Mercurial > dovecot > original-hg > dovecot-1.2
annotate dovecot-example.conf @ 1465:03dd87873a81 HEAD
Added support for dynamically loadable imap/pop3 modules.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Wed, 14 May 2003 21:23:04 +0300 |
parents | c27c6089e933 |
children | e7c627bacaaf |
rev | line source |
---|---|
0 | 1 ## Dovecot 1.0 configuration file |
2 | |
3 # Default values are shown after each value, it's not required to uncomment | |
435 | 4 # any of the lines. Exception to this are paths, they're just examples |
5 # with real defaults being based on configure options. The paths listed here | |
6 # are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var | |
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
7 # --with-ssldir=/etc/ssl |
0 | 8 |
872
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
9 # Base directory where to store runtime data. |
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
10 #base_dir = /var/run/dovecot/ |
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
11 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
12 # Protocols we want to be serving: |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
13 # imap imaps pop3 pop3s |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
14 #protocols = imap imaps |
0 | 15 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
16 # IP or host address where to listen in for connections. It's not currently |
780
1cc947617c8b
imap_listen and imaps_listen accepts now "*" as "all IPv4 interfaces" and
Timo Sirainen <tss@iki.fi>
parents:
779
diff
changeset
|
17 # possible to specify multiple addresses. "*" listens in all IPv4 interfaces. |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
18 # "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
19 # interfaces depending on the operating system. You can specify ports with |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
20 # "host:port". |
780
1cc947617c8b
imap_listen and imaps_listen accepts now "*" as "all IPv4 interfaces" and
Timo Sirainen <tss@iki.fi>
parents:
779
diff
changeset
|
21 #imap_listen = * |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
22 #pop3_listen = * |
0 | 23 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
24 # IP or host address where to listen in for SSL connections. Defaults |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
25 # to above non-SSL equilevants if not specified. |
0 | 26 #imaps_listen = |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
27 #pop3s_listen = |
0 | 28 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
29 # Disable SSL/TLS support. |
666 | 30 #ssl_disable = no |
31 | |
519 | 32 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before |
518
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
33 # dropping root privileges, so keep the key file unreadable by anyone but |
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
34 # root. Included doc/mkcert.sh can be used to easily generate self-signed |
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
35 # certificate, just make sure to update the domains in dovecot-openssl.cnf |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
36 #ssl_cert_file = /etc/ssl/certs/dovecot.pem |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
37 #ssl_key_file = /etc/ssl/private/dovecot.pem |
0 | 38 |
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
39 # SSL parameter file. Master process generates this file for login processes. |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
40 # It contains Diffie Hellman and RSA parameters. |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
41 #ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
42 |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
43 # How often to regenerate the SSL parameters file. Generation is quite CPU |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
44 # intensive operation. The value is in hours, 0 disables regeneration |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
45 # entirely. |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
46 #ssl_parameters_regenerate = 24 |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
47 |
0 | 48 # Disable LOGIN command and all other plaintext authentications unless |
49 # SSL/TLS is used (LOGINDISABLED capability) | |
50 #disable_plaintext_auth = no | |
51 | |
1124
5e9430a39611
/dev/stderr works now in log paths.
Timo Sirainen <tss@iki.fi>
parents:
1113
diff
changeset
|
52 # Use this logfile instead of syslog(). /dev/stderr can be used if you want to |
5e9430a39611
/dev/stderr works now in log paths.
