## Dovecot 1.0 configuration file

# Default values are shown after each value, it's not required to uncomment
# any of the lines.

# Port to listen in for IMAP connections. This port is used for TLS
# connections as well. Setting it to 0 disables it.
#imap_port = 143

# Port to listen in for SSL IMAP connections. Setting it to 0 disables it.
#imaps_port = 993

# IP or host address where to listen in for IMAP connections. Empty means to
# listen in all interfaces. It's not possible to specify multiple.
#imap_listen = 

# IP or host address where to listen in for SSL IMAP connections. Defaults
# to imap_listen if not specified.
#imaps_listen = 

# SSL certificate/key, they're opened as root
#ssl_cert_file = /etc/ssl/certs/imapd.pem
#ssl_key_file = /etc/ssl/private/imapd.pem

# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability)
#disable_plaintext_auth = no

# Use this logfile instead of syslog()
#log_path = 

# Prefix for each line written to log file. % codes are in strftime(3)
# format. Note the extra space at the end of line.
#log_timestamp = %b %d %H:%M:%S 

##
## Login process
##

# Executable location
#login_executable = /usr/lib/dovecot/imap-login

# User to use for imap-login process
#login_user = imapd

# Directory where imap-auth places authentication UNIX sockets which login
# needs to be able to connect to. The sockets are created when running as
# root, so you don't need to give imap-auth any access for it.
#login_dir = /var/run/dovecot/login

# chroot() imap-login process to the login_dir. Only reason not to do this
# is if you wish to run the whole imapd without roots.
#login_chroot = yes

# Number of imap-login processes to use, one or two is enough
#login_processes_count = 1

# Maximum number of connections allowed in login state. When this limit is
# reached, the oldest connections are dropped.
#max_logging_users = 256

##
## IMAP process
##

# Executable location
#imap_executable = /usr/lib/dovecot/imap

# Maximum number of running imap processes. When this limit is reached,
# new users aren't allowed to log in.
#max_imap_processes = 1024

# Valid UID/GID ranges for imap users, defaults to 500 and above.
# Note that denying root logins is hardcoded to imap-master binary and
# can't be done even if first_valid_uid is set to 0.
#first_valid_uid = 500
#last_valid_uid = 0

#first_valid_gid = 1
#last_valid_gid = 0

# ':' separated list of directories under which chrooting is allowed for imap
# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
# WARNING: Never add directories here which local users can modify, that
# may lead to root exploit. Usually this should be done only if you don't
# allow shell access for users.
#valid_chroot_dirs = 

# Copy mail to another folders using hard links. This is much faster than
# actually copying the file. Only problem with it is that if either of the
# mails are modified directly both will change. This isn't a problem with
# IMAP however since it offers no way to modify the existing mails. Also
# at least mutt modifies mails by deleting the old one and inserting a new
# modified mail. So if performance matters at all you should turn this on.
#maildir_copy_with_hardlinks = no

# Check if mails' content has been changed by external programs. This slows
# down things as extra stat() needs to be called for each file.
#maildir_check_content_changes = no

# umask to use for mail files and directories
#umask = 0077

##
## Authentication processes
##

# You can have multiple processes; each time "auth = xx" is seen, a new
# process definition is started. The point of multiple processes is to be
# able to set stricter permissions to others. For example, plain/PAM
# authentication requires roots, but if you also use digest-md5 authentication
# for some users, you can authenticate them without any privileges in a
# separate auth process. Just remember that only one auth process is asked
# for the password, so you can't have different passwords with different
# processes (unless they have different auth methods, and you're ok with
# having different password for each method).

# Authentication process name.
auth = default

# Authentication methods this process allows separated with a space
auth_methods = plain

# Space separated list of realms with authentication methods that need them.
# This is usually empty or the host name of the server (eg.
# mail.mycompany.com).
#  - plain auth checks the password from all realms specified in here
#  - digest-md5 must have the password added for each realm separately, and
#    many clients simply use the first realm listed here. so if you really
#    need to add more realms, add them to end of the list.
#auth_realms =

# Where the user information and passwords are stored into:
#   passwd: /etc/passwd or similiar, using getpwnam()
#   shadow: /etc/shadow or similiar, using getspnam()
#   pam: PAM authentication
#   passwd-file /etc/passwd.imap: /etc/passwd-like file. Supports digest-md5
#                                 style passwords
auth_userinfo = pam

# Executable location
#auth_executable = /var/lib/dovecot/imap-auth

# User to use for the process. Only shadow and pam authentication requires
# roots, so use something else if possible.
auth_user = root

# Directory where to chroot the process
#auth_chroot = 

# Number of authentication processes to create
#auth_count = 1


# digest-md5 authentication process. It requires special MD5 passwords which
# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
# Note that the passwd-file is opened before chrooting and dropping root
# privileges, so it may be 0600-root owned file.

#auth = digest_md5
#auth_methods = digest-md5
#auth_realms = 
#auth_userinfo = passwd-file /etc/passwd.imap
#auth_user = imapauth
#auth_chroot = /var/run/dovecot/auth

# if you plan to use only passwd-file, you don't need the two auth processes,
# simply set "auth_methods = plain digest-md5"