Mercurial > dovecot > original-hg > dovecot-1.2
annotate dovecot-example.conf @ 1610:6850142c4e25 HEAD
New configuration file code. Some syntax changes, but tries to be somewhat
backwards compatible. SIGHUP now reverts back to old configuration if it
detected errors in new one.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 10 Jul 2003 06:04:07 +0300 |
parents | 8156b82727a8 |
children | a8dc875a8918 |
rev | line source |
---|---|
0 | 1 ## Dovecot 1.0 configuration file |
2 | |
3 # Default values are shown after each value, it's not required to uncomment | |
435 | 4 # any of the lines. Exception to this are paths, they're just examples |
5 # with real defaults being based on configure options. The paths listed here | |
6 # are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var | |
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
7 # --with-ssldir=/etc/ssl |
0 | 8 |
872
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
9 # Base directory where to store runtime data. |
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
10 #base_dir = /var/run/dovecot/ |
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
11 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
12 # Protocols we want to be serving: |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
13 # imap imaps pop3 pop3s |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
14 #protocols = imap imaps |
0 | 15 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
16 # IP or host address where to listen in for connections. It's not currently |
780
1cc947617c8b
imap_listen and imaps_listen accepts now "*" as "all IPv4 interfaces" and
Timo Sirainen <tss@iki.fi>
parents:
779
diff
changeset
|
17 # possible to specify multiple addresses. "*" listens in all IPv4 interfaces. |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
18 # "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
19 # interfaces depending on the operating system. You can specify ports with |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
20 # "host:port". |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
21 #listen = * |
0 | 22 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
23 # IP or host address where to listen in for SSL connections. Defaults |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
24 # to above if not specified. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
25 #ssl_listen = |
0 | 26 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
27 # Disable SSL/TLS support. |
666 | 28 #ssl_disable = no |
29 | |
519 | 30 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before |
518
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
31 # dropping root privileges, so keep the key file unreadable by anyone but |
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
32 # root. Included doc/mkcert.sh can be used to easily generate self-signed |
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
33 # certificate, just make sure to update the domains in dovecot-openssl.cnf |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
34 #ssl_cert_file = /etc/ssl/certs/dovecot.pem |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
35 #ssl_key_file = /etc/ssl/private/dovecot.pem |
0 | 36 |
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
37 # SSL parameter file. Master process generates this file for login processes. |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
38 # It contains Diffie Hellman and RSA parameters. |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
39 #ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
40 |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
41 # How often to regenerate the SSL parameters file. Generation is quite CPU |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
42 # intensive operation. The value is in hours, 0 disables regeneration |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
43 # entirely. |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
44 #ssl_parameters_regenerate = 24 |
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
45 |
0 | 46 # Disable LOGIN command and all other plaintext authentications unless |
47 # SSL/TLS is used (LOGINDISABLED capability) | |
48 #disable_plaintext_auth = no | |
49 | |
1124
5e9430a39611
/dev/stderr works now in log paths.
Timo Sirainen <tss@iki.fi>
parents:
1113
diff
changeset
|
50 # Use this logfile instead of syslog(). /dev/stderr can be used if you want to |
5e9430a39611
/dev/stderr works now in log paths.