Timo Sirainen <tss@iki.fi>
parents:
1113
diff
changeset
|
53 # use stderr for logging (ONLY /dev/stderr - otherwise it is closed). |
35
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
54 #log_path = |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
55 |
811
664de3231e33
Added info_log_file setting and i_info() function to write to it. Default is
Timo Sirainen <tss@iki.fi>
parents:
788
diff
changeset
|
56 # For informational messages, use this logfile instead of the default |
664de3231e33
Added info_log_file setting and i_info() function to write to it. Default is
Timo Sirainen <tss@iki.fi>
parents:
788
diff
changeset
|
57 #info_log_path = |
664de3231e33
Added info_log_file setting and i_info() function to write to it. Default is
Timo Sirainen <tss@iki.fi>
parents:
788
diff
changeset
|
58 |
35
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
59 # Prefix for each line written to log file. % codes are in strftime(3) |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
60 # format. Note the extra space at the end of line. |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
61 #log_timestamp = %b %d %H:%M:%S |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
62 |
0 | 63 ## |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
64 ## Login processes |
0 | 65 ## |
66 | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
67 # Directory where authentication process places authentication UNIX sockets |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
68 # which login needs to be able to connect to. The sockets are created when |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
69 # running as root, so you don't have to worry about permissions. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
70 #login_dir = /var/run/dovecot/login |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
71 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
72 # chroot login process to the login_dir. Only reason not to do this is if you |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
73 # wish to run the whole Dovecot without roots. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
74 #login_chroot = yes |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
75 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
76 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
77 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
78 ## IMAP login process |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
79 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
80 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
81 login = imap |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
82 |
1040
299f59fb9ff4
Authentication named socket permissions were insecure, an exploited login
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
83 # Executable location. |
661
b88b5488bcfd
updated lib paths to libexec ones
Timo Sirainen <tss@iki.fi>
parents:
657
diff
changeset
|
84 #login_executable = /usr/libexec/dovecot/imap-login |
0 | 85 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
86 # User to use for the login process. The user must belong to a group where |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
87 # only it has access, it's used to control access for authentication process |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
88 # named sockets. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
89 #login_user = dovecot |
0 | 90 |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
91 # Set max. process size in megabytes. If you don't use |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
92 # login_process_per_connection you might need to grow this. |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
93 #login_process_size = 16 |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
94 |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
95 # Should each login be processed in it's own process (yes), or should one |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
96 # login process be allowed to process multiple connections (no)? Yes is more |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
97 # secure, espcially with SSL/TLS enabled. No is faster since there's no need |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
98 # to create processes all the time. |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
99 #login_process_per_connection = yes |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
100 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
101 # Number of login processes to create. If login_process_per_user is |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
102 # yes, this is the number of extra processes waiting for users to log in. |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
103 #login_processes_count = 3 |
0 | 104 |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
105 # Maximum number of extra login processes to create. The extra process count |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
106 # usually stays at login_processes_count, but when multiple users start logging |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
107 # in at the same time more extra processes are created. To prevent fork-bombing |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
108 # we check only once in a second if new processes should be created - if all |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
109 # of them are used at the time, we double their amount until limit set by this |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
110 # setting is reached. This setting is used only if login_process_per_use is yes. |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
111 #login_max_processes_count = 128 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
112 |
0 | 113 # Maximum number of connections allowed in login state. When this limit is |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
114 # reached, the oldest connections are dropped. If login_process_per_user |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
115 # is no, this is a per-process value, so the absolute maximum number of users |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
116 # logging in actually login_processes_count * max_logging_users. |
0 | 117 #max_logging_users = 256 |
118 | |
119 ## | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
120 ## POP3 login process |
0 | 121 ## |
122 | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
