Mercurial > dovecot > original-hg > dovecot-1.2
annotate dovecot-example.conf @ 4696:abf9a1234b99 HEAD
Don't allow SSLv2 by default.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Mon, 16 Oct 2006 01:10:30 +0300 |
| parents | 07afd19bc53e |
| children | ad68cb8119e1 |
| rev | line source |
|---|---|
| 3951 | 1 ## Dovecot configuration file |
| 0 | 2 |
|
4081
81d56edc16c8
Added link to QuickConfiguration.
Timo Sirainen <tss@iki.fi>
parents:
4080
diff
changeset
|
3 # If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration |
|
81d56edc16c8
Added link to QuickConfiguration.
Timo Sirainen <tss@iki.fi>
parents:
4080
diff
changeset
|
4 |
|
2231
58fc6765027c
Add a comment about # chars and whitespace.
Timo Sirainen <tss@iki.fi>
parents:
2218
diff
changeset
|
5 # '#' character and everything after it is treated as comments. Extra spaces |
|
58fc6765027c
Add a comment about # chars and whitespace.
Timo Sirainen <tss@iki.fi>
parents:
2218
diff
changeset
|
6 # and tabs are ignored. If you want to use either of these explicitly, put the |
|
58fc6765027c
Add a comment about # chars and whitespace.
Timo Sirainen <tss@iki.fi>
parents:
2218
diff
changeset
|
7 # value inside quotes, eg.: key = "# char and trailing whitespace " |
|
58fc6765027c
Add a comment about # chars and whitespace.
Timo Sirainen <tss@iki.fi>
parents:
2218
diff
changeset
|
8 |
| 4484 | 9 # Default values are shown for each setting, it's not required to uncomment |
| 10 # any of the lines. Exception to this are paths, they're just examples with | |
| 11 # the real defaults being based on configure options. The paths listed here | |
| 435 | 12 # are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
13 # --with-ssldir=/etc/ssl |
| 0 | 14 |
|
872
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
15 # Base directory where to store runtime data. |
|
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
16 #base_dir = /var/run/dovecot/ |
|
6377d4f7a31c
Added base_dir setting, so the configure time --localstatedir can be
Timo Sirainen <tss@iki.fi>
parents:
817
diff
changeset
|
17 |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
18 # Protocols we want to be serving: imap imaps pop3 pop3s |
| 4627 | 19 # If you only want to use dovecot-auth, you can set this to "none". |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
20 #protocols = imap imaps |
| 0 | 21 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
22 # IP or host address where to listen in for connections. It's not currently |
|
780
1cc947617c8b
imap_listen and imaps_listen accepts now "*" as "all IPv4 interfaces" and
Timo Sirainen <tss@iki.fi>
parents:
779
diff
changeset
|
23 # possible to specify multiple addresses. "*" listens in all IPv4 interfaces. |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
24 # "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4 |
|
4080
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
25 # interfaces depending on the operating system. |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
26 # |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
27 # If you want to specify ports for each service, you will need to configure |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
28 # these settings inside the protocol imap/pop3 { ... } section, so you can |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
29 # specify different ports for IMAP/POP3. For example: |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
30 # protocol imap { |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
31 # listen = *:10143 |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
32 # ssl_listen = *:10943 |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
33 # .. |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
34 # } |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
35 # protocol pop3 { |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
36 # listen = *:10100 |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
37 # .. |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
38 # } |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
39 #listen = * |
| 0 | 40 |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
41 # Disable LOGIN command and all other plaintext authentications unless |
|
4467
eaab43f6f65f
Removed hardcoded 127.* and ::1 IP checks. Instead just check that local IP
Timo Sirainen <tss@iki.fi>
parents:
4456
diff
changeset
|
42 # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP |
|
eaab43f6f65f
Removed hardcoded 127.* and ::1 IP checks. Instead just check that local IP
Timo Sirainen <tss@iki.fi>
parents:
4456
diff
changeset
|
43 # matches the local IP (ie. you're connecting from the same computer), the |
|
eaab43f6f65f
Removed hardcoded 127.* and ::1 IP checks. Instead just check that local IP
Timo Sirainen <tss@iki.fi>
parents:
4456
diff
changeset
|
44 # connection is considered secure and plaintext authentication is allowed. |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
45 #disable_plaintext_auth = yes |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
46 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
47 # Should all IMAP and POP3 processes be killed when Dovecot master process |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
48 # shuts down. Setting this to "no" means that Dovecot can be upgraded without |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
49 # forcing existing client connections to close (although that could also be |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
50 # a problem if the upgrade is eg. because of a security fix). This however |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
51 # means that after master process has died, the client processes can't write |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
52 # to log files anymore. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
53 #shutdown_clients = yes |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
54 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
55 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
56 ## Logging |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
57 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
58 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
59 # Use this logfile instead of syslog(). /dev/stderr can be used if you want to |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
60 # use stderr for logging (ONLY /dev/stderr - otherwise it is closed). |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
61 #log_path = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
62 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
63 # For informational messages, use this logfile instead of the default |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
64 #info_log_path = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
65 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
66 # Prefix for each line written to log file. % codes are in strftime(3) |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
67 # format. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
68 #log_timestamp = "%b %d %H:%M:%S " |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
69 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
70 # Syslog facility to use if you're logging to syslog. Usually if you don't |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
71 # want to use "mail", you'll use local0..local7. Also other standard |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
72 # facilities are supported. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
73 #syslog_facility = mail |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
74 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
75 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
76 ## SSL settings |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
77 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
78 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
79 # IP or host address where to listen in for SSL connections. Defaults |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
80 # to above if not specified. |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
81 #ssl_listen = |
| 0 | 82 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
83 # Disable SSL/TLS support. |
| 666 | 84 #ssl_disable = no |
| 85 | |
| 519 | 86 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before |
|
518
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
87 # dropping root privileges, so keep the key file unreadable by anyone but |
|
657
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
88 # root. Included doc/mkcert.sh can be used to easily generate self-signed |
|
85a888d2766e
Added script to easily generate self-signed certificate.
Timo Sirainen <tss@iki.fi>
parents:
644
diff
changeset
|
89 # certificate, just make sure to update the domains in dovecot-openssl.cnf |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
90 #ssl_cert_file = /etc/ssl/certs/dovecot.pem |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
91 #ssl_key_file = /etc/ssl/private/dovecot.pem |
| 0 | 92 |
|
3889
c7462001227b
Added support for password protected SSL private keys. The password can be
Timo Sirainen <tss@iki.fi>
parents:
3888
diff
changeset
|
93 # If key file is password protected, give the password here. Alternatively |
|
c7462001227b
Added support for password protected SSL private keys. The password can be
Timo Sirainen <tss@iki.fi>
parents:
3888
diff
changeset
|
94 # give it when starting dovecot with -p parameter. |
|
c7462001227b
Added support for password protected SSL private keys. The password can be
Timo Sirainen <tss@iki.fi>
parents:
3888
diff
changeset
|
95 #ssl_key_password = |
|
c7462001227b
Added support for password protected SSL private keys. The password can be
Timo Sirainen <tss@iki.fi>
parents:
3888
diff
changeset
|
96 |
|
1997
1d0985f6bdd9
Added ssl_verify_client_cert setting.
Timo Sirainen <tss@iki.fi>
parents:
1996
diff
changeset
|
97 # File containing trusted SSL certificate authorities. Usually not needed. |
|
4695
07afd19bc53e
Updates to ssl_ca_file and ssl_username_from_cert comments in
Timo Sirainen <tss@iki.fi>
parents:
4658
diff
changeset
|
98 # The CAfile should contain the CA-certificate(s) followed by the matching |
|
07afd19bc53e
Updates to ssl_ca_file and ssl_username_from_cert comments in
Timo Sirainen <tss@iki.fi>
parents:
4658
diff
changeset
|
99 # CRL(s). CRL checking is new in dovecot .rc1 |
|
1997
1d0985f6bdd9
Added ssl_verify_client_cert setting.
Timo Sirainen <tss@iki.fi>
parents:
1996
diff
changeset
|
100 #ssl_ca_file = |
|
1d0985f6bdd9
Added ssl_verify_client_cert setting.
Timo Sirainen <tss@iki.fi>
parents:
1996
diff
changeset
|
101 |
|
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
1997
diff
changeset
|
102 # Request client to send a certificate. |
|
1997
1d0985f6bdd9
Added ssl_verify_client_cert setting.
Timo Sirainen <tss@iki.fi>
parents:
1996
diff
changeset
|
103 #ssl_verify_client_cert = no |
|
1d0985f6bdd9
Added ssl_verify_client_cert setting.
Timo Sirainen <tss@iki.fi>
parents:
1996
diff
changeset
|
104 |
|
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
105 # How often to regenerate the SSL parameters file. Generation is quite CPU |
|
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
106 # intensive operation. The value is in hours, 0 disables regeneration |
|
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
107 # entirely. |
|
3888
650701d41cdf
Generate DH parameters and use them. Changed default regeneration time to 1
Timo Sirainen <tss@iki.fi>
parents:
3887
diff
changeset
|
108 #ssl_parameters_regenerate = 168 |
|
615
0d852af6842e
Master process generates DH/RSA parameters now and stores them into file
Timo Sirainen <tss@iki.fi>
parents:
614
diff
changeset
|
109 |
| 1996 | 110 # SSL ciphers to use |
| 4696 | 111 #ssl_cipher_list = ALL:!LOW:!SSLv2 |
| 1996 | 112 |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
113 # Show protocol level SSL errors. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
114 #verbose_ssl = no |
|
3724
d22c883021da
Added syslog_facility setting to config file.
