; If this is not spam contact abuse";
- description = "reject message for spam";
- };
-
- extraConfig = mkOption {
- type = types.lines;
- default = "";
- description = "Custom snippet to append to end of `spamd' section";
- };
- };
-
- extraConfig = mkOption {
- type = types.lines;
- default = "";
- description = "Custom snippet to append to rmilter config";
- };
-
- postfix = {
- enable = mkOption {
- type = types.bool;
- default = false;
- description = "Add rmilter to postfix main.conf";
- };
-
- configFragment = mkOption {
- type = types.str;
- description = "Addon to postfix configuration";
- default = ''
- smtpd_milters = ${rmilterSocket}
- milter_protocol = 6
- milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
- '';
- };
- };
-
- };
-
- };
-
-
- ###### implementation
-
- config = mkMerge [
-
- (mkIf cfg.enable {
- warnings = [
- ''`config.services.rmilter' is deprecated, `rmilter' deprecated and unsupported by upstream, and will be removed from next releases. Use built-in rspamd milter instead.''
- ];
-
- users.users = singleton {
- name = cfg.user;
- description = "rmilter daemon";
- uid = config.ids.uids.rmilter;
- group = cfg.group;
- };
-
- users.groups = singleton {
- name = cfg.group;
- gid = config.ids.gids.rmilter;
- };
-
- systemd.services.rmilter = {
- description = "Rmilter Service";
-
- wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
-
- serviceConfig = {
- ExecStart = "${pkgs.rmilter}/bin/rmilter ${optionalString cfg.debug "-d"} -n -c ${rmilterConfigFile}";
- ExecReload = "${pkgs.coreutils}/bin/kill -USR1 $MAINPID";
- User = cfg.user;
- Group = cfg.group;
- PermissionsStartOnly = true;
- Restart = "always";
- RuntimeDirectory = "rmilter";
- RuntimeDirectoryMode = "0750";
- };
-
- };
-
- systemd.sockets.rmilter = mkIf cfg.socketActivation {
- description = "Rmilter service socket";
- wantedBy = [ "sockets.target" ];
- socketConfig = {
- ListenStream = systemdSocket;
- SocketUser = cfg.user;
- SocketGroup = cfg.group;
- SocketMode = "0660";
- };
- };
- })
-
- (mkIf (cfg.enable && cfg.rspamd.enable && rspamdCfg.enable) {
- users.users.${cfg.user}.extraGroups = [ rspamdCfg.group ];
- })
-
- (mkIf (cfg.enable && cfg.postfix.enable) {
- services.postfix.extraConfig = cfg.postfix.configFragment;
- users.users.${postfixCfg.user}.extraGroups = [ cfg.group ];
- })
- ];
-}
diff --git a/pkgs/servers/mail/rmilter/default.nix b/pkgs/servers/mail/rmilter/default.nix
deleted file mode 100644
index 739270326e5b..000000000000
--- a/pkgs/servers/mail/rmilter/default.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ stdenv, fetchFromGitHub, cmake, bison, flex, pkgconfig, openssl, pcre
-, libmilter, opendkim, libmemcached, glib }:
-
-let patchedLibmilter = stdenv.lib.overrideDerivation libmilter (_ : {
- patches = libmilter.patches ++ [ ./fd-passing-libmilter.patch ];
-});
-in
-
-stdenv.mkDerivation rec {
- name = "rmilter-${version}";
- version = "1.10.0";
-
- src = fetchFromGitHub {
- owner = "vstakhov";
- repo = "rmilter";
- rev = version;
- sha256 = "1gbp6jah88l6xqgflim01ycyp63l733bgir65fxnnrmifj1qzymh";
- };
-
- nativeBuildInputs = [ bison cmake flex pkgconfig ];
- buildInputs = [ libmemcached patchedLibmilter openssl pcre opendkim glib ];
-
- meta = with stdenv.lib; {
- homepage = https://github.com/vstakhov/rmilter;
- license = licenses.asl20;
- description = ''
- Daemon to integrate rspamd and milter compatible MTA, for example
- postfix or sendmail
- '';
- maintainers = with maintainers; [ avnik fpletz ];
- platforms = with platforms; linux;
- };
-}
diff --git a/pkgs/servers/mail/rmilter/fd-passing-libmilter.patch b/pkgs/servers/mail/rmilter/fd-passing-libmilter.patch
deleted file mode 100644
index 3ab61a6fab00..000000000000
--- a/pkgs/servers/mail/rmilter/fd-passing-libmilter.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-Description: systemd-like socket activation support for libmilter
-Author: Mikhail Gusarov {unix|local}:/path/to/file
-- A named pipe.