123 # Settings default to same as above, so you don't have to set anything |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
124 # unless you want to override them. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
125 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
126 login = pop3 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
127 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
128 # Exception to above rule being the executable location. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
129 #login_executable = /usr/libexec/dovecot/pop3-login |
0 | 130 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
131 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
132 ## Mail processes |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
133 ## |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
134 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
135 # Maximum number of running mail processes. When this limit is reached, |
0 | 136 # new users aren't allowed to log in. |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
137 #max_mail_processes = 1024 |
0 | 138 |
596
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
139 # Show more verbose process titles (in ps). Currently shows user name and |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
140 # IP address. Useful for seeing who are actually using the IMAP processes |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
141 # (eg. shared mailboxes or if same uid is used for multiple accounts). |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
142 #verbose_proctitle = no |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
143 |
1236 | 144 # Show protocol level SSL errors. |
145 #verbose_ssl = no | |
146 | |
1295
cc9b61b9959e
updated first_valid_uid comment
Timo Sirainen <tss@iki.fi>
parents:
1283
diff
changeset
|
147 # Valid UID/GID ranges for users, defaults to 500 and above. This is mostly |
cc9b61b9959e
updated first_valid_uid comment
Timo Sirainen <tss@iki.fi>
parents:
1283
diff
changeset
|
148 # to make sure that users can't log in as daemons or other system users. |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
149 # Note that denying root logins is hardcoded to dovecot-master binary and |
0 | 150 # can't be done even if first_valid_uid is set to 0. |
151 #first_valid_uid = 500 | |
152 #last_valid_uid = 0 | |
153 | |
154 #first_valid_gid = 1 | |
155 #last_valid_gid = 0 | |
156 | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
157 # ':' separated list of directories under which chrooting is allowed for mail |
0 | 158 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). |
978 | 159 # This setting doesn't affect login_chroot or auth_chroot variables. |
0 | 160 # WARNING: Never add directories here which local users can modify, that |
161 # may lead to root exploit. Usually this should be done only if you don't | |
979 | 162 # allow shell access for users. See doc/configuration.txt for more information. |
0 | 163 #valid_chroot_dirs = |
164 | |
779
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
165 # Default MAIL environment to use when it's not set. By leaving this empty |
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
166 # dovecot tries to do some automatic detection as described in |
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
167 # doc/mail-storages.txt. There's a few special variables you can use: |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
168 # |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
169 # %u - username |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
170 # %n - user part in user@domain, same as %u if there's no domain |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
171 # %d - domain part in user@domain, empty if user there's no domain |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
172 # %h - home directory |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
173 # |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
174 # You can also limit a width of string by giving the number of max. characters |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
175 # after the '%' character. For example %1u gives the first character of |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
176 # username. Some examples: |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
177 # |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
178 # maildir:/var/mail/%1u/%u/Maildir |
815
ef64c9a50326
Support for separate location of mbox INBOX folder.
Timo Sirainen <tss@iki.fi>
parents:
813
diff
changeset
|
179 # mbox:~/mail/:INBOX=/var/mail/%u |
817
86cf24da85f1
Added :INDEX=<dir> for both Maildir and mbox to specify different location
Timo Sirainen <tss@iki.fi>
parents:
815
diff
changeset
|
180 # mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n |
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
181 # |
779
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
182 #default_mail_env = |
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
183 |
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
184 # Space-separated list of fields to cache for all mails. Currently these |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
185 # fields are allowed followed by a list of commands they speed up: |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
186 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
187 # Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
188 # SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
189 # HEADER IN-REPLY-TO |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
190 # Body - FETCH BODY |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
191 # Bodystructure - FETCH BODY, BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
192 # MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
193 # SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
194 # generation. This is always set with mbox mailboxes, and |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
195 # also default with Maildir. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
196 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
197 # Different IMAP clients work in different ways, that's why Dovecot by default |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
198 # only caches MessagePart which speeds up most operations. Whenever client |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
199 # does something where caching could be used, the field is automatically marked |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