Timo Sirainen <tss@iki.fi>
parents:
3718
diff
changeset
|
115 |
| 0 | 116 ## |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
117 ## Login processes |
| 0 | 118 ## |
| 119 | |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
120 # Directory where authentication process places authentication UNIX sockets |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
121 # which login needs to be able to connect to. The sockets are created when |
| 2163 | 122 # running as root, so you don't have to worry about permissions. Note that |
| 123 # everything in this directory is deleted when Dovecot is started. | |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
124 #login_dir = /var/run/dovecot/login |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
125 |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
126 # chroot login process to the login_dir. Only reason not to do this is if you |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
127 # wish to run the whole Dovecot without roots. |
| 3028 | 128 # http://wiki.dovecot.org/Rootless |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
129 #login_chroot = yes |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
130 |
| 1582 | 131 # User to use for the login process. Create a completely new user for this, |
| 132 # and don't use it anywhere else. The user must also belong to a group where | |
| 133 # only it has access, it's used to control access for authentication process. | |
| 3026 | 134 # Note that this user is NOT used to access mails. |
| 3028 | 135 # http://wiki.dovecot.org/UserIds |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
136 #login_user = dovecot |
| 0 | 137 |
|
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
138 # Set max. process size in megabytes. If you don't use |
|
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
139 # login_process_per_connection you might need to grow this. |
|
2137
7d625d6b33aa
Raised login_process_size default from 16MB -> 32MB
Timo Sirainen <tss@iki.fi>
parents:
2133
diff
changeset
|
140 #login_process_size = 32 |
|
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
141 |
|
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
142 # Should each login be processed in it's own process (yes), or should one |
|
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
143 # login process be allowed to process multiple connections (no)? Yes is more |
|
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
144 # secure, espcially with SSL/TLS enabled. No is faster since there's no need |
|
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
145 # to create processes all the time. |
|
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
146 #login_process_per_connection = yes |
|
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
147 |
|
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
148 # Number of login processes to keep for listening new connections. |
|
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
149 #login_processes_count = 3 |
| 0 | 150 |
|
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
151 # Maximum number of login processes to create. The listening process count |
|
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
152 # usually stays at login_processes_count, but when multiple users start logging |
|
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
153 # in at the same time more extra processes are created. To prevent fork-bombing |
|
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
154 # we check only once in a second if new processes should be created - if all |
|
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
155 # of them are used at the time, we double their amount until the limit set by |
|
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
156 # this setting is reached. |
|
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
157 #login_max_processes_count = 128 |
|
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
158 |
|
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
159 # Maximum number of connections allowed per each login process. This setting |
|
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
160 # is used only if login_process_per_connection=no. Once the limit is reached, |
|
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
161 # the process notifies master so that it can create a new login process. |
|
4561
c8177c854d65
Updated login_max_connections comment.
Timo Sirainen <tss@iki.fi>
parents:
4538
diff
changeset
|
162 # You should make sure that the process has at least |
|
c8177c854d65
Updated login_max_connections comment.
Timo Sirainen <tss@iki.fi>
parents:
4538
diff
changeset
|
163 # 16 + login_max_connections * 2 available file descriptors. |
|
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4526
diff
changeset
|
164 #login_max_connections = 256 |
| 0 | 165 |
|
2674
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
166 # Greeting message for clients. |
|
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
167 #login_greeting = Dovecot ready. |
| 0 | 168 |
|
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
169 # Space-separated list of elements we want to log. The elements which have |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
170 # a non-empty variable value are joined together to form a comma-separated |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
171 # string. |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
172 #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
173 |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
174 # Login log format. %$ contains login_log_format_elements string, %s contains |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
175 # the data we want to log. |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
176 #login_log_format = %$: %s |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
177 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
178 ## |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
179 ## Mailbox locations and namespaces |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
180 ## |
|
722
0438621d25ff
Added virtual memory size limits to processes. Default values are pretty
Timo Sirainen <tss@iki.fi>
parents:
666
diff
changeset
|
181 |
|
779
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
182 # Default MAIL environment to use when it's not set. By leaving this empty |
|
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
183 # dovecot tries to do some automatic detection as described in |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
184 # doc/mail-storages.txt. There are a few special variables you can use, eg.: |
|
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
185 # |
|
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
186 # %u - username |
|
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
187 # %n - user part in user@domain, same as %u if there's no domain |
| 2447 | 188 # %d - domain part in user@domain, empty if there's no domain |
|
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
189 # %h - home directory |
|
2057
5e0167577399
Fixed var_expand() to take a table of variables rather than a few predefined
Timo Sirainen <tss@iki.fi>
parents:
2039
diff
changeset
|
190 # |
|
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2078
diff
changeset
|
191 # See doc/variables.txt for full list. Some examples: |
|
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
192 # |
| 1747 | 193 # default_mail_env = maildir:/var/mail/%1u/%u/Maildir |
| 194 # default_mail_env = mbox:~/mail/:INBOX=/var/mail/%u | |
| 195 # default_mail_env = mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n | |
|
813
493bc8da9e80
default_mail_env behaviour changed. We use %u instead of $U now. Added also
Timo Sirainen <tss@iki.fi>
parents:
811
diff
changeset
|
196 # |
|
779
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
197 #default_mail_env = |
|
f126b666859e
New setting: default_mail_env which can be used to specify where to find
Timo Sirainen <tss@iki.fi>
parents:
722
diff
changeset
|
198 |
|
2673
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
199 # If you need to set multiple mailbox locations or want to change default |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
200 # namespace settings, you can do it by defining namespace sections: |
|
3144
33cbe3dec3b8
Added a reminder about needing a default namespace.
Timo Sirainen <tss@iki.fi>
parents:
3142
diff
changeset
|
201 # |
|
2673
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
202 # You can have private, shared and public namespaces. The only difference |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
203 # between them is how Dovecot announces them to client via NAMESPACE |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
204 # extension. Shared namespaces are meant for user-owned mailboxes which are |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
205 # shared to other users, while public namespaces are for more globally |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
206 # accessible mailboxes. |
|
3144
33cbe3dec3b8
Added a reminder about needing a default namespace.
Timo Sirainen <tss@iki.fi>
parents:
3142
diff
changeset
|
207 # |
|
33cbe3dec3b8
Added a reminder about needing a default namespace.
Timo Sirainen <tss@iki.fi>
parents:
3142
diff
changeset
|
208 # REMEMBER: If you add any namespaces, the default namespace must be added |
|
33cbe3dec3b8
Added a reminder about needing a default namespace.
Timo Sirainen <tss@iki.fi>
parents:
3142
diff
changeset
|
209 # explicitly, ie. default_mail_env does nothing unless you have a namespace |
|
33cbe3dec3b8
Added a reminder about needing a default namespace.
Timo Sirainen <tss@iki.fi>
parents:
3142
diff
changeset
|
210 # without a location setting. Default namespace is simply done by having a |
|
33cbe3dec3b8
Added a reminder about needing a default namespace.
Timo Sirainen <tss@iki.fi>
parents:
3142
diff
changeset
|
211 # namespace with empty prefix. |
|
2673
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
212 #namespace private { |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
213 # Hierarchy separator to use. You should use the same separator for all |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
214 # namespaces or some clients get confused. '/' is usually a good one. |
|
4483
e2521ee11147
Updated namespace separator's comments.
Timo Sirainen <tss@iki.fi>
parents:
4467
diff
changeset
|
215 # The default however depends on the underlying mail storage format. |
|
e2521ee11147
Updated namespace separator's comments.
Timo Sirainen <tss@iki.fi>
parents:
4467
diff
changeset
|
216 #separator = |
|
2673
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
217 |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
218 # Prefix required to access this namespace. This needs to be different for |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
219 # all namespaces. For example "Public/". |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
220 #prefix = |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
221 |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
222 # Physical location of the mailbox. This is in same format as |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
223 # default_mail_env, which is also the default for it. |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
224 #location = |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
225 |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
226 # There can be only one INBOX, and this setting defines which namespace |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
227 # has it. |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
228 #inbox = yes |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
229 |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
230 # If namespace is hidden, it's not advertised to clients via NAMESPACE |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
231 # extension or shown in LIST replies. This is mostly useful when converting |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
232 # from another server with different namespaces which you want to depricate |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
233 # but still keep working. For example you can create hidden namespaces with |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
234 # prefixes "~/mail/", "~%u/mail/" and "mail/". |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
235 #hidden = yes |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
236 #} |
|
5f2c5b65b0cd
Added example namespace with comments.
