1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
|
#! /bin/sh -e
## DP: Small changes to dovecot-example.conf
## DP: Author: Jaldhar H. Vyas <jaldhar@debian.org>
. $(dirname $0)/DPATCH
exit 0
@DPATCH@
diff -urN dovecot-1.0.rc15/dovecot-example.conf dovecot-1.0.rc15.debian/dovecot-example.conf
--- dovecot-1.0.rc15/dovecot-example.conf 2008-03-13 12:24:03.000000000 +0100
+++ dovecot-1.0.rc15.debian/dovecot-example.conf 2008-03-13 12:25:07.000000000 +0100
@@ -18,6 +18,7 @@
# Protocols we want to be serving: imap imaps pop3 pop3s
# If you only want to use dovecot-auth, you can set this to "none".
#protocols = imap imaps
+protocols =
# IP or host address where to listen in for connections. It's not currently
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
@@ -66,6 +67,7 @@
# Prefix for each line written to log file. % codes are in strftime(3)
# format.
#log_timestamp = "%b %d %H:%M:%S "
+log_timestamp = "%Y-%m-%d %H:%M:%S "
# Syslog facility to use if you're logging to syslog. Usually if you don't
# want to use "mail", you'll use local0..local7. Also other standard
@@ -85,8 +87,7 @@
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
-# root. Included doc/mkcert.sh can be used to easily generate self-signed
-# certificate, just make sure to update the domains in dovecot-openssl.cnf
+# root.
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
@@ -196,7 +197,7 @@
# %d - domain part in user@domain, empty if there's no domain
# %h - home directory
#
-# See doc/variables.txt for full list. Some examples:
+# See /usr/share/doc/dovecot-common/variables.txt for full list. Some examples:
#
# mail_location = maildir:~/Maildir
# mail_location = mbox:~/mail:INBOX=/var/mail/%u
@@ -245,9 +246,17 @@
#hidden = yes
#}
-# Grant access to these extra groups for mail processes. Typical use would be
-# to give "mail" group write access to /var/mail to be able to create dotlocks.
-#mail_extra_groups =
+# Group to enable temporarily for privileged operations. Currently this is
+# used only for creating mbox dotlock files when creation fails for INBOX.
+# Typically this is set to "mail" to give access to /var/mail.
+mail_privileged_group = mail
+
+# Grant access to these supplementary groups for mail processes. Typically
+# these are used to set up access to shared mailboxes. Note that it may be
+# dangerous to set these if users can create symlinks (e.g. if "mail" group is
+# set here, ln -s /var/mail ~/mail/var could allow a user to delete others'
+# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it).
+#mail_access_groups =
# Allow full filesystem access to clients. There's no access checks other than
# what the operating system does for the active UID/GID. It works with both
@@ -263,7 +272,8 @@
# isn't finding your mails.
#mail_debug = no
-# Log prefix for mail processes. See doc/variables.txt for list of possible
+# Log prefix for mail processes. See
+# /usr/share/doc/dovecot-common/variables.txt for list of possible
# variables you can use.
#mail_log_prefix = "%Us(%u): "
@@ -330,7 +340,8 @@
# This setting doesn't affect login_chroot or auth_chroot variables.
# WARNING: Never add directories here which local users can modify, that
# may lead to root exploit. Usually this should be done only if you don't
-# allow shell access for users. See doc/configuration.txt for more information.
+# allow shell access for users. See
+# /usr/share/doc/dovecot-common/configuration.txt for more information.