200 # to be cached later. For example after FETCH BODY the BODY will be cached |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
201 # for all new messages. Normally you should leave this alone, unless you know |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
202 # what most of your IMAP clients are. Caching more fields than needed makes |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
203 # the index files larger and generate useless I/O. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
204 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
205 # With maildir there's one extra optimization - if nothing is cached, indexing |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
206 # the maildir becomes much faster since it's not opening any of the mail files. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
207 # This could be useful if your IMAP clients access only new mails. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
208 |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
209 #mail_cache_fields = MessagePart |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
210 |
987 | 211 # Space-separated list of fields that Dovecot should never set to be cached. |
212 # Useful if you want to save disk space at the cost of more I/O when the fields | |
213 # needed. | |
214 #mail_never_cache_fields = | |
215 | |
1138
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
216 # Workarounds for various client bugs: |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
217 # oe6-fetch-no-newmail: |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
218 # Never send EXISTS/RECENT when replying to FETCH command. Outlook Express |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
219 # seems to think they are FETCH replies and gives user "Message no longer |
1180 | 220 # in server" error. Note that OE6 still breaks even with this workaround |
221 # if synchronization is set to "Headers Only". | |
1212 | 222 # outlook-idle: |
223 # Outlook and Outlook Express never abort IDLE command, so if no mail | |
224 # arrives in half a hour, Dovecot closes the connection. This is still | |
225 # fine, except Outlook doesn't connect back so you don't see if new mail | |
226 # arrives. | |
1138
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
227 #client_workarounds = |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
228 |
600
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
229 # Dovecot can notify client of new mail in selected mailbox soon after it's |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
230 # received. This setting specifies the minimum interval in seconds between |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
231 # new mail notifications to client - internally they may be checked more or |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
232 # less often. Setting this to 0 disables the checking. |
788
5b2a247ed361
mailbox_check_interval is now disabled by default, at least Evolution breaks
Timo Sirainen <tss@iki.fi>
parents:
780
diff
changeset
|
233 # NOTE: Evolution client breaks with this option when it's trying to APPEND. |
5b2a247ed361
mailbox_check_interval is now disabled by default, at least Evolution breaks
Timo Sirainen <tss@iki.fi>
parents:
780
diff
changeset
|
234 #mailbox_check_interval = 0 |
600
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
235 |
1177 | 236 # Like mailbox_check_interval, but used for IDLE command. |
237 #mailbox_idle_check_interval = 30 | |
238 | |
1151
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
239 # Allow full filesystem access to clients. There's no access checks other than |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
240 # what the operating system does for the active UID/GID. It works with both |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
241 # maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/ |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
242 # or ~user/. |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
243 #mail_full_filesystem_access = no |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
244 |
1168
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
245 # Maximum allowed length for custom flag name. It's only forced when trying |
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
246 # to create new flags. |
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
247 #mail_max_flag_length = 50 |
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
248 |
472
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
249 # Save mails with CR+LF instead of plain LF. This makes sending those mails |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
250 # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
251 # But it also creates a bit more disk I/O which may just make it slower. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
252 #mail_save_crlf = no |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
253 |
644
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
254 # Use mmap() instead of read() to read mail files. read() seems to be a bit |
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
255 # faster with my Linux/x86 and it's better with NFS, so that's the default. |
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
256 #mail_read_mmaped = no |
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
257 |
0 | 258 # Copy mail to another folders using hard links. This is much faster than |
987 | 259 # actually copying the file. This is problematic only if something modifies |
260 # the mail in one folder but doesn't want it modified in the others. I don't | |
261 # know any MUA which would modify mail files directly. IMAP protocol also | |
262 # requires that the mails don't change, so it would be problematic in any case. | |
263 # If you care about performance, enable it. | |
0 | 264 #maildir_copy_with_hardlinks = no |
265 | |
266 # Check if mails' content has been changed by external programs. This slows | |
882
38b3bc6ddcc4
Changed maildir_check_content_changes = yes now to treat the message as new
Timo Sirainen <tss@iki.fi>
parents:
872
diff
changeset
|
267 # down things as extra stat() needs to be called for each file. If changes are |
38b3bc6ddcc4
Changed maildir_check_content_changes = yes now to treat the message as new
Timo Sirainen <tss@iki.fi>
parents:
872
diff
changeset
|