Timo Sirainen <tss@iki.fi>
parents:
1113
diff
changeset
|
51 # use stderr for logging (ONLY /dev/stderr - otherwise it is closed). |
35
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
52 #log_path = |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
53 |
811
664de3231e33
Added info_log_file setting and i_info() function to write to it. Default is
Timo Sirainen <tss@iki.fi>
parents:
788
diff
changeset
|
54 # For informational messages, use this logfile instead of the default |
664de3231e33
Added info_log_file setting and i_info() function to write to it. Default is
Timo Sirainen <tss@iki.fi>
parents:
788
diff
changeset
|
55 #info_log_path = |
664de3231e33
Added info_log_file setting and i_info() function to write to it. Default is
Timo Sirainen <tss@iki.fi>
parents:
788
diff
changeset
|
56 |
35
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
57 # Prefix for each line written to log file. % codes are in strftime(3) |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
58 # format. Note the extra space at the end of line. |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
59 #log_timestamp = %b %d %H:%M:%S |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
60 |
0 | 61 ## |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
62 ## Login processes |
0 | 63 ## |
64 | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
65 # Directory where authentication process places authentication UNIX sockets |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
66 # which login needs to be able to connect to. The sockets are created when |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
67 # running as root, so you don't have to worry about permissions. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
68 #login_dir = /var/run/dovecot/login |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
69 |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
70 # chroot login process to the login_dir. Only reason not to do this is if you |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
71 # wish to run the whole Dovecot without roots. |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
72 #login_chroot = yes |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
73 |
1582 | 74 # User to use for the login process. Create a completely new user for this, |
75 # and don't use it anywhere else. The user must also belong to a group where | |
76 # only it has access, it's used to control access for authentication process. | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
77 #login_user = dovecot |
0 | 78 |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
79 # Set max. process size in megabytes. If you don't use |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
80 # login_process_per_connection you might need to grow this. |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
81 #login_process_size = 16 |
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
82 |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
83 # Should each login be processed in it's own process (yes), or should one |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
84 # login process be allowed to process multiple connections (no)? Yes is more |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
85 # secure, espcially with SSL/TLS enabled. No is faster since there's no need |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
86 # to create processes all the time. |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
87 #login_process_per_connection = yes |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
88 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
89 # Number of login processes to create. If login_process_per_user is |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
90 # yes, this is the number of extra processes waiting for users to log in. |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
91 #login_processes_count = 3 |
0 | 92 |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
93 # Maximum number of extra login processes to create. The extra process count |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
94 # usually stays at login_processes_count, but when multiple users start logging |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
95 # in at the same time more extra processes are created. To prevent fork-bombing |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
96 # we check only once in a second if new processes should be created - if all |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
97 # of them are used at the time, we double their amount until limit set by this |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
98 # setting is reached. This setting is used only if login_process_per_use is yes. |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
99 #login_max_processes_count = 128 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
100 |
0 | 101 # Maximum number of connections allowed in login state. When this limit is |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
102 # reached, the oldest connections are dropped. If login_process_per_user |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
103 # is no, this is a per-process value, so the absolute maximum number of users |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
104 # logging in actually login_processes_count * max_logging_users. |
1555
b566a1ba703e
s/max_logging_users/login_max_logging_users/
Timo Sirainen <tss@iki.fi>
parents:
1506
diff
changeset
|
105 #login_max_logging_users = 256 |
0 | 106 |
107 | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
108 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
109 ## Mail processes |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
110 ## |
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
111 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
112 # Maximum number of running mail processes. When this limit is reached, |
0 | 113 # new users aren't allowed to log in. |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
114 #max_mail_processes = 1024 |
0 | 115 |
596
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
116 # Show more verbose process titles (in ps). Currently shows user name and |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
117 # IP address. Useful for seeing who are actually using the IMAP processes |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
118 # (eg. shared mailboxes or if same uid is used for multiple accounts). |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
119 #verbose_proctitle = no |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
120 |
1236 | 121 # Show protocol level SSL errors. |
122 #verbose_ssl = no | |
123 | |
1506
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
124 # Valid UID range for users, defaults to 500 and above. This is mostly |
1295
cc9b61b9959e
updated first_valid_uid comment
Timo Sirainen <tss@iki.fi>
parents:
1283
diff
changeset
|
125 # to make sure that users can't log in as daemons or other system users. |
1506
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
126 # Note that denying root logins is hardcoded to dovecot binary and can't |
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
127 # be done even if first_valid_uid is set to 0. |
