Mercurial > dovecot > original-hg > dovecot-1.2
annotate dovecot-example.conf @ 518:1f9b96080525 HEAD
Updated SSL certificate comments.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 26 Oct 2002 00:00:37 +0300 |
parents | 2fa0bfb65268 |
children | 9e121e74c188 |
rev | line source |
---|---|
0 | 1 ## Dovecot 1.0 configuration file |
2 | |
3 # Default values are shown after each value, it's not required to uncomment | |
435 | 4 # any of the lines. Exception to this are paths, they're just examples |
5 # with real defaults being based on configure options. The paths listed here | |
6 # are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var | |
0 | 7 |
8 # Port to listen in for IMAP connections. This port is used for TLS | |
9 # connections as well. Setting it to 0 disables it. | |
10 #imap_port = 143 | |
11 | |
12 # Port to listen in for SSL IMAP connections. Setting it to 0 disables it. | |
13 #imaps_port = 993 | |
14 | |
15 # IP or host address where to listen in for IMAP connections. Empty means to | |
16 # listen in all interfaces. It's not possible to specify multiple. | |
17 #imap_listen = | |
18 | |
19 # IP or host address where to listen in for SSL IMAP connections. Defaults | |
20 # to imap_listen if not specified. | |
21 #imaps_listen = | |
22 | |
518
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
23 # PEM encoded X.509 SSL certificate and private key. They're opened before |
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
24 # dropping root privileges, so keep the key file unreadable by anyone but |
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
25 # root. Note that these default paths here are absolute, configure options |
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
26 # don't affect them. Use for example OpenSSL to generate these files. |
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
27 # generator, |
0 | 28 #ssl_cert_file = /etc/ssl/certs/imapd.pem |
29 #ssl_key_file = /etc/ssl/private/imapd.pem | |
30 | |
31 # Disable LOGIN command and all other plaintext authentications unless | |
32 # SSL/TLS is used (LOGINDISABLED capability) | |
33 #disable_plaintext_auth = no | |
34 | |
35
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
35 # Use this logfile instead of syslog() |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
36 #log_path = |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
37 |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
38 # Prefix for each line written to log file. % codes are in strftime(3) |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
39 # format. Note the extra space at the end of line. |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
40 #log_timestamp = %b %d %H:%M:%S |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
41 |
0 | 42 ## |
43 ## Login process | |
44 ## | |
45 | |
46 # Executable location | |
47 #login_executable = /usr/lib/dovecot/imap-login | |
48 | |
49 # User to use for imap-login process | |
50 #login_user = imapd | |
51 | |
52 # Directory where imap-auth places authentication UNIX sockets which login | |
53 # needs to be able to connect to. The sockets are created when running as | |
54 # root, so you don't need to give imap-auth any access for it. | |
55 #login_dir = /var/run/dovecot/login | |
56 | |
435 | 57 # chroot imap-login process to the login_dir. Only reason not to do this |
0 | 58 # is if you wish to run the whole imapd without roots. |
59 #login_chroot = yes | |
60 | |
61 # Number of imap-login processes to use, one or two is enough | |
62 #login_processes_count = 1 | |
63 | |
64 # Maximum number of connections allowed in login state. When this limit is | |
65 # reached, the oldest connections are dropped. | |
66 #max_logging_users = 256 | |
67 | |
68 ## | |
69 ## IMAP process | |
70 ## | |
71 | |
72 # Executable location | |
73 #imap_executable = /usr/lib/dovecot/imap | |
74 | |
75 # Maximum number of running imap processes. When this limit is reached, | |
76 # new users aren't allowed to log in. | |
77 #max_imap_processes = 1024 | |
78 | |
79 # Valid UID/GID ranges for imap users, defaults to 500 and above. | |
80 # Note that denying root logins is hardcoded to imap-master binary and | |
81 # can't be done even if first_valid_uid is set to 0. | |
82 #first_valid_uid = 500 | |
83 #last_valid_uid = 0 | |
84 | |
85 #first_valid_gid = 1 | |
86 #last_valid_gid = 0 | |
87 | |
88 # ':' separated list of directories under which chrooting is allowed for imap | |
89 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). | |
90 # WARNING: Never add directories here which local users can modify, that | |
91 # may lead to root exploit. Usually this should be done only if you don't | |
92 # allow shell access for users. | |
93 #valid_chroot_dirs = | |
94 | |
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
95 # Space-separated list of fields to cache for all mails. Currently these |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
96 # fields are allowed followed by a list of commands they speed up: |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
97 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
98 # Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
99 # SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
100 # HEADER IN-REPLY-TO |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
101 # Body - FETCH BODY |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
102 # Bodystructure - FETCH BODY, BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
103 # MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
104 # SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
105 # generation. This is always set with mbox mailboxes, and |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
106 # also default with Maildir. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
107 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
108 # Different IMAP clients work in different ways, that's why Dovecot by default |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
109 # only caches MessagePart which speeds up most operations. Whenever client |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
110 # does something where caching could be used, the field is automatically marked |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
111 # to be cached later. For example after FETCH BODY the BODY will be cached |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
112 # for all new messages. Normally you should leave this alone, unless you know |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