268 # noticed, the message is treated as a new message, since IMAP protocol |
38b3bc6ddcc4
Changed maildir_check_content_changes = yes now to treat the message as new
Timo Sirainen <tss@iki.fi>
parents:
872
diff
changeset
|
269 # specifies that existing message are immutable. |
0 | 270 #maildir_check_content_changes = no |
271 | |
1113
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
272 # Which locking methods to use for locking mbox. There's three available: |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
273 # dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
274 # solution. If you want to use /var/mail/ like directory, the users |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
275 # will need write access to that directory. |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
276 # fcntl : Use this if possible. Works with NFS too if lockd is used. |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
277 # flock : May not exist in all systems. Doesn't work with NFS. |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
278 # |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
279 # You can use both fcntl and flock too; if you do the order they're declared |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
280 # with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl |
1214 | 281 # and flock. Some operating systems don't allow using both of them |
282 # simultaneously, eg. BSDs. If dotlock is used, it's always created first. | |
1113
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
283 #mbox_locks = dotlock fcntl |
643
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
284 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
285 # Should we create dotlock file even when we want only a read-lock? Setting |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
286 # this to yes hurts the performance when the mailbox is accessed simultaneously |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
287 # by multiple processes, but it's needed for reliable reading if no other |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
288 # locking methods are available. |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
289 #mbox_read_dotlock = no |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
290 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
291 # Maximum time in seconds to wait for lock (all of them) before aborting. |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
292 #mbox_lock_timeout = 300 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
293 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
294 # If dotlock exists but the mailbox isn't modified in any way, override the |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
295 # lock file after this many seconds. |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
296 #mbox_dotlock_change_timeout = 30 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
297 |
0 | 298 # umask to use for mail files and directories |
299 #umask = 0077 | |
300 | |
1223
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
301 # Drop all privileges before exec()ing the mail process. This is mostly |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
302 # meant for debugging, otherwise you don't get core dumps. Note that setting |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
303 # this to yes means that log file is opened as the logged in user, which |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
304 # might not work. It could also be a small security risk if you use single UID |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
305 # for multiple users, as the users could ptrace() each others processes then. |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
306 #mail_drop_priv_before_exec = no |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
307 |
0 | 308 ## |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
309 ## IMAP process |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
310 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
311 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
312 # Executable location |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
313 #imap_executable = /usr/libexec/dovecot/imap |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
314 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
315 # Set max. process size in megabytes. Most of the memory goes to mmap()ing |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
316 # files, so it shouldn't harm much even if this limit is set pretty high. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
317 #imap_process_size = 256 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
318 |
1465
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
319 # Support for dynamically loadable modules. |
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
320 #imap_use_modules = no |
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
321 #imap_modules = /usr/lib/dovecot/imap |
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
322 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
323 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
324 ## POP3 process |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
325 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
326 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
327 # Executable location |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
328 #pop3_executable = /usr/libexec/dovecot/pop3 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
329 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
330 # Set max. process size in megabytes. Most of the memory goes to mmap()ing |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
331 # files, so it shouldn't harm much even if this limit is set pretty high. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
332 #pop3_process_size = 256 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
333 |
1465
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
334 # Support for dynamically loadable modules. |
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
335 #pop3_use_modules = no |
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
336 #pop3_modules = /usr/lib/dovecot/pop3 |
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
337 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
338 ## |
0 | 339 ## Authentication processes |
340 ## | |
341 | |
342 # You can have multiple processes; each time "auth = xx" is seen, a new | |