#valid_chroot_dirs =
# Default chroot directory for mail processes. This can be overridden for
@@ -480,19 +491,19 @@
protocol imap {
# Login executable location.
- #login_executable = /usr/libexec/dovecot/imap-login
+ #login_executable = /usr/lib/dovecot/imap-login
# IMAP executable location. Changing this allows you to execute other
# binaries before the imap process is executed.
#
# This would write rawlogs into ~/dovecot.rawlog/ directory:
- # mail_executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap
+ # mail_executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/imap
#
# This would attach gdb into the imap process and write backtraces into
# /tmp/gdbhelper.* files:
# mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap
#
- #mail_executable = /usr/libexec/dovecot/imap
+ #mail_executable = /usr/lib/dovecot/imap
# Maximum IMAP command line length in bytes. Some clients generate very long
# command lines with huge mailboxes, so you may need to raise this if you get
@@ -502,7 +513,7 @@
# Support for dynamically loadable plugins. mail_plugins is a space separated
# list of plugins to load.
#mail_plugins =
- #mail_plugin_dir = /usr/lib/dovecot/imap
+ #mail_plugin_dir = /usr/lib/dovecot/modules/imap
# Send IMAP capabilities in greeting message. This makes it unnecessary for
# clients to request it with CAPABILITY command, so it saves one round-trip.
@@ -545,11 +556,11 @@
protocol pop3 {
# Login executable location.
- #login_executable = /usr/libexec/dovecot/pop3-login
+ #login_executable = /usr/lib/dovecot/pop3-login
# POP3 executable location. See IMAP's mail_executable above for examples
# how this could be changed.
- #mail_executable = /usr/libexec/dovecot/pop3
+ #mail_executable = /usr/lib/dovecot/pop3
# Don't try to set mails non-recent or seen with POP3 sessions. This is
# mostly intended to reduce disk I/O. With maildir it doesn't move files
@@ -593,7 +604,7 @@
# installations. %08Xu%08Xv will be the new default, so use it for new
# installations.
#
- #pop3_uidl_format =
+ pop3_uidl_format = %08Xu%08Xv
# POP3 logout format string:
# %t - number of TOP commands
@@ -608,7 +619,7 @@
# Support for dynamically loadable plugins. mail_plugins is a space separated
# list of plugins to load.
#mail_plugins =
- #mail_plugin_dir = /usr/lib/dovecot/pop3
+ #mail_plugin_dir = /usr/lib/dovecot/modules/pop3
# Workarounds for various client bugs:
# outlook-no-nuls:
@@ -625,9 +636,9 @@
## LDA specific settings
##
-protocol lda {
+# protocol lda {
# Address to use when sending rejection mails.
- postmaster_address = postmaster@example.com
+ # postmaster_address = postmaster@example.com
# Hostname to use in various parts of sent mails, eg. in Message-Id.
# Default is the system's real hostname.
@@ -636,21 +647,24 @@
# Support for dynamically loadable plugins. mail_plugins is a space separated
# list of plugins to load.
#mail_plugins =
- #mail_plugin_dir = /usr/lib/dovecot/lda
+ #mail_plugin_dir = /usr/lib/dovecot/modules/lda
# Binary to use for sending mails.
#sendmail_path = /usr/lib/sendmail
# UNIX socket path to master authentication server to find users.
#auth_socket_path = /var/run/dovecot/auth-master
-}
+
+ # Enabling Sieve plugin for server-side mail filtering
+ # mail_plugins = cmusieve
+# }
##
## Authentication processes
##
# Executable location
-#auth_executable = /usr/libexec/dovecot/dovecot-auth
+#auth_executable = /usr/lib/dovecot/dovecot-auth
# Set max. process size in megabytes.
#auth_process_size = 256
@@ -780,7 +794,8 @@
# because PAM modules can do all kinds of checks besides checking password,
# such as checking IP address. Dovecot can't know about these checks
# without some help. cache_key is simply a list of variables (see
- # doc/variables.txt) which must match for the cached data to be used.
+ # /usr/share/doc/dovecot-common/variables.txt) which must match for
+ # the cached data to be used.
# Here are some examples:
# %u - Username must match. Probably sufficient for most uses.
# %u%r - Username and remote IP address must match.
@@ -832,14 +847,14 @@
# SQL database
# http://wiki.dovecot.org/AuthDatabase/SQL
#passdb sql {
- # Path for SQL configuration file, see doc/dovecot-sql.conf for example
+ # Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for example
#args =
#}
# LDAP database
# http://wiki.dovecot.org/AuthDatabase/LDAP
#passdb ldap {
- # Path for LDAP configuration file, see doc/dovecot-ldap.conf for example
+ # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for example
#args =
#}
@@ -886,14 +901,14 @@
# SQL database
# http://wiki.dovecot.org/AuthDatabase/SQL
#userdb sql {
- # Path for SQL configuration file, see doc/dovecot-sql.conf for example
+ # Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for example
#args =
#}
# LDAP database
# http://wiki.dovecot.org/AuthDatabase/LDAP
#userdb ldap {
- # Path for LDAP configuration file, see doc/dovecot-ldap.conf for example
+ # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for example
#args =
#}
@@ -956,6 +971,18 @@
#mode = 0660
#}
#}
+
+ ## dovecot-lda specific settings
+ ##
+ # socket listen {
+ # master {
+ # path = /var/run/dovecot/auth-master
+ # mode = 0600
+ # user = mail # User running Dovecot LDA
+ # #group = mail # Or alternatively mode 0660 + LDA user in this group
+ # }
+ # }
+
}
# If you wish to use another authentication server than dovecot-auth, you can
|