Timo Sirainen <tss@iki.fi>
parents:
2666
diff
changeset
|
237 |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
238 # Grant access to these extra groups for mail processes. Typical use would be |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
239 # to give "mail" group write access to /var/mail to be able to create dotlocks. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
240 #mail_extra_groups = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
241 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
242 # Allow full filesystem access to clients. There's no access checks other than |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
243 # what the operating system does for the active UID/GID. It works with both |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
244 # maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/ |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
245 # or ~user/. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
246 #mail_full_filesystem_access = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
247 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
248 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
249 ## Mail processes |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
250 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
251 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
252 # Enable mail process debugging. This can help you figure out why Dovecot |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
253 # isn't finding your mails. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
254 #mail_debug = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
255 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
256 # Log prefix for mail processes. See doc/variables.txt for list of possible |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
257 # variables you can use. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
258 #mail_log_prefix = "%Us(%u): " |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
259 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
260 # Use mmap() instead of read() to read mail files. read() seems to be a bit |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
261 # faster with my Linux/x86 and it's better with NFS, so that's the default. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
262 # Note that OpenBSD 3.3 and older don't work right with mail_read_mmaped = yes. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
263 #mail_read_mmaped = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
264 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
265 # Don't use mmap() at all. This is required if you store indexes to shared |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
266 # filesystems (NFS or clustered filesystem). |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
267 #mmap_disable = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
268 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
269 # Don't write() to mmaped files. This is required for some operating systems |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
270 # which use separate caches for them, such as OpenBSD. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
271 #mmap_no_write = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
272 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
273 # Locking method for index files. Alternatives are fcntl, flock and dotlock. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
274 # Dotlocking uses some tricks which may create more disk I/O than other locking |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
275 # methods. NOTE: If you use NFS, remember to change also mmap_disable setting! |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
276 #lock_method = fcntl |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
277 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
278 # Drop all privileges before exec()ing the mail process. This is mostly |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
279 # meant for debugging, otherwise you don't get core dumps. It could be a small |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
280 # security risk if you use single UID for multiple users, as the users could |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
281 # ptrace() each others processes then. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
282 #mail_drop_priv_before_exec = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
283 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
284 # Show more verbose process titles (in ps). Currently shows user name and |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
285 # IP address. Useful for seeing who are actually using the IMAP processes |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
286 # (eg. shared mailboxes or if same uid is used for multiple accounts). |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
287 #verbose_proctitle = no |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
288 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
289 # Valid UID range for users, defaults to 500 and above. This is mostly |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
290 # to make sure that users can't log in as daemons or other system users. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
291 # Note that denying root logins is hardcoded to dovecot binary and can't |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
292 # be done even if first_valid_uid is set to 0. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
293 #first_valid_uid = 500 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
294 #last_valid_uid = 0 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
295 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
296 # Valid GID range for users, defaults to non-root/wheel. Users having |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
297 # non-valid GID as primary group ID aren't allowed to log in. If user |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
298 # belongs to supplementary groups with non-valid GIDs, those groups are |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
299 # not set. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
300 #first_valid_gid = 1 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
301 #last_valid_gid = 0 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
302 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
303 # Maximum number of running mail processes. When this limit is reached, |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
304 # new users aren't allowed to log in. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
305 #max_mail_processes = 1024 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
306 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
307 # Set max. process size in megabytes. Most of the memory goes to mmap()ing |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
308 # files, so it shouldn't harm much even if this limit is set pretty high. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
309 #mail_process_size = 256 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
310 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
311 # Maximum allowed length for mail keyword name. It's only forced when trying |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
312 # to create new keywords. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
313 #mail_max_keyword_length = 50 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
314 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
315 # Default umask to use for mail files and directories. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
316 #umask = 0077 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
317 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
318 # ':' separated list of directories under which chrooting is allowed for mail |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
319 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
320 # This setting doesn't affect login_chroot or auth_chroot variables. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
321 # WARNING: Never add directories here which local users can modify, that |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
322 # may lead to root exploit. Usually this should be done only if you don't |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
323 # allow shell access for users. See doc/configuration.txt for more information. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
324 #valid_chroot_dirs = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
325 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
326 # Default chroot directory for mail processes. This can be overridden for |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
327 # specific users in user database by giving /./ in user's home directory |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
328 # (eg. /home/./user chroots into /home). Note that usually there is no real |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
329 # need to do chrooting, Dovecot doesn't allow users to access files outside |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
330 # their mail directory anyway. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
331 #mail_chroot = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
332 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
333 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
334 ## Mailbox handling optimizations |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
335 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
336 |
|
3021
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
337 # Space-separated list of fields to initially save into cache file. Currently |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
338 # these fields are allowed: |
|
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
339 # |
|
3021
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
340 # flags, date.sent, date.received, size.virtual, size.physical |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
341 # mime.parts, imap.body, imap.bodystructure |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
342 # |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
343 # Different IMAP clients work in different ways, so they benefit from |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
344 # different cached fields. Some do not benefit from them at all. Caching more |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
345 # than necessary generates useless disk I/O, so you don't want to do that |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
346 # either. |
|
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
347 # |
|
3021
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
348 # Dovecot attempts to automatically figure out what client wants and it keeps |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
349 # only that. However the first few times a mailbox is opened, Dovecot hasn't |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
350 # yet figured out what client needs, so it may not perform optimally. If you |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
351 # know what fields the majority of your clients need, it may be useful to set |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
352 # these fields by hand. If client doesn't actually use them, Dovecot will |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
353 # eventually drop them. |
|
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
354 # |
|
3021
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
355 # Usually you should just leave this field alone. The potential benefits are |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
356 # typically unnoticeable. |
|
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
357 #mail_cache_fields = |
|
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
358 |
|
3021
b987319c7ce3
Updated mail_cache_fields and mail_never_cache_fields comments.
Timo Sirainen <tss@iki.fi>
parents:
2996
diff
changeset
|
359 # Space-separated list of fields that Dovecot should never save to cache file. |
| 987 | 360 # Useful if you want to save disk space at the cost of more I/O when the fields |
| 361 # needed. | |
| 362 #mail_never_cache_fields = | |
| 363 | |
|
3909
411f20e72a8f
Added mail_cache_min_mail_count setting.
Timo Sirainen <tss@iki.fi>
parents:
3902
diff
changeset
|
364 # The minimum number of mails in a mailbox before updates are done to cache |
|
411f20e72a8f
Added mail_cache_min_mail_count setting.
Timo Sirainen <tss@iki.fi>
parents:
3902
diff
changeset
|
365 # file. This allows optimizing Dovecot's behavior to do less disk writes at |
|
411f20e72a8f
Added mail_cache_min_mail_count setting.
Timo Sirainen <tss@iki.fi>
parents:
3902
diff
changeset
|
366 # the cost of more disk reads. |
|
411f20e72a8f
Added mail_cache_min_mail_count setting.
Timo Sirainen <tss@iki.fi>
parents:
3902
diff
changeset
|
367 #mail_cache_min_mail_count = 0 |
|
411f20e72a8f
Added mail_cache_min_mail_count setting.
Timo Sirainen <tss@iki.fi>
parents:
3902
diff
changeset
|
368 |
|
3726
ad1e6b8a5109
mailbox_idle_check_interval comment updated
Timo Sirainen <tss@iki.fi>
parents:
3724
diff
changeset
|
369 # When IDLE command is running, mailbox is checked once in a while to see if |
|
ad1e6b8a5109
mailbox_idle_check_interval comment updated
Timo Sirainen <tss@iki.fi>
parents:
3724
diff
changeset
|
370 # there are any new mails or other changes. This setting defines the minimum |
|
ad1e6b8a5109
mailbox_idle_check_interval comment updated
Timo Sirainen <tss@iki.fi>
parents:
3724
diff
changeset
|
371 # time to wait between those checks. Dovecot is however able to use dnotify |
|
ad1e6b8a5109
mailbox_idle_check_interval comment updated
Timo Sirainen <tss@iki.fi>
parents:
3724
diff
changeset
|
372 # and inotify with Linux to reply immediately after the change occurs. |
| 1177 | 373 #mailbox_idle_check_interval = 30 |
| 374 | |
|
472
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
375 # Save mails with CR+LF instead of plain LF. This makes sending those mails |
|
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
376 # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. |
|
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
377 # But it also creates a bit more disk I/O which may just make it slower. |
|
3648
2c19efe2ddb6
Added compatibility warning about mail_save_crlf.
Timo Sirainen <tss@iki.fi>
parents:
3636
diff
changeset
|
378 # Also note that if other software reads the mboxes/maildirs, they may handle |
|
2c19efe2ddb6
Added compatibility warning about mail_save_crlf.
Timo Sirainen <tss@iki.fi>
parents:
3636
diff
changeset
|
379 # the extra CRs wrong and cause problems. |
|
472
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
380 #mail_save_crlf = no |
|
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
381 |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
382 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
383 ## Maildir-specific settings |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
384 ## |
|
1920
d11efbf1d341
Added fcntl_lock_disable setting to allow indexes to work with NFS. Some
Timo Sirainen <tss@iki.fi>
parents:
1918
diff
changeset
|
385 |
|
2078
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
386 # By default LIST command returns all entries in maildir beginning with dot. |
|
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
387 # Enabling this option makes Dovecot return only entries which are directories. |
|
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
388 # This is done by stat()ing each entry, so it causes more disk I/O. |
|
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
389 # (For systems setting struct dirent->d_type, this check is free and it's |
|
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
390 # done always regardless of this setting) |
|
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
391 #maildir_stat_dirs = no |
|
b3daf55df932
Added maildir_stat_dirs option.
Timo Sirainen <tss@iki.fi>
parents:
2068
diff
changeset
|
392 |
| 0 | 393 # Copy mail to another folders using hard links. This is much faster than |
| 987 | 394 # actually copying the file. This is problematic only if something modifies |
| 395 # the mail in one folder but doesn't want it modified in the others. I don't | |
| 396 # know any MUA which would modify mail files directly. IMAP protocol also | |
| 397 # requires that the mails don't change, so it would be problematic in any case. | |
| 398 # If you care about performance, enable it. | |
| 0 | 399 #maildir_copy_with_hardlinks = no |
| 400 | |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
401 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
402 ## mbox-specific settings |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
403 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
404 |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
405 # Which locking methods to use for locking mbox. There are four available: |
|
1113
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
406 # dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe |
|
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
407 # solution. If you want to use /var/mail/ like directory, the users |
|
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
408 # will need write access to that directory. |
|
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
409 # fcntl : Use this if possible. Works with NFS too if lockd is used. |
|
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
410 # flock : May not exist in all systems. Doesn't work with NFS. |
|
2103
879b0b9ed5d4
Separate mbox_locks/mbox_read_dotlock to mbox_read_locks and
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
411 # lockf : May not exist in all systems. Doesn't work with NFS. |
|
1113
4abeb0fa0fe7
Don't use flock() locking by default. Using both fcntl+flock doesn't work
Timo Sirainen <tss@iki.fi>
parents:
1055
diff
changeset
|
412 # |
|
2103
879b0b9ed5d4
Separate mbox_locks/mbox_read_dotlock to mbox_read_locks and
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
413 # You can use multiple locking methods; if you do the order they're declared |
|
879b0b9ed5d4
Separate mbox_locks/mbox_read_dotlock to mbox_read_locks and
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
414 # in is important to avoid deadlocks if other MTAs/MUAs are using multiple |
|
879b0b9ed5d4
Separate mbox_locks/mbox_read_dotlock to mbox_read_locks and
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
415 # locking methods as well. Some operating systems don't allow using some of |
|
2205
821fbe3e892b
Don't require dotlocking to be first in locking list.
Timo Sirainen <tss@iki.fi>
parents:
2163
diff
changeset
|
416 # them simultaneously. |
|
2103
879b0b9ed5d4
Separate mbox_locks/mbox_read_dotlock to mbox_read_locks and
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
417 #mbox_read_locks = fcntl |
|
879b0b9ed5d4
Separate mbox_locks/mbox_read_dotlock to mbox_read_locks and
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
418 #mbox_write_locks = dotlock fcntl |
|
643
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
419 |
|
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
420 # Maximum time in seconds to wait for lock (all of them) before aborting. |
|
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
421 #mbox_lock_timeout = 300 |
|
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
422 |
|
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
423 # If dotlock exists but the mailbox isn't modified in any way, override the |
|
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
424 # lock file after this many seconds. |
|
4010
6519f3c7bd63
Updated mbox_dotlock_change_timeout default value to 120. Also the mbox
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3976
diff
changeset
|
425 #mbox_dotlock_change_timeout = 120 |
|
643
da34bdd4e0c6
Added mbox lock settings to config file. Support timeouting fcntl() and
Timo Sirainen <tss@iki.fi>
parents:
615
diff
changeset
|
426 |
|
2511
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
427 # When mbox changes unexpectedly we have to fully read it to find out what |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
428 # changed. If the mbox is large this can take a long time. Since the change |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
429 # is usually just a newly appended mail, it'd be faster to simply read the |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
430 # new mails. If this setting is enabled, Dovecot does this but still safely |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
431 # fallbacks to re-reading the whole mbox file whenever something in mbox isn't |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
432 # how it's expected to be. The only real downside to this setting is that if |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
433 # some other MUA changes message flags, Dovecot doesn't notice it immediately. |
|
2666
0ba82d7a5aba
Updated mbox_dirty_syncs and mbox_lazy_writes comments.
