Mercurial > dovecot > original-hg > dovecot-1.2
annotate dovecot-example.conf @ 614:e60620644af3 HEAD
login_process_per_connection = yes scales now better when multiple users are
trying to log in at the same time.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 16 Nov 2002 07:57:20 +0200 |
parents | 1906116a62ce |
children | 0d852af6842e |
rev | line source |
---|---|
0 | 1 ## Dovecot 1.0 configuration file |
2 | |
3 # Default values are shown after each value, it's not required to uncomment | |
435 | 4 # any of the lines. Exception to this are paths, they're just examples |
5 # with real defaults being based on configure options. The paths listed here | |
6 # are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var | |
0 | 7 |
8 # Port to listen in for IMAP connections. This port is used for TLS | |
9 # connections as well. Setting it to 0 disables it. | |
10 #imap_port = 143 | |
11 | |
12 # Port to listen in for SSL IMAP connections. Setting it to 0 disables it. | |
13 #imaps_port = 993 | |
14 | |
15 # IP or host address where to listen in for IMAP connections. Empty means to | |
16 # listen in all interfaces. It's not possible to specify multiple. | |
17 #imap_listen = | |
18 | |
19 # IP or host address where to listen in for SSL IMAP connections. Defaults | |
20 # to imap_listen if not specified. | |
21 #imaps_listen = | |
22 | |
519 | 23 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before |
518
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
24 # dropping root privileges, so keep the key file unreadable by anyone but |
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
25 # root. Note that these default paths here are absolute, configure options |
1f9b96080525
Updated SSL certificate comments.
Timo Sirainen <tss@iki.fi>
parents:
472
diff
changeset
|
26 # don't affect them. Use for example OpenSSL to generate these files. |
0 | 27 #ssl_cert_file = /etc/ssl/certs/imapd.pem |
28 #ssl_key_file = /etc/ssl/private/imapd.pem | |
29 | |
30 # Disable LOGIN command and all other plaintext authentications unless | |
31 # SSL/TLS is used (LOGINDISABLED capability) | |
32 #disable_plaintext_auth = no | |
33 | |
35
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
34 # Use this logfile instead of syslog() |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
35 #log_path = |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
36 |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
37 # Prefix for each line written to log file. % codes are in strftime(3) |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
38 # format. Note the extra space at the end of line. |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
39 #log_timestamp = %b %d %H:%M:%S |
b420373f88f6
Added log_path and log_timestamp settings to config file. Removed -l command
Timo Sirainen <tss@iki.fi>
parents:
27
diff
changeset
|
40 |
0 | 41 ## |
42 ## Login process | |
43 ## | |
44 | |
45 # Executable location | |
46 #login_executable = /usr/lib/dovecot/imap-login | |
47 | |
48 # User to use for imap-login process | |
49 #login_user = imapd | |
50 | |
51 # Directory where imap-auth places authentication UNIX sockets which login | |
52 # needs to be able to connect to. The sockets are created when running as | |
53 # root, so you don't need to give imap-auth any access for it. | |
54 #login_dir = /var/run/dovecot/login | |
55 | |
435 | 56 # chroot imap-login process to the login_dir. Only reason not to do this |
0 | 57 # is if you wish to run the whole imapd without roots. |
58 #login_chroot = yes | |
59 | |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
60 # Should each login be processed in it's own process (yes), or should one |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
61 # login process be allowed to process multiple connections (no)? Yes is more |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
62 # secure, espcially with SSL/TLS enabled. No is faster since there's no need |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
63 # to create processes all the time. |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
64 #login_process_per_connection = yes |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
65 |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
66 # Number of imap-login processes to create. If login_process_per_user is |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
67 # yes, this is the number of extra processes waiting for users to log in. |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
68 #login_processes_count = 3 |
0 | 69 |
614
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
70 # Maximum number of extra login processes to create. The extra process count |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
71 # usually stays at login_processes_count, but when multiple users start logging |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
72 # in at the same time more extra processes are created. To prevent fork-bombing |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
73 # we check only once in a second if new processes should be created - if all |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
74 # of them are used at the time, we double their amount until limit set by this |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
75 # setting is reached. This setting is used only if login_process_per_use is yes. |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
76 #login_max_processes_count = 128 |
e60620644af3
login_process_per_connection = yes scales now better when multiple users are
Timo Sirainen <tss@iki.fi>
parents:
613
diff
changeset
|
77 |
0 | 78 # Maximum number of connections allowed in login state. When this limit is |
613
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
79 # reached, the oldest connections are dropped. If login_process_per_user |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
80 # is no, this is a per-process value, so the absolute maximum number of users |
1906116a62ce
Finally support for handling each login connection in it's own process.
