0
|
1 ## Dovecot 1.0 configuration file
|
|
2
|
|
3 # Default values are shown after each value, it's not required to uncomment
|
|
4 # any of the lines.
|
|
5
|
|
6 # Port to listen in for IMAP connections. This port is used for TLS
|
|
7 # connections as well. Setting it to 0 disables it.
|
|
8 #imap_port = 143
|
|
9
|
|
10 # Port to listen in for SSL IMAP connections. Setting it to 0 disables it.
|
|
11 #imaps_port = 993
|
|
12
|
|
13 # IP or host address where to listen in for IMAP connections. Empty means to
|
|
14 # listen in all interfaces. It's not possible to specify multiple.
|
|
15 #imap_listen =
|
|
16
|
|
17 # IP or host address where to listen in for SSL IMAP connections. Defaults
|
|
18 # to imap_listen if not specified.
|
|
19 #imaps_listen =
|
|
20
|
|
21 # SSL certificate/key, they're opened as root
|
|
22 #ssl_cert_file = /etc/ssl/certs/imapd.pem
|
|
23 #ssl_key_file = /etc/ssl/private/imapd.pem
|
|
24
|
|
25 # Disable LOGIN command and all other plaintext authentications unless
|
|
26 # SSL/TLS is used (LOGINDISABLED capability)
|
|
27 #disable_plaintext_auth = no
|
|
28
|
|
29 ##
|
|
30 ## Login process
|
|
31 ##
|
|
32
|
|
33 # Executable location
|
|
34 #login_executable = /usr/lib/dovecot/imap-login
|
|
35
|
|
36 # User to use for imap-login process
|
|
37 #login_user = imapd
|
|
38
|
|
39 # Directory where imap-auth places authentication UNIX sockets which login
|
|
40 # needs to be able to connect to. The sockets are created when running as
|
|
41 # root, so you don't need to give imap-auth any access for it.
|
|
42 #login_dir = /var/run/dovecot/login
|
|
43
|
|
44 # chroot() imap-login process to the login_dir. Only reason not to do this
|
|
45 # is if you wish to run the whole imapd without roots.
|
|
46 #login_chroot = yes
|
|
47
|
|
48 # Number of imap-login processes to use, one or two is enough
|
|
49 #login_processes_count = 1
|
|
50
|
|
51 # Maximum number of connections allowed in login state. When this limit is
|
|
52 # reached, the oldest connections are dropped.
|
|
53 #max_logging_users = 256
|
|
54
|
|
55 ##
|
|
56 ## IMAP process
|
|
57 ##
|
|
58
|
|
59 # Executable location
|
|
60 #imap_executable = /usr/lib/dovecot/imap
|
|
61
|
|
62 # Maximum number of running imap processes. When this limit is reached,
|
|
63 # new users aren't allowed to log in.
|
|
64 #max_imap_processes = 1024
|
|
65
|
|
66 # Valid UID/GID ranges for imap users, defaults to 500 and above.
|
|
67 # Note that denying root logins is hardcoded to imap-master binary and
|
|
68 # can't be done even if first_valid_uid is set to 0.
|
|
69 #first_valid_uid = 500
|
|
70 #last_valid_uid = 0
|
|
71
|
|
72 #first_valid_gid = 1
|
|
73 #last_valid_gid = 0
|
|
74
|
|
75 # ':' separated list of directories under which chrooting is allowed for imap
|
|
76 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
|
|
77 # WARNING: Never add directories here which local users can modify, that
|
|
78 # may lead to root exploit. Usually this should be done only if you don't
|
|
79 # allow shell access for users.
|
|
80 #valid_chroot_dirs =
|
|
81
|
|
82 # Copy mail to another folders using hard links. This is much faster than
|
|
83 # actually copying the file. Only problem with it is that if either of the
|
|
84 # mails are modified directly both will change. This isn't a problem with
|
|
85 # IMAP however since it offers no way to modify the existing mails. Also
|
|
86 # at least mutt modifies mails by deleting the old one and inserting a new
|
|
87 # modified mail. So if performance matters at all you should turn this on.
|
|
88 #maildir_copy_with_hardlinks = no
|
|
89
|
|
90 # Check if mails' content has been changed by external programs. This slows
|
|
91 # down things as extra stat() needs to be called for each file.
|
|
92 #maildir_check_content_changes = no
|
|
93
|
|
94 # umask to use for mail files and directories
|
|
95 #umask = 0077
|
|
96
|
|
97 ##
|
|
98 ## Authentication processes
|
|
99 ##
|
|
100
|
|
101 # You can have multiple processes; each time "auth = xx" is seen, a new
|
|
102 # process definition is started. The point of multiple processes is to be
|
|
103 # able to set stricter permissions to others. For example, plain/PAM
|
|
104 # authentication requires roots, but if you also use digest-md5 authentication
|
|
105 # for some users, you can authenticate them without any privileges in a
|
|
106 # separate auth process. Just remember that only one auth process is asked
|
|
107 # for the password, so you can't have different passwords with different
|
|
108 # processes (unless they have different auth methods, and you're ok with
|
|
109 # having different password for each method).
|
|
110
|
|
111 # Authentication process name.
|
|
112 auth = default
|
|
113
|
|
114 # Authentication methods this process allows separated with a space
|
|
115 auth_methods = plain
|
|
116
|
|
117 # Space separated list of realms with authentication methods that need them.
|
|
118 # This is usually empty or the host name of the server (eg.
|
|
119 # mail.mycompany.com).
|
|
120 # - plain auth checks the password from all realms specified in here
|
|
121 # - digest-md5 must have the password added for each realm separately, and
|
|
122 # many clients simply use the first realm listed here. so if you really
|
|
123 # need to add more realms, add them to end of the list.
|
|
124 #auth_realms =
|
|
125
|
|
126 # Where the user information and passwords are stored into:
|
|
127 # passwd: /etc/passwd or similiar, using getpwnam()
|
|
128 # shadow: /etc/shadow or similiar, using getspnam()
|
|
129 # pam: PAM authentication
|
|
130 # passwd-file /etc/passwd.imap: /etc/passwd-like file. Supports digest-md5
|
|
131 # style passwords
|
|
132 auth_userinfo = shadow
|
|
133
|
|
134 # Executable location
|
|
135 #auth_executable = /var/lib/dovecot/imap-auth
|
|
136
|
|
137 # User to use for the process. Only shadow and pam authentication requires
|
|
138 # roots, so use something else if possible.
|
|
139 auth_user = root
|
|
140
|
|
141 # Directory where to chroot the process
|
|
142 #auth_chroot =
|
|
143
|
|
144 # Number of authentication processes to create
|
|
145 #auth_count = 1
|
|
146
|
|
147
|
|
148 # digest-md5 authentication process. It requires special MD5 passwords which
|
|
149 # /etc/shadow and PAM doesn't support, so we never need roots to handle it.
|
|
150 # Note that the passwd-file is opened before chrooting and dropping root
|
|
151 # privileges, so it may be 0600-root owned file.
|
|
152
|
|
153 #auth = digest_md5
|
|
154 #auth_methods = digest-md5
|
|
155 #auth_realms =
|
|
156 #auth_userinfo = passwd-file /etc/passwd.imap
|
|
157 #auth_user = imapauth
|
|
158 #auth_chroot = /var/run/dovecot/auth
|
|
159
|
|
160 # if you plan to use only passwd-file, you don't need the two auth processes,
|
|
161 # simply set "auth_methods = plain digest-md5"
|