raven/base/opensmtpd/opensmtpd.service

[Unit]
Description=OpenSMTPD mail daemon
After=syslog.target network.target
Conflicts=sendmail.service postfix.service exim.service

[Service]
Type=forking
ExecStart=/usr/sbin/smtpd
ProtectSystem=strict
ProtectHome=read-only
PrivateTmp=true
PrivateDevices=true
CapabilityBoundingSet=CAP_SYS_CHROOT CAP_NET_BIND_SERVICE CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER
ReadWritePaths=/var/spool/mail /var/spool/smtpd /var/run /run
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
RestrictRealtime=true
MemoryDenyWriteExecute=true
SystemCallArchitectures=native
KeyringMode=private

[Install]
WantedBy=multi-user.target
initial commit 2024-02-21 13:47:54 +06:00			`[Unit]`
			`Description=OpenSMTPD mail daemon`
			`After=syslog.target network.target`
			`Conflicts=sendmail.service postfix.service exim.service`

			`[Service]`
			`Type=forking`
			`ExecStart=/usr/sbin/smtpd`
			`ProtectSystem=strict`
			`ProtectHome=read-only`
			`PrivateTmp=true`
			`PrivateDevices=true`
			`CapabilityBoundingSet=CAP_SYS_CHROOT CAP_NET_BIND_SERVICE CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER`
			`ReadWritePaths=/var/spool/mail /var/spool/smtpd /var/run /run`
			`ProtectKernelTunables=true`
			`ProtectKernelModules=true`
			`ProtectControlGroups=true`
			`RestrictRealtime=true`
			`MemoryDenyWriteExecute=true`
			`SystemCallArchitectures=native`
			`KeyringMode=private`

			`[Install]`
			`WantedBy=multi-user.target`