Timo Sirainen <tss@iki.fi>
parents:
600
diff
changeset
|
81 # logging in actually login_processes_count * max_logging_users. |
0 | 82 #max_logging_users = 256 |
83 | |
84 ## | |
85 ## IMAP process | |
86 ## | |
87 | |
88 # Executable location | |
89 #imap_executable = /usr/lib/dovecot/imap | |
90 | |
91 # Maximum number of running imap processes. When this limit is reached, | |
92 # new users aren't allowed to log in. | |
93 #max_imap_processes = 1024 | |
94 | |
596
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
95 # Show more verbose process titles (in ps). Currently shows user name and |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
96 # IP address. Useful for seeing who are actually using the IMAP processes |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
97 # (eg. shared mailboxes or if same uid is used for multiple accounts). |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
98 #verbose_proctitle = no |
ab3590c3a7d9
Added verbose_proctitle setting: Show more verbose process titles (in ps).
Timo Sirainen <tss@iki.fi>
parents:
519
diff
changeset
|
99 |
0 | 100 # Valid UID/GID ranges for imap users, defaults to 500 and above. |
101 # Note that denying root logins is hardcoded to imap-master binary and | |
102 # can't be done even if first_valid_uid is set to 0. | |
103 #first_valid_uid = 500 | |
104 #last_valid_uid = 0 | |
105 | |
106 #first_valid_gid = 1 | |
107 #last_valid_gid = 0 | |
108 | |
109 # ':' separated list of directories under which chrooting is allowed for imap | |
110 # processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). | |
111 # WARNING: Never add directories here which local users can modify, that | |
112 # may lead to root exploit. Usually this should be done only if you don't | |
113 # allow shell access for users. | |
114 #valid_chroot_dirs = | |
115 | |
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
116 # Space-separated list of fields to cache for all mails. Currently these |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
117 # fields are allowed followed by a list of commands they speed up: |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
118 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
119 # Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
120 # SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
121 # HEADER IN-REPLY-TO |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
122 # Body - FETCH BODY |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
123 # Bodystructure - FETCH BODY, BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
124 # MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE, |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
125 # SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
126 # generation. This is always set with mbox mailboxes, and |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
127 # also default with Maildir. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
128 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
129 # Different IMAP clients work in different ways, that's why Dovecot by default |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
130 # only caches MessagePart which speeds up most operations. Whenever client |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
131 # does something where caching could be used, the field is automatically marked |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
132 # to be cached later. For example after FETCH BODY the BODY will be cached |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
133 # for all new messages. Normally you should leave this alone, unless you know |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
134 # what most of your IMAP clients are. Caching more fields than needed makes |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
135 # the index files larger and generate useless I/O. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
136 # |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
137 # With maildir there's one extra optimization - if nothing is cached, indexing |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
138 # the maildir becomes much faster since it's not opening any of the mail files. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
139 # This could be useful if your IMAP clients access only new mails. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
140 |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
141 #mail_cache_fields = MessagePart |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
142 |
600
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
143 # Dovecot can notify client of new mail in selected mailbox soon after it's |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
144 # received. This setting specifies the minimum interval in seconds between |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
145 # new mail notifications to client - internally they may be checked more or |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
146 # less often. Setting this to 0 disables the checking. |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
147 #mailbox_check_interval = 30 |
3b44bc64afd4
mailbox_check_interval setting: Dovecot can notify client of new mail in
Timo Sirainen <tss@iki.fi>
parents:
596
diff
changeset
|
148 |
462
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
149 # Space-separated list of fields that Dovecot should never set to be cached. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
150 # Useful if you want to save disk space at the cost of more I/O when the fields |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
151 # needed. |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
152 #mail_never_cache_fields = |
67d22b7b0918
Added mail_cache_fields and mail_never_cache_fields settings, plus settings
Timo Sirainen <tss@iki.fi>
parents:
435
diff
changeset
|
153 |
472
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
154 # Save mails with CR+LF instead of plain LF. This makes sending those mails |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
155 # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
156 # But it also creates a bit more disk I/O which may just make it slower. |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
157 #mail_save_crlf = no |
2fa0bfb65268
Added setting mail_save_crlf. Few other settings cleanups.
