Mercurial > dovecot > original-hg > dovecot-1.2

annotate dovecot-example.conf @ 462:67d22b7b0918 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added mail_cache_fields and mail_never_cache_fields settings, plus settings cleanup.
author Timo Sirainen <tss@iki.fi>
date Sun, 20 Oct 2002 05:35:51 +0300
parents 06576f1d9e69
children 2fa0bfb65268
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
1 ## Dovecot 1.0 configuration file
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 # Default values are shown after each value, it's not required to uncomment
435
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
4 # any of the lines. Exception to this are paths, they're just examples
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
5 # with real defaults being based on configure options. The paths listed here
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
6 # are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
7
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
8 # Port to listen in for IMAP connections. This port is used for TLS
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
9 # connections as well. Setting it to 0 disables it.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
10 #imap_port = 143
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
11
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
12 # Port to listen in for SSL IMAP connections. Setting it to 0 disables it.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
13 #imaps_port = 993
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
14
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
15 # IP or host address where to listen in for IMAP connections. Empty means to
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
16 # listen in all interfaces. It's not possible to specify multiple.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
17 #imap_listen =
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
18
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
19 # IP or host address where to listen in for SSL IMAP connections. Defaults
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
20 # to imap_listen if not specified.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
21 #imaps_listen =
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
22
435
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
23 # SSL certificate/key, they're opened as root. Note that these default paths
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
24 # are absolute, configure options don't affect them.
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
25 #ssl_cert_file = /etc/ssl/certs/imapd.pem
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
26 #ssl_key_file = /etc/ssl/private/imapd.pem
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
27
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
28 # Disable LOGIN command and all other plaintext authentications unless
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
29 # SSL/TLS is used (LOGINDISABLED capability)
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
30 #disable_plaintext_auth = no
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
31
35
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
32 # Use this logfile instead of syslog()
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
33 #log_path =
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
34
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
35 # Prefix for each line written to log file. % codes are in strftime(3)
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
36 # format. Note the extra space at the end of line.
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
37 #log_timestamp = %b %d %H:%M:%S
b420373f88f6 Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents: 27
diff changeset
38
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
39 ##
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
40 ## Login process
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
41 ##
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
42
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
43 # Executable location
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
44 #login_executable = /usr/lib/dovecot/imap-login
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
45
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
46 # User to use for imap-login process
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
47 #login_user = imapd
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
48
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
49 # Directory where imap-auth places authentication UNIX sockets which login
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
50 # needs to be able to connect to. The sockets are created when running as
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
51 # root, so you don't need to give imap-auth any access for it.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
52 #login_dir = /var/run/dovecot/login
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
53
435
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
54 # chroot imap-login process to the login_dir. Only reason not to do this
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
55 # is if you wish to run the whole imapd without roots.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
56 #login_chroot = yes
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
57
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
58 # Number of imap-login processes to use, one or two is enough
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
59 #login_processes_count = 1
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
60
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
61 # Maximum number of connections allowed in login state. When this limit is
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
62 # reached, the oldest connections are dropped.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
63 #max_logging_users = 256
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
64
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
65 ##
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
66 ## IMAP process
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
67 ##
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
68
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
69 # Executable location
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
70 #imap_executable = /usr/lib/dovecot/imap
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
71
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
72 # Maximum number of running imap processes. When this limit is reached,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
73 # new users aren't allowed to log in.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
74 #max_imap_processes = 1024
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
75
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
76 # Valid UID/GID ranges for imap users, defaults to 500 and above.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
77 # Note that denying root logins is hardcoded to imap-master binary and
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
78 # can't be done even if first_valid_uid is set to 0.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
79 #first_valid_uid = 500
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
80 #last_valid_uid = 0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
81
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
82 #first_valid_gid = 1
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
83 #last_valid_gid = 0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
84
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
85 # ':' separated list of directories under which chrooting is allowed for imap
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
86 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
87 # WARNING: Never add directories here which local users can modify, that
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
88 # may lead to root exploit. Usually this should be done only if you don't
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
89 # allow shell access for users.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
90 #valid_chroot_dirs =
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
91
462
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
92 # Space-separated list of fields to cache for all mails. Currently these
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
93 # fields are allowed followed by a list of commands they speed up:
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
94 #
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
95 # Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT,
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
96 # SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID,
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
97 # HEADER IN-REPLY-TO
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
98 # Body - FETCH BODY
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
99 # Bodystructure - FETCH BODY, BODYSTRUCTURE
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
100 # MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE,
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
101 # SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
102 # generation. This is always set with mbox mailboxes, and
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
103 # also default with Maildir.
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
104 #
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
105 # Different IMAP clients work in different ways, that's why Dovecot by default
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
106 # only caches MessagePart which speeds up most operations. Whenever client
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
107 # does something where caching could be used, the field is automatically marked
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
108 # to be cached later. For example after FETCH BODY the BODY will be cached
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
109 # for all new messages. Normally you should leave this alone, unless you know
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
110 # what most of your IMAP clients are. Caching more fields than needed makes
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
111 # the index files larger and generate useless I/O.
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
112 #
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
113 # With maildir there's one extra optimization - if nothing is cached, indexing
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
114 # the maildir becomes much faster since it's not opening any of the mail files.
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
115 # This could be useful if your IMAP clients access only new mails.