Timo Sirainen <tss@iki.fi>
parents:
2662
diff
changeset
|
434 # Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK |
|
0ba82d7a5aba
Updated mbox_dirty_syncs and mbox_lazy_writes comments.
Timo Sirainen <tss@iki.fi>
parents:
2662
diff
changeset
|
435 # commands. |
|
2511
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
436 #mbox_dirty_syncs = yes |
|
710e0bf25bf8
Added mbox_dirty_syncs setting which delays re-reading the whole mbox when
Timo Sirainen <tss@iki.fi>
parents:
2510
diff
changeset
|
437 |
|
2967
b31f48d152c4
Added mbox_very_dirty_syncs setting.
Timo Sirainen <tss@iki.fi>
parents:
2952
diff
changeset
|
438 # Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE, |
|
b31f48d152c4
Added mbox_very_dirty_syncs setting.
Timo Sirainen <tss@iki.fi>
parents:
2952
diff
changeset
|
439 # EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored. |
|
b31f48d152c4
Added mbox_very_dirty_syncs setting.
Timo Sirainen <tss@iki.fi>
parents:
2952
diff
changeset
|
440 #mbox_very_dirty_syncs = no |
|
b31f48d152c4
Added mbox_very_dirty_syncs setting.
Timo Sirainen <tss@iki.fi>
parents:
2952
diff
changeset
|
441 |
|
2666
0ba82d7a5aba
Updated mbox_dirty_syncs and mbox_lazy_writes comments.
Timo Sirainen <tss@iki.fi>
parents:
2662
diff
changeset
|
442 # Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK |
|
0ba82d7a5aba
Updated mbox_dirty_syncs and mbox_lazy_writes comments.
Timo Sirainen <tss@iki.fi>
parents:
2662
diff
changeset
|
443 # commands and when closing the mailbox). This is especially useful for POP3 |
|
0ba82d7a5aba
Updated mbox_dirty_syncs and mbox_lazy_writes comments.
Timo Sirainen <tss@iki.fi>
parents:
2662
diff
changeset
|
444 # where clients often delete all mails. The downside is that our changes |
|
0ba82d7a5aba
Updated mbox_dirty_syncs and mbox_lazy_writes comments.
Timo Sirainen <tss@iki.fi>
parents:
2662
diff
changeset
|
445 # aren't immediately visible to other MUAs. |
|
2662
add94f9aa9e1
Added mbox_lazy_writes setting.
Timo Sirainen <tss@iki.fi>
parents:
2652
diff
changeset
|
446 #mbox_lazy_writes = yes |
|
add94f9aa9e1
Added mbox_lazy_writes setting.
Timo Sirainen <tss@iki.fi>
parents:
2652
diff
changeset
|
447 |
|
3912
fc0b638330a4
Added mbox_min_index_size setting.
Timo Sirainen <tss@iki.fi>
parents:
3909
diff
changeset
|
448 # If mbox size is smaller than this (in kilobytes), don't write index files. |
|
fc0b638330a4
Added mbox_min_index_size setting.
Timo Sirainen <tss@iki.fi>
parents:
3909
diff
changeset
|
449 # If an index file already exists it's still read, just not updated. |
|
fc0b638330a4
Added mbox_min_index_size setting.
Timo Sirainen <tss@iki.fi>
parents:
3909
diff
changeset
|
450 #mbox_min_index_size = 0 |
|
fc0b638330a4
Added mbox_min_index_size setting.
Timo Sirainen <tss@iki.fi>
parents:
3909
diff
changeset
|
451 |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
452 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
453 ## dbox-specific settings |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
454 ## |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
455 |
|
3813
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
456 # Maximum dbox file size in kilobytes until it's rotated. |
|
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
457 #dbox_rotate_size = 2048 |
|
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
458 |
|
3845
18a786df5815
Added dbox_rotate_min_size and fixed rotation checks.
Timo Sirainen <tss@iki.fi>
parents:
3813
diff
changeset
|
459 # Minimum dbox file size in kilobytes before it's rotated |
|
18a786df5815
Added dbox_rotate_min_size and fixed rotation checks.
Timo Sirainen <tss@iki.fi>
parents:
3813
diff
changeset
|
460 # (overrides dbox_rotate_days) |
|
18a786df5815
Added dbox_rotate_min_size and fixed rotation checks.
Timo Sirainen <tss@iki.fi>
parents:
3813
diff
changeset
|
461 #dbox_rotate_min_size = 16 |
|
18a786df5815
Added dbox_rotate_min_size and fixed rotation checks.
Timo Sirainen <tss@iki.fi>
parents:
3813
diff
changeset
|
462 |
|
3813
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
463 # Maximum dbox file age in days until it's rotated. Day always begins from |
|
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
464 # midnight, so 1 = today, 2 = yesterday, etc. 0 = check disabled. |
|
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
465 #dbox_rotate_days = 0 |
|
74289963b8a7
Added dbox_rotate_size and dbox_rotate_days settings.
Timo Sirainen <tss@iki.fi>
parents:
3801
diff
changeset
|
466 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
467 ## |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
468 ## IMAP specific settings |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
469 ## |
|
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
470 |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
471 protocol imap { |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
472 # Login executable location. |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
473 #login_executable = /usr/libexec/dovecot/imap-login |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
474 |
| 3864 | 475 # IMAP executable location. Changing this allows you to execute other |
| 476 # binaries before the imap process is executed. | |
| 477 # | |
| 478 # This would write rawlogs into ~/dovecot.rawlog/ directory: | |
| 479 # mail_executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap | |
| 480 # | |
| 481 # This would attach gdb into the imap process and write backtraces into | |
| 482 # /tmp/gdbhelper.* files: | |
| 483 # mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap | |
| 484 # | |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
485 #mail_executable = /usr/libexec/dovecot/imap |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
486 |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
487 # Maximum IMAP command line length in bytes. Some clients generate very long |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
488 # command lines with huge mailboxes, so you may need to raise this if you get |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
489 # "Too long argument" or "IMAP command line too large" errors often. |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
490 #imap_max_line_length = 65536 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
491 |
|
4074
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
492 # Support for dynamically loadable plugins. mail_plugins is a space separated |
|
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
493 # list of plugins to load. |
|
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
494 #mail_plugins = |
|
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
495 #mail_plugin_dir = /usr/lib/dovecot/imap |
|
2316
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
496 |
|
2674
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
497 # Send IMAP capabilities in greeting message. This makes it unnecessary for |
|
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
498 # clients to request it with CAPABILITY command, so it saves one round-trip. |
|
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
499 # Many clients however don't understand it and ask the CAPABILITY anyway. |
|
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
500 #login_greeting_capability = no |
|
857f5f7b512b
Added login_greeting and login_greeting_capability settings.
Timo Sirainen <tss@iki.fi>
parents:
2673
diff
changeset
|
501 |
|
2316
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
502 # Workarounds for various client bugs: |
|
3204
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
503 # delay-newmail: |
|
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
504 # Send EXISTS/RECENT new mail notifications only when replying to NOOP |
|
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
505 # and CHECK commands. Some clients ignore them otherwise, for example |
|
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
506 # OSX Mail. Outlook Express breaks more badly though, without this it |
|
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
507 # may show user "Message no longer in server" errors. Note that OE6 still |
|
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
508 # breaks even with this workaround if synchronization is set to |
|
c8fffa286b6a
Renamed oe6-fetch-no-newmail workaround to delay-newmail and changed it to
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
509 # "Headers Only". |
|
2316
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
510 # outlook-idle: |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
511 # Outlook and Outlook Express never abort IDLE command, so if no mail |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
512 # arrives in half a hour, Dovecot closes the connection. This is still |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
513 # fine, except Outlook doesn't connect back so you don't see if new mail |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
514 # arrives. |
| 2448 | 515 # netscape-eoh: |
| 516 # Netscape 4.x breaks if message headers don't end with the empty "end of | |
| 517 # headers" line. Normally all messages have this, but setting this | |
| 518 # workaround makes sure that Netscape never breaks by adding the line if | |
| 519 # it doesn't exist. This is done only for FETCH BODY[HEADER.FIELDS..] | |
| 520 # commands. Note that RFC says this shouldn't be done. | |
|
3505
0e05687892dc
Added tb-extra-mailbox-sep IMAP workaround.
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
521 # tb-extra-mailbox-sep: |
|
0e05687892dc
Added tb-extra-mailbox-sep IMAP workaround.
Timo Sirainen <tss@iki.fi>
parents:
3384
diff
changeset
|
522 # With mbox storage a mailbox can contain either mails or submailboxes, |
|
3510
2910fde2725d
Updated behavior of tb-extra-mailbox-sep
Timo Sirainen <tss@iki.fi>
parents:
3509
diff
changeset
|
523 # but not both. Thunderbird separates these two by forcing server to |
|
2910fde2725d
Updated behavior of tb-extra-mailbox-sep
Timo Sirainen <tss@iki.fi>
parents:
3509
diff
changeset
|
524 # accept '/' suffix in mailbox names in subscriptions list. |
|
3788
b412da0eb27c
Clarify that workaround lists are space separated. But allow commas as
Timo Sirainen <tss@iki.fi>
parents:
3764
diff
changeset
|
525 # The list is space-separated. |
|
2726
8ba8f672dc3e
Enable outlook-idle workaround by default.