113 # what most of your IMAP clients are. Caching more fields than needed makes |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
114 # the index files larger and generate useless I/O. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
115 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
116 # With maildir there's one extra optimization - if nothing is cached, indexing |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
117 # the maildir becomes much faster since it's not opening any of the mail files. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
118 # This could be useful if your IMAP clients access only new mails. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
119 |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
120 #mail_cache_fields = MessagePart |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
121 |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
122 # Space-separated list of fields that Dovecot should never set to be cached. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
123 # Useful if you want to save disk space at the cost of more I/O when the fields |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
124 # needed. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
125 #mail_never_cache_fields = |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
126 |
472
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
127 # Save mails with CR+LF instead of plain LF. This makes sending those mails |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
128 # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
129 # But it also creates a bit more disk I/O which may just make it slower. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
130 #mail_save_crlf = no |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
131 |
0 | 132 # Copy mail to another folders using hard links. This is much faster than |
133 # actually copying the file. Only problem with it is that if either of the | |
134 # mails are modified directly both will change. This isn't a problem with | |
135 # IMAP however since it offers no way to modify the existing mails. Also | |
136 # at least mutt modifies mails by deleting the old one and inserting a new | |
137 # modified mail. So if performance matters at all you should turn this on. | |
138 #maildir_copy_with_hardlinks = no | |
139 | |
140 # Check if mails' content has been changed by external programs. This slows | |
141 # down things as extra stat() needs to be called for each file. | |
142 #maildir_check_content_changes = no | |
143 | |
101
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
144 # If main index file is incompatible with us, should we overwrite it or |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
145 # create a new index with another name. Unless you are running Dovecot in |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
146 # multiple computers with different architectures accessing the same |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
147 # mailboxes (eg. via NFS), it's safe to set this "yes". |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
148 #overwrite_incompatible_index = no |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
149 |
0 | 150 # umask to use for mail files and directories |
151 #umask = 0077 | |
152 | |
153 ## | |
154 ## Authentication processes | |
155 ## | |
156 | |
157 # You can have multiple processes; each time "auth = xx" is seen, a new | |
158 # process definition is started. The point of multiple processes is to be | |
159 # able to set stricter permissions to others. For example, plain/PAM | |
160 # authentication requires roots, but if you also use digest-md5 authentication | |
161 # for some users, you can authenticate them without any privileges in a | |
162 # separate auth process. Just remember that only one auth process is asked | |
163 # for the password, so you can't have different passwords with different | |
164 # processes (unless they have different auth methods, and you're ok with | |
165 # having different password for each method). | |
166 | |
167 # Authentication process name. | |
168 auth = default | |
169 | |
284 | 170 # Authentication methods this process allows separated with a space. |
171 # Currently supported: plain digest-md5 | |
0 | 172 auth_methods = plain |
173 | |
174 # Space separated list of realms with authentication methods that need them. | |
175 # This is usually empty or the host name of the server (eg. | |
176 # mail.mycompany.com). | |
177 # - plain auth checks the password from all realms specified in here | |
178 # - digest-md5 must have the password added for each realm separately, and | |
179 # many clients simply use the first realm listed here. so if you really | |
180 # need to add more realms, add them to end of the list. | |
181 #auth_realms = | |
182 | |
183 # Where the user information and passwords are stored into: | |
184 # passwd: /etc/passwd or similiar, using getpwnam() | |
185 # shadow: /etc/shadow or similiar, using getspnam() | |
186 # pam: PAM authentication | |
187 # passwd-file /etc/passwd.imap: /etc/passwd-like file. Supports digest-md5 | |
188 # style passwords | |
280
fa2d1a1d025e
vpopmail authentication. compiles, not tested if it really works.
Timo Sirainen <tss@iki.fi>
parents:
101
diff
changeset
|
189 # vpopmail: vpopmail authentication |
27 | 190 auth_userinfo = pam |
0 | 191 |
192 # Executable location | |
435 | 193 #auth_executable = /usr/lib/dovecot/imap-auth |
0 | 194 |
195 # User to use for the process. Only shadow and pam authentication requires | |
196 # roots, so use something else if possible. | |
197 auth_user = root | |
198 | |
435 | 199 # Directory where to chroot the process. Most authentication backends don't |
200 # work if this is set, and there's no point chrooting if auth_user is root. | |
0 | 201 #auth_chroot = |
202 | |
203 # Number of authentication processes to create | |
204 #auth_count = 1 | |
205 | |
206 | |
207 # digest-md5 authentication process. It requires special MD5 passwords which | |
208 # /etc/shadow and PAM doesn't support, so we never need roots to handle it. | |
209 # Note that the passwd-file is opened before chrooting and dropping root | |
210 # privileges, so it may be 0600-root owned file. | |
211 | |
212 #auth = digest_md5 | |
213 #auth_methods = digest-md5 | |
214 #auth_realms = | |
215 #auth_userinfo = passwd-file /etc/passwd.imap | |
216 #auth_user = imapauth | |
217 #auth_chroot = /var/run/dovecot/auth | |
218 | |
219 # if you plan to use only passwd-file, you don't need the two auth processes, | |
220 # simply set "auth_methods = plain digest-md5" |