- inet:port@{hostname|ip-address}
-- An IPV4 socket.
- inet6:port@{hostname|ip-address}
-- An IPV6 socket.
-+ fd:number
-- Pre-opened file descriptor.
-
-
-
-diff --git a/libmilter/listener.c b/libmilter/listener.c
-index 48c552f..2249a1f 100644
---- a/libmilter/listener.c
-+++ b/libmilter/listener.c
-@@ -197,6 +197,11 @@ mi_milteropen(conn, backlog, rmsocket, name)
- L_socksize = sizeof addr.sin6;
- }
- #endif /* NETINET6 */
-+ else if (strcasecmp(p, "fd") == 0)
-+ {
-+ addr.sa.sa_family = AF_UNSPEC;
-+ L_socksize = sizeof (_SOCK_ADDR);
-+ }
- else
- {
- smi_log(SMI_LOG_ERR, "%s: unknown socket type %s",
-@@ -443,7 +448,21 @@ mi_milteropen(conn, backlog, rmsocket, name)
- }
- #endif /* NETINET || NETINET6 */
-
-- sock = socket(addr.sa.sa_family, SOCK_STREAM, 0);
-+ if (addr.sa.sa_family == AF_UNSPEC)
-+ {
-+ char *end;
-+ sock = strtol(colon, &end, 10);
-+ if (*end != '\0' || sock < 0)
-+ {
-+ smi_log(SMI_LOG_ERR, "%s: expected positive integer as fd, got %s", name, colon);
-+ return INVALID_SOCKET;
-+ }
-+ }
-+ else
-+ {
-+ sock = socket(addr.sa.sa_family, SOCK_STREAM, 0);
-+ }
-+
- if (!ValidSocket(sock))
- {
- smi_log(SMI_LOG_ERR,
-@@ -466,6 +485,7 @@ mi_milteropen(conn, backlog, rmsocket, name)
- #if NETUNIX
- addr.sa.sa_family != AF_UNIX &&
- #endif /* NETUNIX */
-+ addr.sa.sa_family != AF_UNSPEC &&
- setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt,
- sizeof(sockopt)) == -1)
- {
-@@ -511,7 +531,8 @@ mi_milteropen(conn, backlog, rmsocket, name)
- }
- #endif /* NETUNIX */
-
-- if (bind(sock, &addr.sa, L_socksize) < 0)
-+ if (addr.sa.sa_family != AF_UNSPEC &&
-+ bind(sock, &addr.sa, L_socksize) < 0)
- {
- smi_log(SMI_LOG_ERR,
- "%s: Unable to bind to port %s: %s",
-@@ -817,7 +838,7 @@ mi_listener(conn, dbg, smfi, timeout, backlog)
- # ifdef BSD4_4_SOCKADDR
- cliaddr.sa.sa_len == 0 ||
- # endif /* BSD4_4_SOCKADDR */
-- cliaddr.sa.sa_family != L_family))
-+ (L_family != AF_UNSPEC && cliaddr.sa.sa_family != L_family)))
- {
- (void) closesocket(connfd);
- connfd = INVALID_SOCKET;
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 5ec34dab22b1..87f41f088c74 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -14793,8 +14793,6 @@ in
postsrsd = callPackage ../servers/mail/postsrsd { };
- rmilter = callPackage ../servers/mail/rmilter { };
-
rspamd = callPackage ../servers/mail/rspamd { };
pfixtools = callPackage ../servers/mail/postfix/pfixtools.nix {