Timo Sirainen <tss@iki.fi>
parents:
2723
diff
changeset
|
526 #imap_client_workarounds = outlook-idle |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
527 } |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
528 |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
529 ## |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
530 ## POP3 specific settings |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
531 ## |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
532 |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
533 protocol pop3 { |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
534 # Login executable location. |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
535 #login_executable = /usr/libexec/dovecot/pop3-login |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
536 |
|
4588
364c9179bb46
Updated pop3's mail_executable comment
Timo Sirainen <tss@iki.fi>
parents:
4561
diff
changeset
|
537 # POP3 executable location. See IMAP's mail_executable above for examples |
|
364c9179bb46
Updated pop3's mail_executable comment
Timo Sirainen <tss@iki.fi>
parents:
4561
diff
changeset
|
538 # how this could be changed. |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
539 #mail_executable = /usr/libexec/dovecot/pop3 |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
540 |
|
2719
f8adc5cb2508
Renamed pop3_mails_keep_recent to pop3_no_flag_updates which includes
Timo Sirainen <tss@iki.fi>
parents:
2674
diff
changeset
|
541 # Don't try to set mails non-recent or seen with POP3 sessions. This is |
|
f8adc5cb2508
Renamed pop3_mails_keep_recent to pop3_no_flag_updates which includes
Timo Sirainen <tss@iki.fi>
parents:
2674
diff
changeset
|
542 # mostly intended to reduce disk I/O. With maildir it doesn't move files |
|
f8adc5cb2508
Renamed pop3_mails_keep_recent to pop3_no_flag_updates which includes
Timo Sirainen <tss@iki.fi>
parents:
2674
diff
changeset
|
543 # from new/ to cur/, with mbox it doesn't write Status-header. |
|
f8adc5cb2508
Renamed pop3_mails_keep_recent to pop3_no_flag_updates which includes
Timo Sirainen <tss@iki.fi>
parents:
2674
diff
changeset
|
544 #pop3_no_flag_updates = no |
|
2039
f0925b2271e1
Added pop3_mails_keep_recent option. Fixed recent assert crash.
Timo Sirainen <tss@iki.fi>
parents:
2027
diff
changeset
|
545 |
|
2621
c6cc163344c3
Added pop3_enable_last setting to enable deprecated LAST command.
Timo Sirainen <tss@iki.fi>
parents:
2595
diff
changeset
|
546 # Support LAST command which exists in old POP3 specs, but has been removed |
|
c6cc163344c3
Added pop3_enable_last setting to enable deprecated LAST command.
Timo Sirainen <tss@iki.fi>
parents:
2595
diff
changeset
|
547 # from new ones. Some clients still wish to use this though. Enabling this |
|
c6cc163344c3
Added pop3_enable_last setting to enable deprecated LAST command.
Timo Sirainen <tss@iki.fi>
parents:
2595
diff
changeset
|
548 # makes RSET command clear all \Seen flags from messages. |
|
c6cc163344c3
Added pop3_enable_last setting to enable deprecated LAST command.
Timo Sirainen <tss@iki.fi>
parents:
2595
diff
changeset
|
549 #pop3_enable_last = no |
|
4153
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
550 |
|
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
551 # If mail has X-UIDL header, use it as the mail's UIDL. |
|
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
552 #pop3_reuse_xuidl = no |
|
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
553 |
|
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
554 # Keep the mailbox locked for the entire POP3 session. |
|
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
555 #pop3_lock_session = no |
|
690c72358cd5
Added pop3_lock_session setting.
Timo Sirainen <tss@iki.fi>
parents:
4145
diff
changeset
|
556 |
|
2976
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
557 # POP3 UIDL format to use. You can use following variables: |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
558 # |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
559 # %v - Mailbox UIDVALIDITY |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
560 # %u - Mail UID |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
561 # %m - MD5 sum of the mailbox headers in hex (mbox only) |
|
2996
9219e788d774
Added %f pop3_uidl_format for maildir. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2976
diff
changeset
|
562 # %f - filename (maildir only) |
|
2976
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
563 # |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
564 # If you want UIDL compatibility with other POP3 servers, use: |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
565 # UW's ipop3d : %08Xv%08Xu |
|
2996
9219e788d774
Added %f pop3_uidl_format for maildir. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2976
diff
changeset
|
566 # Courier version 0 : %f |
|
2976
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
567 # Courier version 1 : %u |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
568 # Courier version 2 : %v-%u |
| 3142 | 569 # Cyrus (<= 2.1.3) : %u |
| 570 # Cyrus (>= 2.1.4) : %v.%u | |
|
3661
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
571 # Older Dovecots : %v.%u |
|
4456
9577a99b7fef
Added tpop3d's pop3_uidl_format.
Timo Sirainen <tss@iki.fi>
parents:
4400
diff
changeset
|
572 # tpop3d : %Mf |
|
2976
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
573 # |
|
3661
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
574 # Note that Outlook 2003 seems to have problems with %v.%u format which was |
|
2976
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
575 # Dovecot's default, so if you're building a new server it would be a good |
|
96a4ab34c8f1
Added pop3_uidl_format setting.
Timo Sirainen <tss@iki.fi>
parents:
2967
diff
changeset
|
576 # idea to change this. %08Xu%08Xv should be pretty fail-safe. |
|
3661
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
577 # |
|
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
578 # NOTE: Nowadays this is required to be set explicitly, since the old |
|
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
579 # default was bad but it couldn't be changed without breaking existing |
|
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
580 # installations. %08Xu%08Xv will be the new default, so use it for new |
|
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
581 # installations. |
|
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
582 # |
|
a745511d591e
pop3_uidl_format is now required to be explicitly set. There is no default
Timo Sirainen <tss@iki.fi>
parents:
3659
diff
changeset
|
583 #pop3_uidl_format = |
|
2621
c6cc163344c3
Added pop3_enable_last setting to enable deprecated LAST command.
Timo Sirainen <tss@iki.fi>
parents:
2595
diff
changeset
|
584 |
|
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
585 # POP3 logout format string: |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
586 # %t - number of TOP commands |
|
4118
b66da5c1a94b
Replaced %T and %R with %p and %b. %R was already used by string-reversion,
Timo Sirainen <tss@iki.fi>
parents:
4108
diff
changeset
|
587 # %p - number of bytes sent to client as a result of TOP command |
|
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
588 # %r - number of RETR commands |
|
4118
b66da5c1a94b
Replaced %T and %R with %p and %b. %R was already used by string-reversion,
Timo Sirainen <tss@iki.fi>
parents:
4108
diff
changeset
|
589 # %b - number of bytes sent to client as a result of RETR command |
|
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
590 # %d - number of deleted messages |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
591 # %m - number of messages (before deletion) |
|
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
592 # %s - mailbox size in bytes (before deletion) |
|
4118
b66da5c1a94b
Replaced %T and %R with %p and %b. %R was already used by string-reversion,
Timo Sirainen <tss@iki.fi>
parents:
4108
diff
changeset
|
593 #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s |
|
3384
3b75956d20c4
Added configurable logging for login process. Added configurable pop3 logout
Timo Sirainen <tss@iki.fi>
parents:
3259
diff
changeset
|
594 |
|
4074
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
595 # Support for dynamically loadable plugins. mail_plugins is a space separated |
|
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
596 # list of plugins to load. |
|
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
597 #mail_plugins = |
|
dadc6e2cccb8
Replaced mail_use_modules and mail_modules settings with mail_plugins and
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
598 #mail_plugin_dir = /usr/lib/dovecot/pop3 |
|
2316
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
599 |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
600 # Workarounds for various client bugs: |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
601 # outlook-no-nuls: |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
602 # Outlook and Outlook Express hang if mails contain NUL characters. |
|
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
603 # This setting replaces them with 0x80 character. |
| 2952 | 604 # oe-ns-eoh: |
| 605 # Outlook Express and Netscape Mail breaks if end of headers-line is | |
| 606 # missing. This option simply sends it if it's missing. | |
|
3788
b412da0eb27c
Clarify that workaround lists are space separated. But allow commas as
Timo Sirainen <tss@iki.fi>
parents:
3764
diff
changeset
|
607 # The list is space-separated. |
|
2316
1c1ed4494aa4
Split client_workarounds to imap_ and pop3_ ones. Added outlook-no-nuls POP3
Timo Sirainen <tss@iki.fi>
parents:
2288
diff
changeset
|
608 #pop3_client_workarounds = |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
609 } |
|
1465
03dd87873a81
Added support for dynamically loadable imap/pop3 modules.
Timo Sirainen <tss@iki.fi>
parents:
1437
diff
changeset
|
610 |
|
1055
a72bba3f8a55
Rewrote setting handling. Changed some existing settings also since POP3
Timo Sirainen <tss@iki.fi>
parents:
1040
diff
changeset
|
611 ## |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
612 ## LDA specific settings |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
613 ## |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
614 |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
615 protocol lda { |
|
4365
74bde164ae1b
Updated postmaster_address and hostname setting descriptions.
Timo Sirainen <tss@iki.fi>
parents:
4364
diff
changeset
|
616 # Address to use when sending rejection mails. |
|
4364
ed35a04c34fe
Changed default postmaster_address to @example.com
Timo Sirainen <tss@iki.fi>
parents:
4362
diff
changeset
|
617 postmaster_address = postmaster@example.com |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
618 |
|
4365
74bde164ae1b
Updated postmaster_address and hostname setting descriptions.
Timo Sirainen <tss@iki.fi>
parents:
4364
diff
changeset
|
619 # Hostname to use in various parts of sent mails, eg. in Message-Id. |
|
74bde164ae1b
Updated postmaster_address and hostname setting descriptions.
Timo Sirainen <tss@iki.fi>
parents:
4364
diff
changeset
|
620 # Default is the system's real hostname. |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
621 #hostname = |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
622 |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
623 # Support for dynamically loadable plugins. mail_plugins is a space separated |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
624 # list of plugins to load. |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
625 #mail_plugins = |
|
4383
dc1f912bbf10
Default mail_plugin_dir was wrong for lda.
Timo Sirainen <tss@iki.fi>
parents:
4366
diff
changeset
|
626 #mail_plugin_dir = /usr/lib/dovecot/lda |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
627 |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
628 # Binary to use for sending mails. |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
629 #sendmail_path = /usr/lib/sendmail |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
630 |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
631 # UNIX socket path to master authentication server to find users. |
|
4366
5f0d649c26c3
Updated LDA's default auth_socket_path
Timo Sirainen <tss@iki.fi>
parents:
4365
diff
changeset
|
632 #auth_socket_path = /var/run/dovecot/auth-master |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
633 } |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
634 |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
635 ## |
| 0 | 636 ## Authentication processes |
| 637 ## | |
| 638 | |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
639 # Executable location |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
640 #auth_executable = /usr/libexec/dovecot/dovecot-auth |
| 0 | 641 |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
642 # Set max. process size in megabytes. |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
643 #auth_process_size = 256 |
| 0 | 644 |
|
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
645 # Authentication cache size in kilobytes. 0 means it's disabled. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
646 # Note that bsdauth, PAM and vpopmail require cache_key to be set for caching |
|
3659
7a04c13af9bc
Added a warning about multiple passdbs to auth_cache_size.