Timo Sirainen <tss@iki.fi>
parents:
462
diff
changeset
|
158 |
0 | 159 # Copy mail to another folders using hard links. This is much faster than |
160 # actually copying the file. Only problem with it is that if either of the | |
161 # mails are modified directly both will change. This isn't a problem with | |
162 # IMAP however since it offers no way to modify the existing mails. Also | |
163 # at least mutt modifies mails by deleting the old one and inserting a new | |
164 # modified mail. So if performance matters at all you should turn this on. | |
165 #maildir_copy_with_hardlinks = no | |
166 | |
167 # Check if mails' content has been changed by external programs. This slows | |
168 # down things as extra stat() needs to be called for each file. | |
169 #maildir_check_content_changes = no | |
170 | |
101
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
171 # If main index file is incompatible with us, should we overwrite it or |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
172 # create a new index with another name. Unless you are running Dovecot in |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
173 # multiple computers with different architectures accessing the same |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
174 # mailboxes (eg. via NFS), it's safe to set this "yes". |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
175 #overwrite_incompatible_index = no |
edc37d046b08
Added overwrite_incompatible_index setting. Also we now try to use only
Timo Sirainen <tss@iki.fi>
parents:
35
diff
changeset
|
176 |
0 | 177 # umask to use for mail files and directories |
178 #umask = 0077 | |
179 | |
180 ## | |
181 ## Authentication processes | |
182 ## | |
183 | |
184 # You can have multiple processes; each time "auth = xx" is seen, a new | |
185 # process definition is started. The point of multiple processes is to be | |
186 # able to set stricter permissions to others. For example, plain/PAM | |
187 # authentication requires roots, but if you also use digest-md5 authentication | |
188 # for some users, you can authenticate them without any privileges in a | |
189 # separate auth process. Just remember that only one auth process is asked | |
190 # for the password, so you can't have different passwords with different | |
191 # processes (unless they have different auth methods, and you're ok with | |
192 # having different password for each method). | |
193 | |
194 # Authentication process name. | |
195 auth = default | |
196 | |
284 | 197 # Authentication methods this process allows separated with a space. |
198 # Currently supported: plain digest-md5 | |
0 | 199 auth_methods = plain |
200 | |
201 # Space separated list of realms with authentication methods that need them. | |
202 # This is usually empty or the host name of the server (eg. | |
203 # mail.mycompany.com). | |
204 # - plain auth checks the password from all realms specified in here | |
205 # - digest-md5 must have the password added for each realm separately, and | |
206 # many clients simply use the first realm listed here. so if you really | |
207 # need to add more realms, add them to end of the list. | |
208 #auth_realms = | |
209 | |
210 # Where the user information and passwords are stored into: | |
211 # passwd: /etc/passwd or similiar, using getpwnam() | |
212 # shadow: /etc/shadow or similiar, using getspnam() | |
213 # pam: PAM authentication | |
214 # passwd-file /etc/passwd.imap: /etc/passwd-like file. Supports digest-md5 | |
215 # style passwords | |
280
fa2d1a1d025e
vpopmail authentication. compiles, not tested if it really works.
Timo Sirainen <tss@iki.fi>
parents:
101
diff
changeset
|
216 # vpopmail: vpopmail authentication |
27 | 217 auth_userinfo = pam |
0 | 218 |
219 # Executable location | |
435 | 220 #auth_executable = /usr/lib/dovecot/imap-auth |
0 | 221 |
222 # User to use for the process. Only shadow and pam authentication requires | |
223 # roots, so use something else if possible. | |
224 auth_user = root | |
225 | |
435 | 226 # Directory where to chroot the process. Most authentication backends don't |
227 # work if this is set, and there's no point chrooting if auth_user is root. | |
0 | 228 #auth_chroot = |
229 | |
230 # Number of authentication processes to create | |
231 #auth_count = 1 | |
232 | |
233 | |
234 # digest-md5 authentication process. It requires special MD5 passwords which | |
235 # /etc/shadow and PAM doesn't support, so we never need roots to handle it. | |
236 # Note that the passwd-file is opened before chrooting and dropping root | |
237 # privileges, so it may be 0600-root owned file. | |
238 | |
239 #auth = digest_md5 | |
240 #auth_methods = digest-md5 | |
241 #auth_realms = | |
242 #auth_userinfo = passwd-file /etc/passwd.imap | |
243 #auth_user = imapauth | |
244 #auth_chroot = /var/run/dovecot/auth | |
245 | |
246 # if you plan to use only passwd-file, you don't need the two auth processes, | |
247 # simply set "auth_methods = plain digest-md5" |