{pkgs, ...}: let
  lib = pkgs.lib;
in rec {
  waitForRspamd = node: let
    inherit (import ../../mailsystem/common.nix {inherit (node) config pkgs;}) rspamdProxySocket;
  in "set +e; timeout 1 ${node.nixpkgs.pkgs.netcat}/bin/nc -U ${rspamdProxySocket} < /dev/null; [ $? -eq 124 ]";

  mkHashedPasswordFile = password:
    pkgs.runCommand "mk-password-hash-${password}" {
      buildInputs = [pkgs.mkpasswd];
      inherit password;
    } ''
      echo "$password" | mkpasswd -sm bcrypt > $out
    '';

  mkAccounts = accounts:
    lib.concatMapAttrs (_: account: {
      ${account.address} =
        {
          hashedPasswordFile = "${mkHashedPasswordFile account.password}";
        }
        // builtins.removeAttrs account ["address" "password"];
    })
    accounts;

  mkSendMail = smtpSettings: accounts: accountName: fromAddr: recipient: body: let
    account = accounts.${accountName};
    senderAddr =
      if fromAddr == ""
      then account.address
      else fromAddr;
    msmtprc = pkgs.writeText "msmtprc" ''
      account        default
      auth           on
      tls            on
      tls_starttls   off
      tls_certcheck  off
      host           ${smtpSettings.address}
      port           ${toString smtpSettings.port}
      from           ${senderAddr}
      user           ${account.address}
      password       ${account.password}
    '';
    mail = pkgs.writeText "mail-${account.address}-${recipient}" ''
      From: <${account.address}>
      To: <${recipient}>
      ${body}
    '';
  in "${pkgs.msmtp}/bin/msmtp -C ${msmtprc} ${recipient} < ${mail} >&2";

  pendingPostqueue = "[ \"$(postqueue -p)\" != \"Mail queue is empty\" ]";
  cleanupMail = "rm $HOME/mail/*";

  # mkRecvMail requires procmail to be setup correctly. This is ensured by
  # importing ./server.nix
  mkRecvMail = imapAddr: accounts: accountName: let
    mkFetchmailRcScript = imapAddr: account:
      pkgs.writeScript "mk-fetchmailrc-${account.address}" ''
        umask 077
        readonly out=$(mktemp)
        cat <<EOF > "$out"
          poll ${imapAddr} with proto IMAP
          user '${account.address}' there with password '${account.password}' is 'root' here
          mda procmail
        EOF
        echo $out
      '';
    fetchmailrc = mkFetchmailRcScript imapAddr accounts.${accountName};
  in "${pkgs.fetchmail}/bin/fetchmail -f $(${fetchmailrc}) --ssl --nosslcertck -v";

  checkLogs = node: ''
    ${node}.fail("journalctl -u postfix | grep -i error >&2")
    ${node}.fail("journalctl -u postfix | grep -i warning >&2")
    ${node}.fail("journalctl -u dovecot2 | grep -i error >&2")
    ${node}.fail("journalctl -u dovecot2 | grep -i warning >&2")
  '';
}