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
647 # to be used. Also note that currently auth cache doesn't work very well if |
|
7a04c13af9bc
Added a warning about multiple passdbs to auth_cache_size.
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
648 # you're using multiple passdbs with same usernames in them. |
|
2798
54b29901a793
Added simple LRU cache for auth requests. Currently only for sql passdb.
Timo Sirainen <tss@iki.fi>
parents:
2792
diff
changeset
|
649 #auth_cache_size = 0 |
|
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
650 # Time to live in seconds for cached data. After this many seconds the cached |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
651 # record is no longer used, *except* if the main database lookup returns |
|
4658
3b49b9ec87dc
auth_cache: Try to handle changing passwords automatically: If password
Timo Sirainen <tss@iki.fi>
parents:
4627
diff
changeset
|
652 # internal failure. We also try to handle password changes automatically: If |
|
3b49b9ec87dc
auth_cache: Try to handle changing passwords automatically: If password
Timo Sirainen <tss@iki.fi>
parents:
4627
diff
changeset
|
653 # user's previous authentication was successful, but this one wasn't, the |
|
3b49b9ec87dc
auth_cache: Try to handle changing passwords automatically: If password
Timo Sirainen <tss@iki.fi>
parents:
4627
diff
changeset
|
654 # cache isn't used. For now this works only with plaintext authentication. |
|
2798
54b29901a793
Added simple LRU cache for auth requests. Currently only for sql passdb.
Timo Sirainen <tss@iki.fi>
parents:
2792
diff
changeset
|
655 #auth_cache_ttl = 3600 |
|
54b29901a793
Added simple LRU cache for auth requests. Currently only for sql passdb.
Timo Sirainen <tss@iki.fi>
parents:
2792
diff
changeset
|
656 |
|
1328
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
657 # Space separated list of realms for SASL authentication mechanisms that need |
|
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
658 # them. You can leave it empty if you don't want to support multiple realms. |
|
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
659 # Many clients simply use the first one listed here, so keep the default realm |
|
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
660 # first. |
| 0 | 661 #auth_realms = |
| 662 | |
| 2133 | 663 # Default realm/domain to use if none was specified. This is used for both |
| 664 # SASL realms and appending @domain to username in plaintext logins. | |
|
1328
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
665 #auth_default_realm = |
|
0a524d229f50
Added auth_default_realm (based on patch by Kristian Hoffmann)
Timo Sirainen <tss@iki.fi>
parents:
1318
diff
changeset
|
666 |
|
1330
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
667 # List of allowed characters in username. If the user-given username contains |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
668 # a character not listed in here, the login automatically fails. This is just |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
669 # an extra check to make sure user can't exploit any potential quote escaping |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
670 # vulnerabilities with SQL/LDAP databases. If you want to allow all characters, |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
671 # set this value to empty. |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
672 #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ |
|
7cde19dbe754
Moved auth_username_chars from db-pgsql to generic for all. Some other
Timo Sirainen <tss@iki.fi>
parents:
1328
diff
changeset
|
673 |
|
2510
0f660149c7ef
Added auth_username_translation setting.
Timo Sirainen <tss@iki.fi>
parents:
2448
diff
changeset
|
674 # Username character translations before it's looked up from databases. The |
|
0f660149c7ef
Added auth_username_translation setting.
Timo Sirainen <tss@iki.fi>
parents:
2448
diff
changeset
|
675 # value contains series of from -> to characters. For example "#@/@" means |
|
0f660149c7ef
Added auth_username_translation setting.
Timo Sirainen <tss@iki.fi>
parents:
2448
diff
changeset
|
676 # that '#' and '/' characters are translated to '@'. |
|
0f660149c7ef
Added auth_username_translation setting.
Timo Sirainen <tss@iki.fi>
parents:
2448
diff
changeset
|
677 #auth_username_translation = |
|
0f660149c7ef
Added auth_username_translation setting.
Timo Sirainen <tss@iki.fi>
parents:
2448
diff
changeset
|
678 |
|
4168
3f27bf7832a2
Added auth_username_format setting.
Timo Sirainen <tss@iki.fi>
parents:
4165
diff
changeset
|
679 # Username formatting before it's looked up from databases. You can use |
|
3f27bf7832a2
Added auth_username_format setting.
Timo Sirainen <tss@iki.fi>
parents:
4165
diff
changeset
|
680 # the standard variables here, eg. %Lu would lowercase the username, %n would |
|
3f27bf7832a2
Added auth_username_format setting.
Timo Sirainen <tss@iki.fi>
parents:
4165
diff
changeset
|
681 # drop away the domain if it was given, or "%n-AT-%d" would change the '@' into |
|
3f27bf7832a2
Added auth_username_format setting.
Timo Sirainen <tss@iki.fi>
parents:
4165
diff
changeset
|
682 # "-AT-". This translation is done after auth_username_translation changes. |
|
3f27bf7832a2
Added auth_username_format setting.
Timo Sirainen <tss@iki.fi>
parents:
4165
diff
changeset
|
683 #auth_username_format = |
|
3f27bf7832a2
Added auth_username_format setting.
Timo Sirainen <tss@iki.fi>
parents:
4165
diff
changeset
|
684 |
|
4108
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
685 # If you want to allow master users to log in by specifying the master |
|
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
686 # username within the normal username string (ie. not using SASL mechanism's |
|
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
687 # support for it), you can specify the separator character here. The format |
|
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
688 # is then <username><separator><master username>. UW-IMAP uses "*" as the |
|
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
689 # separator, so that could be a good choice. |
|
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
690 #auth_master_user_separator = |
|
e1774d677536
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4104
diff
changeset
|
691 |
|
1437
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
692 # Username to use for users logging in with ANONYMOUS SASL mechanism |
|
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
693 #auth_anonymous_username = anonymous |
|
c27c6089e933
Added support for ANONYMOUS SASL mechanism.
Timo Sirainen <tss@iki.fi>
parents:
1330
diff
changeset
|
694 |
| 999 | 695 # More verbose logging. Useful for figuring out why authentication isn't |
| 696 # working. | |
| 697 #auth_verbose = no | |
| 0 | 698 |
| 2417 | 699 # Even more verbose logging for debugging purposes. Shows for example SQL |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3912
diff
changeset
|
700 # queries. |
| 2417 | 701 #auth_debug = no |
| 702 | |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3912
diff
changeset
|
703 # In case of password mismatches, log the passwords and used scheme so the |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3912
diff
changeset
|
704 # problem can be debugged. Requires auth_debug=yes to be set. |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3912
diff
changeset
|
705 #auth_debug_passwords = no |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3912
diff
changeset
|
706 |
|
3166
e6a487d80288
Restructuring of auth code. Balancer auth processes were a bad idea. Usually
Timo Sirainen <tss@iki.fi>
parents:
3144
diff
changeset
|
707 # Maximum number of dovecot-auth worker processes. They're used to execute |
|
e6a487d80288
Restructuring of auth code. Balancer auth processes were a bad idea. Usually
Timo Sirainen <tss@iki.fi>
parents:
3144
diff
changeset
|
708 # blocking passdb and userdb queries (eg. MySQL and PAM). They're |
|
e6a487d80288
Restructuring of auth code. Balancer auth processes were a bad idea. Usually
Timo Sirainen <tss@iki.fi>
parents:
3144
diff
changeset
|
709 # automatically created and destroyed as needed. |
|
e6a487d80288
Restructuring of auth code. Balancer auth processes were a bad idea. Usually
Timo Sirainen <tss@iki.fi>
parents:
3144
diff
changeset
|
710 #auth_worker_max_count = 30 |
|
e6a487d80288
Restructuring of auth code. Balancer auth processes were a bad idea. Usually
Timo Sirainen <tss@iki.fi>
parents:
3144
diff
changeset
|
711 |
|
3683
28cca6317829
Added GSSAPI support. Patch by Jelmer Vernooij and some fixes by
Timo Sirainen <tss@iki.fi>
parents:
3679
diff
changeset
|
712 # Kerberos keytab to use for the GSSAPI mechanism. Will use the system |
|
28cca6317829
Added GSSAPI support. Patch by Jelmer Vernooij and some fixes by
Timo Sirainen <tss@iki.fi>
parents:
3679
diff
changeset
|
713 # default (usually /etc/krb5.keytab) if not specified. |
|
28cca6317829
Added GSSAPI support. Patch by Jelmer Vernooij and some fixes by
Timo Sirainen <tss@iki.fi>
parents:
3679
diff
changeset
|
714 #auth_krb5_keytab = |
|
28cca6317829
Added GSSAPI support. Patch by Jelmer Vernooij and some fixes by
Timo Sirainen <tss@iki.fi>
parents:
3679
diff
changeset
|
715 |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
716 auth default { |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
717 # Space separated list of wanted authentication mechanisms: |
|
4145
469a60254c79
Updated mechanism list. Added link to MasterPassword in wiki.
Timo Sirainen <tss@iki.fi>
parents:
4120
diff
changeset
|
718 # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi |
|
1707
ba70d60987e2
We now support checking the password against all defined auth processes and
Timo Sirainen <tss@iki.fi>
parents:
1688
diff
changeset
|
719 mechanisms = plain |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
720 |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
721 # |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
722 # Password database is used to verify user's password (and nothing more). |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
723 # You can have multiple passdbs and userdbs. This is useful if you want to |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
724 # allow both system users (/etc/passwd) and virtual users to login without |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
725 # duplicating the system users into virtual database. |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
726 # |
|
4145
469a60254c79
Updated mechanism list. Added link to MasterPassword in wiki.
Timo Sirainen <tss@iki.fi>
parents:
4120
diff
changeset
|
727 # http://wiki.dovecot.org/Authentication |
|
469a60254c79
Updated mechanism list. Added link to MasterPassword in wiki.
Timo Sirainen <tss@iki.fi>
parents:
4120
diff
changeset
|
728 # |
|
4030
faf83f3e19b5
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4010
diff
changeset
|
729 # By adding master=yes setting inside a passdb you make the passdb a list |
|
4104
77e10f1d2cb2
Removed master_no_passdb setting. Added pass setting which can be used to do
Timo Sirainen <tss@iki.fi>
parents:
4098
diff
changeset
|
730 # of "master users", who can log in as anyone else. Unless you're using PAM, |
|
77e10f1d2cb2
Removed master_no_passdb setting. Added pass setting which can be used to do
Timo Sirainen <tss@iki.fi>
parents:
4098
diff
changeset
|
731 # you probably still want the destination user to be looked up from passdb |
|
77e10f1d2cb2
Removed master_no_passdb setting. Added pass setting which can be used to do
Timo Sirainen <tss@iki.fi>
parents:
4098
diff
changeset
|
732 # that it really exists. This can be done by adding pass=yes setting to the |
|
77e10f1d2cb2
Removed master_no_passdb setting. Added pass setting which can be used to do
Timo Sirainen <tss@iki.fi>
parents:
4098
diff
changeset
|
733 # master passdb. |
|
4030
faf83f3e19b5
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4010
diff
changeset
|
734 # |
|
4145
469a60254c79
Updated mechanism list. Added link to MasterPassword in wiki.
