# # $FreeBSD$ # # Sample configurations file for Cyrus IMAPd # Most lines in this file are commented; in this case the default is used. # The commented lines (usually) contain the default value # The pathname of the IMAP configuration directory # configdirectory: /var/imap # The partition name used by default for new mailboxes # #defaultpartition: default # The directory for the different partitions # partition-default: /var/spool/imap # Use the UNIX separator character '/' for delimiting levels of # mailbox hierarchy. The default is to use the netnews separator # character '.'. #unixhierarchysep: no # Use the alternate IMAP namespace, where personal folders reside at # the same level in the hierarchy as INBOX. # #altnamespace: no # If using the alternate IMAP namespace, the prefix for the other # users namespace. The hierarchy delimiter will be automatically # appended. # #userprefix: Other Users # If using the alternate IMAP namespace, the prefix for the shared # namespace. The hierarchy delimiter will be automatically appended. # #sharedprefix: Shared Folders # The umask value used by various Cyrus IMAP programs # #umask: 077 # This is the hostname visible in the greeting messages of the POP, # IMAP and LMTP daemons. If it is unset, then the result returned from # gethostname(2) is used. # #servername: # Whether to allow anonymous logins # #allowanonymouslogin: no # Allow the use of cleartext passwords on the wire. # #allowplaintext: yes # The percent of quota utilization over which the server generates # warnings. # #quotawarn: 90 # The length of the IMAP server's inactivity autologout timer, in minutes. # The minimum value is 30, the default. # #timeout: 30 # The interval (in seconds) for polling the mailbox for changes while # running the IDLE command. This option is used when idled can not be # contacted or when polling is used exclusively. The minimum value is # 1. A value of 0 will disable polling (and disable IDLE if polling # is the only method available). # #imapidlepoll: 60 # If enabled, the server responds to an ID command with a parameter # list containing: version, vendor, support-url, os, os-version, # command, arguments, environment. Otherwise the server returns NIL. # #imapidresponse: yes # Set the length of the POP server's inactivity autologout timer, in # minutes. The minimum value is 10, the default. # #poptimeout: 10 # Set the minimum amount of time the server forces users to wait between # successive POP logins, in minutes. The default is 0. # #popminpoll: 0 # The number of days advertised as being the minimum a message may be # left on the POP server before it is deleted (via the CAPA command, # defined in the POP3 Extension Mechanism, which some clients may # support). "NEVER", the default, may be specified with a negative # number. The Cyrus POP3 server never deletes mail, no matter what # the value of this parameter is. However, if a site implements a # less liberal policy, it needs to change this parameter accordingly. # #popexpiretime: 0 # The list of userids with administrative rights. Separate each userid # with a space. We recommend that administrator userids be separate from # standard userids. Sites using Kerberos authentication may use separate # "admin" instances. # #admins: # A list of users and groups that are allowed to proxy for other # users, seperated by spaces. Any user listed in this will be allowed # to login for any other user: use with caution. # #proxyservers: # The Access Control List (ACL) placed on a newly-created (non-user) # mailbox that does not have a parent mailbox. # #defaultacl: anyone lrs # The pathname of the news spool directory. Only used if the partition-news # configuration option is set. # #newsspool: # Prefix to be prepended to newsgroup names to make the corresponding IMAP # mailbox names. # #newsprefix: # If nonzero, normal users may create their own IMAP accounts by creating # the mailbox INBOX. The user's quota is set to the value if it is positive, # otherwise the user has unlimited quota. # #autocreatequota: 0 # Include notations in the protocol telemetry logs indicating the number # of seconds since the last command or response. # #logtimestamps: no # Number of seconds to pause after a successful plaintext login. For systems # that support strong authentication, this permits users to perceive a cost # of using plaintext passwords. # #plaintextloginpause: 0 # The pathname of srvtab file containing the server's private key. # This option is passed to the SASL library and overrides its default # setting. # #srvtab: /etc/srvtab # The list of remote realms whose users may log in using cross-realm # authentications. Seperate each realm name by a space. This option is # only used when the server is compiled with Kerberos authentication. # #loginrealms: # If enabled, any authentication identity which has a rights on a user's # INBOX may log in as that user. This option is only used when the server # is compiled with Kerberos authentication. # #loginuseacl: no # If enabled, lmtpd attempts to only write one copy of a message per # partition and create hard links, resulting in a potentially large # disk savings. # #singleinstancestore: yes # If enabled, lmtpd will suppress delivery of a message to a mailbox # if a message with the same message-id (or resent-message-id) is # recorded as having already been delivered to the mailbox. Records # the mailbox and message-id/resent-message-id of all successful # deliveries. # #duplicatesuppression: yes # If enabled, lmtpd rejects messages with 8-bit characters in the # headers. Otherwise, 8-bit characters are changed to `X'. (A proper # soultion to non-ASCII characters in headers is offered by RFC 2047 # and its predecessors.) # #reject8bit: no # Maximum incoming LMTP message size. If set, lmtpd will reject # messages larger than maxmessagesize bytes. The default is to allow # messages of any size. # #maxmessagesize: # Userid used to deliver messages to shared folders. For example, if # set to "bb", email sent to "bb+shared.blah" would be delivered to # the "shared.blah" folder. By default, an email