0 | 128 #first_valid_uid = 500 |
129 #last_valid_uid = 0 | |
130 | |
1506
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
131 # Valid GID range for users, defaults to non-root/wheel. Users having |
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
132 # non-valid GID as primary group ID aren't allowed to log in. If user |
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
133 # belongs to supplementary groups with non-valid GIDs, those groups are |
e7c627bacaaf
Allow first_valid_gid to be 0. Drop any supplementary groups not in valid
Timo Sirainen <tss@iki.fi>
parents:
1465
diff
changeset
|
134 # not set. |
0 | 135 #first_valid_gid = 1 |
136 #last_valid_gid = 0 | |
137 | |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
138 # ':' separated list of directories under which chrooting is allowed for mail |
0 | 139 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). |
978 | 140 # This setting doesn't affect login_chroot or auth_chroot variables. |
0 | 141 # WARNING: Never add directories here which local users can modify, that |
142 # may lead to root exploit. Usually this should be done only if you don't | |
979 | 143 # allow shell access for users. See doc/configuration.txt for more information. |
0 | 144 #valid_chroot_dirs = |
145 | |
779
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
146 # Default MAIL environment to use when it's not set. By leaving this empty |
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
147 # dovecot tries to do some automatic detection as described in |
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
148 # doc/mail-storages.txt. There's a few special variables you can use: |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
149 # |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
150 # %u - username |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
151 # %n - user part in user@domain, same as %u if there's no domain |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
152 # %d - domain part in user@domain, empty if user there's no domain |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
153 # %h - home directory |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
154 # |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
155 # You can also limit a width of string by giving the number of max. characters |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
156 # after the '%' character. For example %1u gives the first character of |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
157 # username. Some examples: |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
158 # |
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
159 # maildir:/var/mail/%1u/%u/Maildir |
815
ef64c9a50326
Support for separate location of mbox INBOX folder.
Timo Sirainen <tss@iki.fi>
parents:
813
diff
changeset
|
160 # mbox:~/mail/:INBOX=/var/mail/%u |
817
86cf24da85f1
Added :INDEX=<dir> for both Maildir and mbox to specify different location
Timo Sirainen <tss@iki.fi>
parents:
815
diff
changeset
|
161 # mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n |
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
162 # |
779
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
163 #default_mail_env = |
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
164 |
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
165 # Space-separated list of fields to cache for all mails. Currently these |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
166 # fields are allowed followed by a list of commands they speed up: |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
167 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
168 # Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
169 # SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
170 # HEADER IN-REPLY-TO |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
171 # Body - FETCH BODY |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
172 # Bodystructure - FETCH BODY, BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
173 # MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
174 # SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
175 # generation. This is always set with mbox mailboxes, and |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
176 # also default with Maildir. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
177 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
178 # Different IMAP clients work in different ways, that's why Dovecot by default |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
179 # only caches MessagePart which speeds up most operations. Whenever client |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
180 # does something where caching could be used, the field is automatically marked |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
181 # to be cached later. For example after FETCH BODY the BODY will be cached |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
182 # for all new messages. Normally you should leave this alone, unless you know |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
183 # what most of your IMAP clients are. Caching more fields than needed makes |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
184 # the index files larger and generate useless I/O. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
185 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
186 # With maildir there's one extra optimization - if nothing is cached, indexing |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
187 # the maildir becomes much faster since it's not opening any of the mail files. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
188 # This could be useful if your IMAP clients access only new mails. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
189 |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
190 #mail_cache_fields = MessagePart |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
191 |
987 | 192 # Space-separated list of fields that Dovecot should never set to be cached. |
193 # Useful if you want to save disk space at the cost of more I/O when the fields | |
194 # needed. | |
195 #mail_never_cache_fields = | |
196 | |
1138
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
197 # Workarounds for various client bugs: |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
198 # oe6-fetch-no-newmail: |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
199 # Never send EXISTS/RECENT when replying to FETCH command. Outlook Express |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
200 # seems to think they are FETCH replies and gives user "Message no longer |
1180 | 201 # in server" error. Note that OE6 still breaks even with this workaround |
202 # if synchronization is set to "Headers Only". | |
1212 | 203 # outlook-idle: |
204 # Outlook and Outlook Express never abort IDLE command, so if no mail | |
205 # arrives in half a hour, Dovecot closes the connection. This is still | |
206 # fine, except Outlook doesn't connect back so you don't see if new mail | |
207 # arrives. | |
1138
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
208 #client_workarounds = |
340dea0150bf
Added client_workarounds setting, with currently one workaround for OE6.