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
116
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
117 #mail_cache_fields = MessagePart
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
118
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
119 # Space-separated list of fields that Dovecot should never set to be cached.
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
120 # Useful if you want to save disk space at the cost of more I/O when the fields
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
121 # needed.
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
122 #mail_never_cache_fields =
67d22b7b0918 Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents: 435
diff changeset
123
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
124 # Copy mail to another folders using hard links. This is much faster than
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
125 # actually copying the file. Only problem with it is that if either of the
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
126 # mails are modified directly both will change. This isn't a problem with
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
127 # IMAP however since it offers no way to modify the existing mails. Also
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
128 # at least mutt modifies mails by deleting the old one and inserting a new
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
129 # modified mail. So if performance matters at all you should turn this on.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
130 #maildir_copy_with_hardlinks = no
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
131
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
132 # Check if mails' content has been changed by external programs. This slows
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
133 # down things as extra stat() needs to be called for each file.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
134 #maildir_check_content_changes = no
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
135
101
edc37d046b08 Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents: 35
diff changeset
136 # If main index file is incompatible with us, should we overwrite it or
edc37d046b08 Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents: 35
diff changeset
137 # create a new index with another name. Unless you are running Dovecot in
edc37d046b08 Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents: 35
diff changeset
138 # multiple computers with different architectures accessing the same
edc37d046b08 Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents: 35
diff changeset
139 # mailboxes (eg. via NFS), it's safe to set this "yes".
edc37d046b08 Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents: 35
diff changeset
140 #overwrite_incompatible_index = no
edc37d046b08 Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents: 35
diff changeset
141
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
142 # umask to use for mail files and directories
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
143 #umask = 0077
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
144
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
145 ##
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
146 ## Authentication processes
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
147 ##
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
148
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
149 # You can have multiple processes; each time "auth = xx" is seen, a new
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
150 # process definition is started. The point of multiple processes is to be
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
151 # able to set stricter permissions to others. For example, plain/PAM
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
152 # authentication requires roots, but if you also use digest-md5 authentication
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
153 # for some users, you can authenticate them without any privileges in a
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
154 # separate auth process. Just remember that only one auth process is asked
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
155 # for the password, so you can't have different passwords with different
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
156 # processes (unless they have different auth methods, and you're ok with
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
157 # having different password for each method).
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
158
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
159 # Authentication process name.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
160 auth = default
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
161
284
8d7e46d41ce3 list supported auth methods
Timo Sirainen <tss@iki.fi>
parents: 280
diff changeset
162 # Authentication methods this process allows separated with a space.
8d7e46d41ce3 list supported auth methods
Timo Sirainen <tss@iki.fi>
parents: 280
diff changeset
163 # Currently supported: plain digest-md5
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
164 auth_methods = plain
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
165
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
166 # Space separated list of realms with authentication methods that need them.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
167 # This is usually empty or the host name of the server (eg.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
168 # mail.mycompany.com).
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
169 # - plain auth checks the password from all realms specified in here
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
170 # - digest-md5 must have the password added for each realm separately, and
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
171 # many clients simply use the first realm listed here. so if you really
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
172 # need to add more realms, add them to end of the list.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
173 #auth_realms =
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
174
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
175 # Where the user information and passwords are stored into:
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
176 # passwd: /etc/passwd or similiar, using getpwnam()
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
177 # shadow: /etc/shadow or similiar, using getspnam()
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
178 # pam: PAM authentication
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
179 # passwd-file /etc/passwd.imap: /etc/passwd-like file. Supports digest-md5
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
180 # style passwords
280
fa2d1a1d025e vpopmail authentication. compiles, not tested if it really works.
Timo Sirainen <tss@iki.fi>
parents: 101
diff changeset
181 # vpopmail: vpopmail authentication
27
f182971ba39d default to PAM authentication
Timo Sirainen <tss@iki.fi>
parents: 0
diff changeset
182 auth_userinfo = pam
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
183
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
184 # Executable location
435
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
185 #auth_executable = /usr/lib/dovecot/imap-auth
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
186
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
187 # User to use for the process. Only shadow and pam authentication requires
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
188 # roots, so use something else if possible.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
189 auth_user = root
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
190
435
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
191 # Directory where to chroot the process. Most authentication backends don't
06576f1d9e69 doc updates
Timo Sirainen <tss@iki.fi>
parents: 284
diff changeset
192 # work if this is set, and there's no point chrooting if auth_user is root.
0
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
193 #auth_chroot =
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
194
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
195 # Number of authentication processes to create
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
196 #auth_count = 1
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
197
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
198
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
199 # digest-md5 authentication process. It requires special MD5 passwords which
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
200 # /etc/shadow and PAM doesn't support, so we never need roots to handle it.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
201 # Note that the passwd-file is opened before chrooting and dropping root
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
202 # privileges, so it may be 0600-root owned file.
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
203
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
204 #auth = digest_md5
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
205 #auth_methods = digest-md5
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
206 #auth_realms =
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
207 #auth_userinfo = passwd-file /etc/passwd.imap
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
208 #auth_user = imapauth
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
209 #auth_chroot = /var/run/dovecot/auth
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
210
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
211 # if you plan to use only passwd-file, you don't need the two auth processes,
3b1985cbc908 Initial revision
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
212 # simply set "auth_methods = plain digest-md5"