1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266
|
## imapproxy.conf
##
## This is the global configuration file for imapproxy.
## Lines beginning with a '#' sign are treated as comments and will be
## ignored. Each line to be processed must be a space delimited
## keyword/value pair.
##
#
## server_hostname
##
## This setting controls which IMAP server we proxy our connections to.
#
server_hostname your.imap.server.com
#
## connect_retries
##
## This setting controls how many times we retry connecting to our server.
## The delay between retries is configurable with 'connect_delay'
#
connect_retries 10
connect_delay 5
#
## cache_size
##
## This setting determines how many in-core IMAP connection structures
## will be allocated. As such, it determines not only how many cached
## connections will be allowed, but really the total number of simultaneous
## connections, cached and active.
#
cache_size 3072
#
## listen_port
##
## This setting specifies which port the proxy server will bind to and
## accept incoming connections from.
#
listen_port 143
#
## listen_address
##
## This setting specifies which address the proxy server will bind to and
## accept incoming connections to. If undefined, bind to all.
## Must be a dotted decimal IP address.
#
#listen_address 127.0.0.1
#
## server_port
##
## This setting specifies the port that server_hostname is listening on.
## This is the TCP port that we proxy inbound connections to.
##
## If you are using SSL with IMAP Proxy, note that unless the server is
## highly non-standard, this should still be set to the server's normal,
## unencrypted IMAP port and should NOT be set to port 993, since IMAP
## Proxy uses STARTTLS to encrypt a "normal" IMAP connection.
##
## If the server is only available via (encrypted) port 993, please
## consult the README.ssl file for help.
#
server_port 143
#
## cache_expiration_time
##
## This setting controls how many seconds an inactive connection will be
## cached.
#
cache_expiration_time 300
#
## proc_username
##
## This setting controls which username the IMAP proxy process will run as.
## It is not allowed to run as "root".
#
proc_username nobody
#
## proc_groupname
##
## This setting controls which groupname the IMAP proxy process will run as.
#
proc_groupname nobody
#
## stat_filename
##
## This is the path to the filename that the proxy server mmap()s to
## write statistical data to. This is the file that pimpstat needs to
## look at to be able to provide its useful stats.
#
stat_filename /var/run/pimpstats
#
## protocol_log_filename
##
## protocol logging may only be turned on for one user at a time. All
## protocol logging data is written to the file specified by this path.
#
protocol_log_filename /var/log/imapproxy_protocol.log
#
## syslog_facility
##
## The logging facility to be used for all syslog calls. If nothing is
## specified here, it will default to LOG_MAIL. Any of the possible
## facilities listed in the syslog(3) manpage may be used here except
## LOG_KERN.
#
syslog_facility LOG_MAIL
#
## syslog_prioritymask
##
## This configuration option is provided as a way to limit the verbosity
## of imapproxy. If no value is specified, it will default to no priority
## mask and you'll see all possible log messages. Any of the possible
## priority values listed in the syslog(3) manpage may be used here. By
## default, you will see all possible log messages.
#
#syslog_prioritymask LOG_WARNING
#
## send_tcp_keepalives
##
## This determines whether the SO_KEEPALIVE option will be set on all
## sockets.
#
send_tcp_keepalives no
#
## enable_select_cache
##
## This configuration option allows you to turn select caching on or off.
## When select caching is enabled, imapproxy will cache SELECT responses
## from an IMAP server.
#
enable_select_cache no
#
## foreground_mode
##
## This will prevent imapproxy from detaching from its parent process and
## controlling terminal on startup.
#
foreground_mode no
#
## force_tls
##
## Force imapproxy to use STARTTLS even if LOGIN is not disabled (unsecured
## connections will not be used).
#
force_tls no
#
## chroot_directory
##
## This allows imapproxy to run in a chroot jail if desired.
## If commented out, imapproxy will not run chroot()ed. If a directory is
## specified here, imapproxy will chroot() to that directory.
#
#chroot_directory /var/empty
#
## preauth_command
##
## Arbitrary command that can be sent to the server before
## authenticating users. This can be useful to access non-
## standard IMAP servers such as Yahoo!, which requires the
## following command to be sent before authentication is allowed:
## ID ("GUID" "1")
## (See: http://en.wikipedia.org/wiki/Yahoo!_Mail#Free_IMAP_and_SMTPs_access )
## To use such a command, this setting should look like this:
## preauth_command ID ("GUID" "1")
## No matter what this command is, it is expected to return an
## OK response
#
#preauth_command
#
## enable_admin_commands
##
## Used to enable or disable the internal imapproxy administrative commands.
#
enable_admin_commands no
#
## TLS configuration options
#
#tls_ca_file /usr/share/ssl/certs/ca-bundle.crt
#tls_ca_path /usr/share/ssl/certs/
#tls_cert_file /usr/share/ssl/certs/mycert.crt
#tls_key_file /usr/share/ssl/certs/mycert.key
#tls_verify_server no
#tls_ciphers ALL:!aNULL:!eNULL
#
## Set any of these to "yes" if the corresponding TLS version is not
## sufficiently secure for your needs.
#
#tls_no_tlsv1 no
#tls_no_tlsv1.1 no
#tls_no_tlsv1.2 no
#
## Authenticate using SASL AUTHENTICATE PLAIN
##
## The following authentication username and password are used
## along with the username from the client as the authorization
## identity. In order to avoid having the service wide open (no
## password needed from the client), the client is required to
## send the auth_shared_secret in leiu of a user password.
##
## NOTE: This functionality *assumes* that the server supports
## AUTHENTICATE PLAIN, and it does *not* verify this by
## looking at the server's capabilities list.
#
#auth_sasl_plain_username
#auth_sasl_plain_password
#auth_shared_secret
#
## Use DNS RR
#
## Use DNS round robin to cycle through all returned RRs we
## got when looking up the IMAP server with getaddrinfo().
## Default is no.
##
#
#dns_rr yes
#
## Limit DNS requests to AF_INET or AF_INET6
##
## Set ipversion_only to 4 or 6 accordingly.
## Default if unset is AF_UNSPEC for both A and AAAA.
#
#ipversion_only 6
|