Timo Sirainen <tss@iki.fi>
parents:
4120
diff
changeset
|
735 # http://wiki.dovecot.org/MasterPassword |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
736 |
| 3609 | 737 # Users can be temporarily disabled by adding a passdb with deny=yes. |
| 738 # If the user is found from that database, authentication will fail. | |
| 739 # The deny passdb should always be specified before others, so it gets | |
| 740 # checked first. Here's an example: | |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
741 |
| 3609 | 742 #passdb passwd-file { |
| 743 # File contains a list of usernames, one per line | |
| 3610 | 744 #args = /etc/dovecot.deny |
| 3609 | 745 #deny = yes |
| 746 #} | |
| 747 | |
|
4080
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
748 # PAM authentication. Preferred nowadays by most systems. |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
749 # Note that PAM can only be used to verify if user's password is correct, |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
750 # so it can't be used as userdb. If you don't want to use a separate user |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
751 # database (passwd usually), you can use static userdb. |
|
4080
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
752 # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM |
|
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
753 # authentication to actually work. |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
754 passdb pam { |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
755 # [session=yes] [setcred=yes] [cache_key=<key>] [<service name>] |
| 3509 | 756 # |
|
3764
852274ab176d
PAM: Changed -session to session=yes to be more consistent with other
Timo Sirainen <tss@iki.fi>
parents:
3739
diff
changeset
|
757 # session=yes makes Dovecot open and immediately close PAM session. Some |
|
852274ab176d
PAM: Changed -session to session=yes to be more consistent with other
Timo Sirainen <tss@iki.fi>
parents:
3739
diff
changeset
|
758 # PAM plugins need this to work, such as pam_mkhomedir. |
|
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
759 # |
|
4357
ffb59f920018
Don't call pam_setcred() unless setcred=yes PAM passdb argument was given.
Timo Sirainen <tss@iki.fi>
parents:
4210
diff
changeset
|
760 # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins |
|
ffb59f920018
Don't call pam_setcred() unless setcred=yes PAM passdb argument was given.
Timo Sirainen <tss@iki.fi>
parents:
4210
diff
changeset
|
761 # need that. They aren't ever deleted though, so this isn't enabled by |
|
ffb59f920018
Don't call pam_setcred() unless setcred=yes PAM passdb argument was given.
Timo Sirainen <tss@iki.fi>
parents:
4210
diff
changeset
|
762 # default. |
|
ffb59f920018
Don't call pam_setcred() unless setcred=yes PAM passdb argument was given.
Timo Sirainen <tss@iki.fi>
parents:
4210
diff
changeset
|
763 # |
|
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
764 # cache_key can be used to enable authentication caching for PAM |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
765 # (auth_cache_size also needs to be set). It isn't enabled by default |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
766 # because PAM modules can do all kinds of checks besides checking password, |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
767 # such as checking IP address. Dovecot can't know about these checks |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
768 # without some help. cache_key is simply a list of variables (see |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
769 # doc/variables.txt) which must match for the cached data to be used. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
770 # Here are some examples: |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
771 # %u - Username must match. Probably sufficient for most uses. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
772 # %u%r - Username and remote IP address must match. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
773 # %u%s - Username and service (ie. IMAP, POP3) must match. |
| 3509 | 774 # |
| 775 # If service name is "*", it means the authenticating service name | |
|
4080
89c94b5ac90e
Added notes about changing ports and about /etc/pam.d/dovecot
Timo Sirainen <tss@iki.fi>
parents:
4074
diff
changeset
|
776 # is used, eg. pop3 or imap (/etc/pam.d/pop3, /etc/pam.d/imap). |
|
3764
852274ab176d
PAM: Changed -session to session=yes to be more consistent with other
Timo Sirainen <tss@iki.fi>
parents:
3739
diff
changeset
|
777 # |
|
852274ab176d
PAM: Changed -session to session=yes to be more consistent with other
Timo Sirainen <tss@iki.fi>
parents:
3739
diff
changeset
|
778 # Some examples: |
|
852274ab176d
PAM: Changed -session to session=yes to be more consistent with other
Timo Sirainen <tss@iki.fi>
parents:
3739
diff
changeset
|
779 # args = session=yes * |
|
852274ab176d
PAM: Changed -session to session=yes to be more consistent with other
Timo Sirainen <tss@iki.fi>
parents:
3739
diff
changeset
|
780 # args = cache_key=%u dovecot |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
781 #args = dovecot |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
782 } |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
783 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
784 # /etc/passwd or similar, using getpwnam() |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
785 # In many systems nowadays this uses Name Service Switch, which is |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
786 # configured in /etc/nsswitch.conf. |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
787 #passdb passwd { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
788 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
789 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
790 # /etc/shadow or similiar, using getspnam(). Deprecated by PAM nowadays. |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
791 #passdb shadow { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
792 #} |
| 3142 | 793 |
|
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
794 # BSD authentication. Used by at least OpenBSD. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
795 #passdb bsdauth { |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
796 # [cache_key=<key>] - See cache_key in PAM for explanation. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
797 #args = |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
798 #} |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
799 |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
800 # passwd-like file with specified location |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
801 #passdb passwd-file { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
802 # Path for passwd-file |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
803 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
804 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
805 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
806 # checkpassword executable authentication |
|
3667
b7569a6a4ada
Renamed userdb passdb to prefetch.
Timo Sirainen <tss@iki.fi>
parents:
3661
diff
changeset
|
807 # NOTE: You will probably want to use "userdb prefetch" with this. |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
808 #passdb checkpassword { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
809 # Path for checkpassword binary |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
810 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
811 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
812 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
813 # SQL database |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
814 #passdb sql { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
815 # Path for SQL configuration file, see doc/dovecot-sql.conf for example |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
816 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
817 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
818 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
819 # LDAP database |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
820 #passdb ldap { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
821 # Path for LDAP configuration file, see doc/dovecot-ldap.conf for example |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
822 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
823 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
824 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
825 # vpopmail authentication |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
826 #passdb vpopmail { |
|
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
827 # [cache_key=<key>] - See cache_key in PAM for explanation. |
|
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3648
diff
changeset
|
828 #args = |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
829 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
830 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
831 # |
| 3026 | 832 # User database specifies where mails are located and what user/group IDs |
| 833 # own them. For single-UID configuration use "static". | |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
834 # |
| 3028 | 835 # http://wiki.dovecot.org/Authentication |
| 836 # http://wiki.dovecot.org/VirtualUsers | |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
837 # |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
838 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
839 # /etc/passwd or similar, using getpwnam() |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
840 # In many systems nowadays this uses Name Service Switch, which is |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
841 # configured in /etc/nsswitch.conf. |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
842 userdb passwd { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
843 } |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
844 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
845 # passwd-like file with specified location |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
846 #userdb passwd-file { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
847 # Path for passwd-file |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
848 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
849 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
850 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
851 # static settings generated from template |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
852 #userdb static { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
853 # Template for settings. Can return anything a userdb could normally |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
854 # return, eg.: uid, gid, home, mail, nice |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
855 # |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
856 # A few examples: |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
857 # |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
858 # args = uid=500 gid=500 home=/var/mail/%u |
|
3561
7faf81f89cab
Change mail setting in static userdb not to use %h since it doesn't work.
Timo Sirainen <tss@iki.fi>
parents:
3511
diff
changeset
|
859 # args = uid=500 gid=500 home=/home/%u mail=mbox:/home/%u/mail nice=10 |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
860 # |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
861 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
862 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
863 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
864 # SQL database |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
865 #userdb sql { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
866 # Path for SQL configuration file, see doc/dovecot-sql.conf for example |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
867 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
868 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
869 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
870 # LDAP database |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
871 #userdb ldap { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
872 # Path for LDAP configuration file, see doc/dovecot-ldap.conf for example |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
873 #args = |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
874 #} |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
875 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
876 # vpopmail |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
877 #userdb vpopmail { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
878 #} |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
879 |
|
3667
b7569a6a4ada
Renamed userdb passdb to prefetch.
Timo Sirainen <tss@iki.fi>
parents:
3661
diff
changeset
|
880 # "prefetch" user database means that the passdb already provided the |
|
3595
4d2ee2274c70
Added information about userdb passdb.
Timo Sirainen <tss@iki.fi>
parents:
3568
diff
changeset
|
881 # needed information and there's no need to do a separate userdb lookup. |
|
3739
ab929802ad6c
Added some more information about prefetch userdb.
Timo Sirainen <tss@iki.fi>
parents:
3726
diff
changeset
|
882 # This can be made to work with SQL and LDAP databases, see their example |
|
ab929802ad6c
Added some more information about prefetch userdb.
Timo Sirainen <tss@iki.fi>
parents:
3726
diff
changeset
|
883 # configuration files for more information how to do it. |
|
3595
4d2ee2274c70
Added information about userdb passdb.
Timo Sirainen <tss@iki.fi>
parents:
3568
diff
changeset
|
884 # http://wiki.dovecot.org/AuthSpecials |
|
3718
c62c573560c1
"userdb prefetch" should be commented out by default.
Timo Sirainen <tss@iki.fi>
parents:
3683
diff
changeset
|
885 #userdb prefetch { |
|
c62c573560c1
"userdb prefetch" should be commented out by default.
Timo Sirainen <tss@iki.fi>
parents:
3683
diff
changeset
|
886 #} |
|
3595
4d2ee2274c70
Added information about userdb passdb.
Timo Sirainen <tss@iki.fi>
parents:
3568
diff
changeset
|
887 |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
888 # User to use for the process. This user needs access to only user and |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
889 # password databases, nothing else. Only shadow and pam authentication |
|
1615
a8dc875a8918
Included comment about passwd+BSD requiring roots.