Timo Sirainen <tss@iki.fi>
parents:
1124
diff
changeset
|
209 |
600
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
210 # Dovecot can notify client of new mail in selected mailbox soon after it's |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
211 # received. This setting specifies the minimum interval in seconds between |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
212 # new mail notifications to client - internally they may be checked more or |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
213 # less often. Setting this to 0 disables the checking. |
788
5b2a247ed361
mailbox_check_interval is now disabled by default, at least Evolution breaks
Timo Sirainen <tss@iki.fi>
parents:
780
diff
changeset
|
214 # NOTE: Evolution client breaks with this option when it's trying to APPEND. |
5b2a247ed361
mailbox_check_interval is now disabled by default, at least Evolution breaks
Timo Sirainen <tss@iki.fi>
parents:
780
diff
changeset
|
215 #mailbox_check_interval = 0 |
600
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
216 |
1177 | 217 # Like mailbox_check_interval, but used for IDLE command. |
218 #mailbox_idle_check_interval = 30 | |
219 | |
1151
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
220 # Allow full filesystem access to clients. There's no access checks other than |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
221 # what the operating system does for the active UID/GID. It works with both |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
222 # maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/ |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
223 # or ~user/. |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
224 #mail_full_filesystem_access = no |
058f6c26f405
Added mail_full_filesystem_access setting. Some of the setting variable
Timo Sirainen <tss@iki.fi>
parents:
1142
diff
changeset
|
225 |
1168
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
226 # Maximum allowed length for custom flag name. It's only forced when trying |
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
227 # to create new flags. |
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
228 #mail_max_flag_length = 50 |
03f1455664d7
Added setting to limit length of custom flag names.
Timo Sirainen <tss@iki.fi>
parents:
1151
diff
changeset
|
229 |
472
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
230 # Save mails with CR+LF instead of plain LF. This makes sending those mails |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
231 # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
232 # But it also creates a bit more disk I/O which may just make it slower. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
233 #mail_save_crlf = no |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
234 |
644
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
235 # Use mmap() instead of read() to read mail files. read() seems to be a bit |
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
236 # faster with my Linux/x86 and it's better with NFS, so that's the default. |
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
237 #mail_read_mmaped = no |
415498fa78d6
mail_read_mmaped: Use mmap() instead of read() to read mail files. read()
Timo Sirainen <tss@iki.fi>
parents:
643
diff
changeset
|
238 |
0 | 239 # Copy mail to another folders using hard links. This is much faster than |
987 | 240 # actually copying the file. This is problematic only if something modifies |
241 # the mail in one folder but doesn't want it modified in the others. I don't | |
242 # know any MUA which would modify mail files directly. IMAP protocol also | |
243 # requires that the mails don't change, so it would be problematic in any case. | |
244 # If you care about performance, enable it. | |
0 | 245 #maildir_copy_with_hardlinks = no |
246 | |
247 # Check if mails' content has been changed by external programs. This slows | |
882
38b3bc6ddcc4
Changed maildir_check_content_changes = yes now to treat the message as new
Timo Sirainen <tss@iki.fi>
parents:
872
diff
changeset
|
248 # down things as extra stat() needs to be called for each file. If changes are |
38b3bc6ddcc4
Changed maildir_check_content_changes = yes now to treat the message as new
Timo Sirainen <tss@iki.fi>
parents:
872
diff
changeset
|
249 # noticed, the message is treated as a new message, since IMAP protocol |
38b3bc6ddcc4
Changed maildir_check_content_changes = yes now to treat the message as new
Timo Sirainen <tss@iki.fi>
parents:
872
diff
changeset
|
250 # specifies that existing message are immutable. |
0 | 251 #maildir_check_content_changes = no |
252 | |
1113
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
253 # Which locking methods to use for locking mbox. There's three available: |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
254 # dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
255 # solution. If you want to use /var/mail/ like directory, the users |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
256 # will need write access to that directory. |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
257 # fcntl : Use this if possible. Works with NFS too if lockd is used. |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
258 # flock : May not exist in all systems. Doesn't work with NFS. |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
259 # |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
260 # You can use both fcntl and flock too; if you do the order they're declared |
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
261 # with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl |
1214 | 262 # and flock. Some operating systems don't allow using both of them |
263 # simultaneously, eg. BSDs. If dotlock is used, it's always created first. | |
1113
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
264 #mbox_locks = dotlock fcntl |
643
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
265 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
266 # Should we create dotlock file even when we want only a read-lock? Setting |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
267 # this to yes hurts the performance when the mailbox is accessed simultaneously |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
268 # by multiple processes, but it's needed for reliable reading if no other |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