address of # "+shared.blah" would be used. #postuser: # If enabled at compile time, this specifies a URL to reply when # Netscape asks the server where the mail administration HTTP server # is. The default is a site at CMU with a hopefully informative # message; administrators should set this to a local resource with # some information of greater use. # #netscapeurl: http://andrew2.andrew.cmu.edu/cyrus/imapd/netscapeadmin.html # Notifyd(8) method to use for "MAIL" notifications. If not set, # "MAIL" notifications are disabled. # #mailnotifier: # Notifyd(8) method to use for "SIEVE" notifications. If not set, # "SIEVE" notifications are disabled. # # This method is only used when no method is specified in the script. # #sievenotifier: # If enabled, lmtpd will look for Sieve scripts in user's home # directories: ~user/.sieve. # sieveusehomedir: false # If sieveusehomedir is false, this directory is searched for Sieve scripts. # The active Sieve script is s called "default", placed in the users sieve # sieve directory (ie. /var/imap/sieve/u/user). # sievedir: /var/imap/sieve # The pathname of the sendmail executable. Sieve uses sendmail for # sending rejections, redirects and vaca- tion responses. # #sendmail: /usr/sbin/sendmail # Username that is used as the 'From' address in rejection MDNs # produced by sieve. # #postmaster: postmaster # If enabled, the partitions will also be hashed, in addition to the hashing # done on configuration directories. This is recommended if one partition has # a very bushy mailbox tree. # #hashimapspool: false # Maximum size (in kilobytes) any sieve script can be, enforced at # submission by timsieved(8). # #sieve_maxscriptsize: 32 # Maximum number of sieve scripts any user may have, enforced at # submission by timsieved(8). # #sieve_maxscripts: 5 # The cyrusdb backend to use for mailbox annotations. # Allowed values: berkeley, skiplist # #annotation_db: skiplist # The cyrusdb backend to use for the duplicate delivery suppression # and sieve. # Allowed values: berkeley, berkeley-nosync, skiplist # #duplicate_db: berkeley-nosync # The cyrusdb backend to use for the mailbox list. # Allowed values: flat, berkeley, skiplist # #mboxlist_db: skiplist # The cyrusdb backend to use for the pts cache. # Allowed values: berkeley, skiplist # #ptscache_db: berkeley # The cyrusdb backend to use for the seen state. # Allowed values: flat, berkeley, skiplist # #seenstate_db: skiplist # The cyrusdb backend to use for the subscriptions list. # Allowed values: flat, berkeley, skiplist # #subscription_db: flat # The cyrusdb backend to use for the TLS cache. # Allowed values: berkeley, berkeley-nosync, skiplist # #tlscache_db: berkeley-nosync # Maximum SSF (security strength factor) that the server will allow a # client to negotiate. # #sasl_maximum_layer: 256 # The minimum SSF that the server will allow a client to negotiate. A # value of 1 requires integrity protection; any higher value requires # some amount of encryption. # #sasl_minimum_layer: 0 # The mechanism used by the server to verify plaintext passwords. Possible # values include "auxprop" or "saslauthd" # sasl_pwcheck_method: auxprop # If enabled, the SASL library will automatically create authentication # secrets when given a plaintext password. See the SASL documentation. # #sasl_auto_transition: no # Whitespace separated list of mechanisms to allow (e.g. 'plain otp'). # Used to restrict the mechanisms to a subset of the installed # plugins. The default is all available. # #sasl_mech_list: cram-md5 digest-md5 # Location of the opiekeys file # #sasl_opiekeys: /etc/opiekeys # File containing the global certificate used for ALL services (imap, # pop3, lmtp). # #tls_cert_file: # File containing the private key belonging to the global server # certificate. # #tls_key_file: # File containing the certificate used for imap ONLY. If not # specified, the global certificate is used. A value of "disabled" # will disable SSL/TLS for imap. # #imap_tls_cert_file: # File containing the private key belonging to the imap-specific # server certificate. If not specified, the global private key is # used. A value of "disabled" will disable SSL/TLS for imap. # #imap_tls_key_file: # File containing the certificate used for pop3 ONLY. If not # specified, the global certificate is used. A value of "disabled" # will disable SSL/TLS for pop3. # #pop3_tls_cert_file: # File containing the private key belonging to the pop3-specific # server certificate. If not specified, the global private key is # used. A value of "disabled" will disable SSL/TLS for pop3. # #pop3_tls_key_file: # File containing the certificate used for lmtp ONLY. If not # specified, the global certificate is used. A value of "disabled" # will disable TLS for lmtp. # #lmtp_tls_cert_file: # File containing the private key belonging to the lmtp-specific # server certificate. If not specified, the global private key is # used. A value of "disabled" will disable TLS for lmtp. # #lmtp_tls_key_file: # File containing the certificate used for sieve ONLY. If not # specified, the global certificate is used. A value of "disabled" # will disable TLS for sieve. # #sieve_tls_cert_file: # File containing the private key belonging to the sieve-specific # server certificate. If not specified, the global private key is # used. A value of "disabled" will disable TLS for sieve. # #sieve_tls_key_file: # File containing one or more Certificate Authority (CA) certificates. # #tls_ca_file: # Path to directory with certificates of CAs. # #tls_ca_path: # The length of time (in minutes) that a TLS session will be cached # for later reuse. The maximum value is 1440 (24 hours), the default. # A value of 0 will disable session caching. # #tls_session_timeout: 1440 # The right that a user needs to delete a mailbox. # #deleteright: c # Unix domain socket that lmtpd listens on, used by deliver(8). # #lmtpsocket: /var/imap/socket/lmtp # Unix domain socket that idled listens on. # #idlesocket: /var/imap/socket/idle # Unix domain socket that the new mail notification daemon listens on. # #notifysocket: /var/imap/socket/notify # # EOF