Timo Sirainen <tss@iki.fi>
parents:
1610
diff
changeset
|
890 # requires roots, so use something else if possible. Note that passwd |
|
a8dc875a8918
Included comment about passwd+BSD requiring roots.
Timo Sirainen <tss@iki.fi>
parents:
1610
diff
changeset
|
891 # authentication with BSDs internally accesses shadow files, which also |
| 3026 | 892 # requires roots. Note that this user is NOT used to access mails. |
| 893 # That user is specified by userdb above. | |
|
1707
ba70d60987e2
We now support checking the password against all defined auth processes and
Timo Sirainen <tss@iki.fi>
parents:
1688
diff
changeset
|
894 user = root |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
895 |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
896 # Directory where to chroot the process. Most authentication backends don't |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
897 # work if this is set, and there's no point chrooting if auth_user is root. |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
898 # Note that valid_chroot_dirs isn't needed to use this setting. |
|
1707
ba70d60987e2
We now support checking the password against all defined auth processes and
Timo Sirainen <tss@iki.fi>
parents:
1688
diff
changeset
|
899 #chroot = |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
900 |
|
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
901 # Number of authentication processes to create |
|
1707
ba70d60987e2
We now support checking the password against all defined auth processes and
Timo Sirainen <tss@iki.fi>
parents:
1688
diff
changeset
|
902 #count = 1 |
|
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
1997
diff
changeset
|
903 |
|
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
1997
diff
changeset
|
904 # Require a valid SSL client certificate or the authentication fails. |
|
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
1997
diff
changeset
|
905 #ssl_require_client_cert = no |
|
3635
c12df370e1b2
Added ssl_username_from_cert setting. Not actually tested yet..
Timo Sirainen <tss@iki.fi>
parents:
3610
diff
changeset
|
906 |
|
4695
07afd19bc53e
Updates to ssl_ca_file and ssl_username_from_cert comments in
Timo Sirainen <tss@iki.fi>
parents:
4658
diff
changeset
|
907 # Take the username from client's SSL certificate, using |
|
07afd19bc53e
Updates to ssl_ca_file and ssl_username_from_cert comments in
Timo Sirainen <tss@iki.fi>
parents:
4658
diff
changeset
|
908 # X509_NAME_get_text_by_NID() which returns the subject's DN's |
|
07afd19bc53e
Updates to ssl_ca_file and ssl_username_from_cert comments in
Timo Sirainen <tss@iki.fi>
parents:
4658
diff
changeset
|
909 # CommonName. |
|
3635
c12df370e1b2
Added ssl_username_from_cert setting. Not actually tested yet..
Timo Sirainen <tss@iki.fi>
parents:
3610
diff
changeset
|
910 #ssl_username_from_cert = no |
|
1610
6850142c4e25
New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents:
1592
diff
changeset
|
911 |
|
4359
92ad9dbcde85
Moved the socket listen example into auth default instead of having its own
Timo Sirainen <tss@iki.fi>
parents:
4357
diff
changeset
|
912 # It's possible to export the authentication interface to other programs: |
|
4360
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
913 #socket listen { |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
914 #master { |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
915 # Master socket is typically used to give Dovecot's local delivery |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
916 # agent access to userdb so it can find mailbox locations. It can |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
917 # however also be used to disturb regular user authentications. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
918 # WARNING: Giving untrusted users access to master socket may be a |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
919 # security risk, don't give too wide permissions to it! |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
920 #path = /var/run/dovecot/auth-master |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
921 #mode = 0600 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
922 # Default user/group is the one who started dovecot-auth (root) |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
923 #user = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
924 #group = |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
925 #} |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
926 #client { |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
927 # The client socket is generally safe to export to everyone. Typical use |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
928 # is to export it to your SMTP server so it can do SMTP AUTH lookups |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
929 # using it. |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
930 #path = /var/run/dovecot/auth-client |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
931 #mode = 0660 |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
932 #} |
|
7b18bb6b6450
Moved around settings and added some main groups to them, hopefully making
Timo Sirainen <tss@iki.fi>
parents:
4359
diff
changeset
|
933 #} |
|
4359
92ad9dbcde85
Moved the socket listen example into auth default instead of having its own
Timo Sirainen <tss@iki.fi>
parents:
4357
diff
changeset
|
934 } |
|
2236
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
935 |
|
4359
92ad9dbcde85
Moved the socket listen example into auth default instead of having its own
Timo Sirainen <tss@iki.fi>
parents:
4357
diff
changeset
|
936 # If you wish to use another authentication server than dovecot-auth, you can |
|
92ad9dbcde85
Moved the socket listen example into auth default instead of having its own
Timo Sirainen <tss@iki.fi>
parents:
4357
diff
changeset
|
937 # use connect sockets. They assumed to be already running, Dovecot's master |
|
2236
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
938 # process only tries to connect to them. They don't need any other settings |
|
4359
92ad9dbcde85
Moved the socket listen example into auth default instead of having its own
Timo Sirainen <tss@iki.fi>
parents:
4357
diff
changeset
|
939 # than the path for the master socket, as the configuration is done elsewhere. |
|
92ad9dbcde85
Moved the socket listen example into auth default instead of having its own
Timo Sirainen <tss@iki.fi>
parents:
4357
diff
changeset
|
940 # Note that the client sockets must exist in the login_dir. |
|
2236
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
941 #auth external { |
|
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
942 # socket connect { |
|
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
943 # master { |
|
4209
ca14a26d28b4
Changed auth-master example socket to /var/run/dovecot/auth-master again.
Timo Sirainen <tss@iki.fi>
parents:
4168
diff
changeset
|
944 # path = /var/run/dovecot/auth-master |
|
2236
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
945 # } |
|
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
946 # } |
|
43b82a35888d
Dovecot can now connect to externally running dovecot-auth.
Timo Sirainen <tss@iki.fi>
parents:
2231
diff
changeset
|
947 #} |
|
3975
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
948 |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
949 ## |
|
4393
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
950 ## Dictionary server settings |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
951 ## |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
952 |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
953 # Dictionary can be used by some plugins to store key=value lists. |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
954 # Currently this is only used by dict quota backend. The dictionary can be |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
955 # used either directly or though a dictionary server. The following dict block |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
956 # maps dictionary names to URIs when the server is used. These can then be |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
957 # referenced using URIs in format "proxy:<name>". |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
958 |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
959 dict { |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
960 #quota = mysql:/etc/dovecot-dict-quota.conf |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
961 } |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
962 |
|
9928ebb54719
Instead of passing URIs directly to dictionary server, it now accepts only
Timo Sirainen <tss@iki.fi>
parents:
4383
diff
changeset
|
963 ## |
|
4362
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
964 ## Plugin settings |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
965 ## |
|
fde5c7704ee2
Added protocol lda section and did some other cleanups
Timo Sirainen <tss@iki.fi>
parents:
4361
diff
changeset
|
966 |
|
3975
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
967 plugin { |
|
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
968 # Here you can give some extra environment variables to mail processes. |
|
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
969 # This is mostly meant for passing parameters to plugins. %variable |
|
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
970 # expansion is done for all values. |
|
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
971 |
|
4098
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
972 # Quota plugin. Multiple backends are supported: |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
973 # dirsize: Find and sum all the files found from mail directory |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
974 # dict: Keep quota stored in dictionary (eg. SQL) |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
975 # maildir: Maildir++ quota |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
976 # fs: Read-only support for filesystem quota |
|
4509
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
977 # |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
978 # Quota limits are set using "quota_rule" parameters, either in here or in |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
979 # userdb. It's also possible to give mailbox-specific limits, for example: |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
980 # quota_rule = *:storage=1048576 |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
981 # quota_rule2 = Trash:storage=102400 |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
982 # User has now 1GB quota, but when saving to Trash mailbox the user gets |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
983 # additional 100MB. |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
984 # |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
985 # Multiple quota roots are also possible, for example: |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
986 # quota = dict:user::/etc/dovecot-user-quota.conf |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
987 # quota2 = dict:domain:%d:/etc/dovecot-domain-quota.conf |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
988 # quota_rule = *:storage=102400 |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
989 # quota2_rule = *:storage=1048576 |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
990 # Gives each user their own 100MB quota and one shared 1GB quota within |
|
e5e79558ac2d
Added support for multiple quota roots, rules and storages. The configuration
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4484
diff
changeset
|
991 # the domain. |
|
4098
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
992 #quota = maildir |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
993 |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
994 # ACL plugin. vfile backend reads ACLs from "dovecot-acl" file from maildir |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
995 # directory. You can also optionally give a global ACL directory path where |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
996 # ACLs are applied to all users' mailboxes. The global ACL directory contains |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
997 # one file for each mailbox, eg. INBOX or sub.mailbox. |
|
59883de6c516
Added ACL plugin comments and updated quota comments.
Timo Sirainen <tss@iki.fi>
parents:
4081
diff
changeset
|
998 #acl = vfile:/etc/dovecot-acls |
| 3976 | 999 |
| 1000 # Convert plugin. If set, specifies the source storage path which is | |
| 1001 # converted to destination storage (default_mail_env). | |
| 1002 #convert_mail = mbox:%h/mail | |
|
4400
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1003 |
|
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1004 # Trash plugin. When saving a message would make user go over quota, this |
|
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1005 # plugin automatically deletes the oldest mails from configured mailboxes |
|
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1006 # until the message can be saved within quota limits. The configuration file |
|
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1007 # is a text file where each line is in format: <priority> <mailbox name> |
|
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1008 # Mails are first deleted in lowest -> highest priority number order |
|
593523f53500
Removed hardcoded trash plugin configuration paths. Added information about
Timo Sirainen <tss@iki.fi>
parents:
4393
diff
changeset
|
1009 #trash = /etc/dovecot-trash.conf |
|
4523
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1010 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1011 # Expire plugin. Mails are expunged from mailboxes after being there the |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1012 # configurable time. The first expiration date for each mailbox is stored in |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1013 # a dictionary so it can be quickly determined which mailboxes contain |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1014 # expired mails. The actual expunging is done in a nightly cronjob, which |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1015 # you must set up: |
| 4526 | 1016 # dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool |
|
4523
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1017 #expire = Trash 7 Spam 30 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
4509
diff
changeset
|
1018 #expire_dict = db:/var/lib/dovecot/expire.db |
|
3975
9de8bce1077e
Added plugin {} section to dovecot.conf for passing extra environment
Timo Sirainen <tss@iki.fi>
parents:
3951
diff
changeset
|
1019 } |