269 # locking methods are available. |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
270 #mbox_read_dotlock = no |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
271 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
272 # Maximum time in seconds to wait for lock (all of them) before aborting. |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
273 #mbox_lock_timeout = 300 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
274 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
275 # If dotlock exists but the mailbox isn't modified in any way, override the |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
276 # lock file after this many seconds. |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
277 #mbox_dotlock_change_timeout = 30 |
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
278 |
0 | 279 # umask to use for mail files and directories |
280 #umask = 0077 | |
281 | |
1223
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
282 # Drop all privileges before exec()ing the mail process. This is mostly |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
283 # meant for debugging, otherwise you don't get core dumps. Note that setting |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
284 # this to yes means that log file is opened as the logged in user, which |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
285 # might not work. It could also be a small security risk if you use single UID |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
286 # for multiple users, as the users could ptrace() each others processes then. |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
287 #mail_drop_priv_before_exec = no |
52e0830ade13
Added setting mail_drop_priv_before_exec.
Timo Sirainen <tss@iki.fi>
parents:
1218
diff
changeset
|
288 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
289 # Set max. process size in megabytes. Most of the memory goes to mmap()ing |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
290 # files, so it shouldn't harm much even if this limit is set pretty high. |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
291 #mail_process_size = 256 |
1465
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
292 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
293 ## |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
294 ## IMAP specific settings |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
295 ## |
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
296 |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
297 protocol imap { |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
298 # Login executable location. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
299 #login_executable = /usr/libexec/dovecot/imap-login |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
300 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
301 # IMAP executable location |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
302 #mail_executable = /usr/libexec/dovecot/imap |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
303 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
304 # Maximum IMAP command line length in bytes. Some clients generate very long |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
305 # command lines with huge mailboxes, so you may need to raise this if you get |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
306 # "Too long argument" or "IMAP command line too large" errors often. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
307 #imap_max_line_length = 65536 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
308 |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
309 # Support for dynamically loadable modules. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
310 #mail_use_modules = no |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
311 #mail_modules = /usr/lib/dovecot/imap |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
312 } |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
313 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
314 ## |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
315 ## POP3 specific settings |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
316 ## |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
317 |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
318 protocol pop3 { |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
319 # Login executable location. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
320 #login_executable = /usr/libexec/dovecot/pop3-login |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
321 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
322 # POP3 executable location |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
323 #mail_executable = /usr/libexec/dovecot/pop3 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
324 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
325 # Support for dynamically loadable modules. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
326 #mail_use_modules = no |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
327 #mail_modules = /usr/lib/dovecot/pop3 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
328 } |
1465
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
329 |
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
330 ## |
0 | 331 ## Authentication processes |
332 ## | |
333 | |
334 # You can have multiple processes; each time "auth = xx" is seen, a new | |
335 # process definition is started. The point of multiple processes is to be | |
336 # able to set stricter permissions to others. For example, plain/PAM | |
337 # authentication requires roots, but if you also use digest-md5 authentication | |
338 # for some users, you can authenticate them without any privileges in a | |
339 # separate auth process. Just remember that only one auth process is asked | |
340 # for the password, so you can't have different passwords with different | |
341 # processes (unless they have different auth methods, and you're ok with | |
342 # having different password for each method). | |
343 | |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
344 # Executable location |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
345 #auth_executable = /usr/libexec/dovecot/dovecot-auth |
0 | 346 |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
347 # Set max. process size in megabytes. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