343 # process definition is started. The point of multiple processes is to be | |
344 # able to set stricter permissions to others. For example, plain/PAM | |
345 # authentication requires roots, but if you also use digest-md5 authentication | |
346 # for some users, you can authenticate them without any privileges in a | |
347 # separate auth process. Just remember that only one auth process is asked | |
348 # for the password, so you can't have different passwords with different | |
349 # processes (unless they have different auth methods, and you're ok with | |
350 # having different password for each method). | |
351 | |
352 # Authentication process name. | |
353 auth = default | |
354 | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
355 # Space separated list of wanted authentication mechanisms: |
1437
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
356 # plain digest-md5 anonymous |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
357 auth_mechanisms = plain |
0 | 358 |
1328
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
359 # Space separated list of realms for SASL authentication mechanisms that need |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
360 # them. You can leave it empty if you don't want to support multiple realms. |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
361 # Many clients simply use the first one listed here, so keep the default realm |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
362 # first. |
0 | 363 #auth_realms = |
364 | |
1328
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
365 # Default realm to use if none was specified. |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
366 #auth_default_realm = |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
367 |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
368 # Where user database is kept: |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
369 # passwd: /etc/passwd or similiar, using getpwnam() |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
370 # passwd-file <path>: passwd-like file with specified location |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
371 # static uid=<uid> gid=<gid> home=<dir template>: static settings |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
372 # vpopmail: vpopmail library |
1142 | 373 # ldap <config path>: LDAP, see doc/dovecot-ldap.conf |
1283
2d8af547a8b4
Added PostgreSQL support, patch by Alex Howansky
Timo Sirainen <tss@iki.fi>
parents:
1238
diff
changeset
|
374 # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
375 auth_userdb = passwd |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
376 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
377 # Where password database is kept: |
0 | 378 # passwd: /etc/passwd or similiar, using getpwnam() |
379 # shadow: /etc/shadow or similiar, using getspnam() | |
380 # pam: PAM authentication | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
381 # passwd-file <path>: passwd-like file with specified location |
280
fa2d1a1d025e
vpopmail authentication. compiles, not tested if it really works.
Timo Sirainen <tss@iki.fi>
parents:
101
diff
changeset
|
382 # vpopmail: vpopmail authentication |
1142 | 383 # ldap <config path>: LDAP, see doc/dovecot-ldap.conf |
1283
2d8af547a8b4
Added PostgreSQL support, patch by Alex Howansky
Timo Sirainen <tss@iki.fi>
parents:
1238
diff
changeset
|
384 # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
385 auth_passdb = pam |
0 | 386 |
387 # Executable location | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
388 #auth_executable = /usr/libexec/dovecot/dovecot-auth |
0 | 389 |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
390 # Set max. process size in megabytes. |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
391 #auth_process_size = 256 |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
392 |
0 | 393 # User to use for the process. Only shadow and pam authentication requires |
394 # roots, so use something else if possible. | |
395 auth_user = root | |
396 | |
435 | 397 # Directory where to chroot the process. Most authentication backends don't |
398 # work if this is set, and there's no point chrooting if auth_user is root. | |
0 | 399 #auth_chroot = |
400 | |
401 # Number of authentication processes to create | |
402 #auth_count = 1 | |
403 | |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
404 # List of allowed characters in username. If the user-given username contains |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
405 # a character not listed in here, the login automatically fails. This is just |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
406 # an extra check to make sure user can't exploit any potential quote escaping |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
407 # vulnerabilities with SQL/LDAP databases. If you want to allow all characters, |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
408 # set this value to empty. |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
409 #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
410 |
1437
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
411 # Username to use for users logging in with ANONYMOUS SASL mechanism |
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
412 #auth_anonymous_username = anonymous |
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
413 |
999 | 414 # More verbose logging. Useful for figuring out why authentication isn't |
415 # working. | |
416 #auth_verbose = no | |
0 | 417 |
418 # digest-md5 authentication process. It requires special MD5 passwords which | |
419 # /etc/shadow and PAM doesn't support, so we never need roots to handle it. | |
420 # Note that the passwd-file is opened before chrooting and dropping root | |
421 # privileges, so it may be 0600-root owned file. | |
422 | |
423 #auth = digest_md5 | |
424 #auth_methods = digest-md5 | |
425 #auth_realms = | |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
426 #auth_userdb = passwd-file /etc/passwd.imap |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
999
diff
changeset
|
427 #auth_passdb = passwd-file /etc/passwd.imap |
0 | 428 #auth_user = imapauth |
1318
d041581ddebf
Removed default auth_chroot directory from digest-md5 case. If you really
Timo Sirainen <tss@iki.fi>
parents:
1295
diff
changeset
|
429 #auth_chroot = |
0 | 430 |
431 # if you plan to use only passwd-file, you don't need the two auth processes, | |
432 # simply set "auth_methods = plain digest-md5" |