348 #auth_process_size = 256 |
0 | 349 |
1328
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
350 # Space separated list of realms for SASL authentication mechanisms that need |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
351 # them. You can leave it empty if you don't want to support multiple realms. |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
352 # Many clients simply use the first one listed here, so keep the default realm |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
353 # first. |
0 | 354 #auth_realms = |
355 | |
1328
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
356 # Default realm to use if none was specified. |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
357 #auth_default_realm = |
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
358 |
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
359 # List of allowed characters in username. If the user-given username contains |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
360 # a character not listed in here, the login automatically fails. This is just |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
361 # an extra check to make sure user can't exploit any potential quote escaping |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
362 # vulnerabilities with SQL/LDAP databases. If you want to allow all characters, |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
363 # set this value to empty. |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
364 #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ |
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
365 |
1437
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
366 # Username to use for users logging in with ANONYMOUS SASL mechanism |
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
367 #auth_anonymous_username = anonymous |
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
368 |
999 | 369 # More verbose logging. Useful for figuring out why authentication isn't |
370 # working. | |
371 #auth_verbose = no | |
0 | 372 |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
373 auth default { |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
374 # Space separated list of wanted authentication mechanisms: |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
375 # plain digest-md5 anonymous |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
376 auth_mechanisms = plain |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
377 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
378 # Where user database is kept: |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
379 # passwd: /etc/passwd or similiar, using getpwnam() |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
380 # passwd-file <path>: passwd-like file with specified location |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
381 # static uid=<uid> gid=<gid> home=<dir template>: static settings |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
382 # vpopmail: vpopmail library |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
383 # ldap <config path>: LDAP, see doc/dovecot-ldap.conf |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
384 # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
385 auth_userdb = passwd |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
386 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
387 # Where password database is kept: |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
388 # passwd: /etc/passwd or similiar, using getpwnam() |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
389 # shadow: /etc/shadow or similiar, using getspnam() |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
390 # pam [<service> | *]: PAM authentication |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
391 # passwd-file <path>: passwd-like file with specified location |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
392 # vpopmail: vpopmail authentication |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
393 # ldap <config path>: LDAP, see doc/dovecot-ldap.conf |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
394 # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
395 auth_passdb = pam |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
396 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
397 # User to use for the process. This user needs access to only user and |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
398 # password databases, nothing else. Only shadow and pam authentication |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
399 # requires roots, so use something else if possible. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
400 auth_user = root |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
401 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
402 # Directory where to chroot the process. Most authentication backends don't |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
403 # work if this is set, and there's no point chrooting if auth_user is root. |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
404 #auth_chroot = |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
405 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
406 # Number of authentication processes to create |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
407 #auth_count = 1 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
408 } |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
409 |
0 | 410 # digest-md5 authentication process. It requires special MD5 passwords which |
411 # /etc/shadow and PAM doesn't support, so we never need roots to handle it. | |
412 # Note that the passwd-file is opened before chrooting and dropping root | |
413 # privileges, so it may be 0600-root owned file. | |
414 | |
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
415 #auth digest_md5 { |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
416 # auth_methods = digest-md5 |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
417 # auth_userdb = passwd-file /etc/passwd.imap |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
418 # auth_passdb = passwd-file /etc/passwd.imap |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
419 # auth_user = imapauth |
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
420 #} |
0 | 421 |
422 # if you plan to use only passwd-file, you don't need the two auth processes, | |
423 # simply set "auth_methods = plain digest-md5" |