--- dovecot-example.conf.orig 2008-08-28 06:53:28.000000000 -0400 +++ dovecot-example.conf 2008-08-28 06:53:28.000000000 -0400 @@ -20,7 +20,7 @@ # Protocols we want to be serving: imap imaps pop3 pop3s # If you only want to use dovecot-auth, you can set this to "none". -#protocols = imap imaps +protocols = %%PROTOCOLS%% # A space separated list of IP or host addresses where to listen in for # connections. "*" listens in all IPv4 interfaces. "[::]" listens in all IPv6 @@ -44,7 +44,7 @@ # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. -#disable_plaintext_auth = yes +disable_plaintext_auth = no # Should all IMAP and POP3 processes be killed when Dovecot master process # shuts down. Setting this to "no" means that Dovecot can be upgraded without @@ -211,7 +211,7 @@ # # # -#mail_location = +mail_location = mbox:~/mail/:INBOX=/var/mail/%u # If you need to set multiple mailbox locations or want to change default # namespace settings, you can do it by defining namespace sections. @@ -271,7 +271,7 @@ # Group to enable temporarily for privileged operations. Currently this is # used only with INBOX when either its initial creation or dotlocking fails. # Typically this is set to "mail" to give access to /var/mail. -#mail_privileged_group = +mail_privileged_group = mail # Grant access to these supplementary groups for mail processes. Typically # these are used to set up access to shared mailboxes. Note that it may be @@ -310,7 +310,7 @@ # Rely on O_EXCL to work when creating dotlock files. NFS supports O_EXCL # since version 3, so this should be safe to use nowadays by default. -#dotlock_use_excl = yes +dotlock_use_excl = yes # Don't use fsync() or fdatasync() calls. This makes the performance better # at the cost of potential data loss if the server (or the file server) @@ -338,20 +338,20 @@ # Show more verbose process titles (in ps). Currently shows user name and # IP address. Useful for seeing who are actually using the IMAP processes # (eg. shared mailboxes or if same uid is used for multiple accounts). -#verbose_proctitle = no +verbose_proctitle = yes # Valid UID range for users, defaults to 500 and above. This is mostly # to make sure that users can't log in as daemons or other system users. # Note that denying root logins is hardcoded to dovecot binary and can't # be done even if first_valid_uid is set to 0. -#first_valid_uid = 500 +first_valid_uid = 1000 #last_valid_uid = 0 # Valid GID range for users, defaults to non-root/wheel. Users having # non-valid GID as primary group ID aren't allowed to log in. If user # belongs to supplementary groups with non-valid GIDs, those groups are # not set. -#first_valid_gid = 1 +first_valid_gid = 1000 #last_valid_gid = 0 # Maximum number of running mail processes. When this limit is reached, @@ -418,7 +418,7 @@ # When copying a message, do it with hard links whenever possible. This makes # the performance much better, and it's unlikely to have any side effects. -#maildir_copy_with_hardlinks = yes +maildir_copy_with_hardlinks = yes # When copying a message, try to preserve the base filename. Only if the # destination mailbox already contains the same name (ie. the mail is being @@ -426,7 +426,7 @@ # done only by looking at dovecot-uidlist file, so if something outside # Dovecot does similar filename preserving copies, you may run into problems. # NOTE: This setting requires maildir_copy_with_hardlinks = yes to work. -#maildir_copy_preserve_filename = no +maildir_copy_preserve_filename = yes ## ## mbox-specific settings @@ -533,7 +533,7 @@ # Send IMAP capabilities in greeting message. This makes it unnecessary for # clients to request it with CAPABILITY command, so it saves one round-trip. # Many clients however don't understand it and ask the CAPABILITY anyway. - #login_greeting_capability = no + login_greeting_capability = yes # IMAP logout format string: # %i - total number of bytes read from client @@ -562,7 +562,7 @@ # but not both. Thunderbird separates these two by forcing server to # accept '/' suffix in mailbox names in subscriptions list. # The list is space-separated. - #imap_client_workarounds = + imap_client_workarounds = delay-newmail netscape-eoh tb-extra-mailbox-sep } ## @@ -585,7 +585,7 @@ # Support LAST command which exists in old POP3 specs, but has been removed # from new ones. Some clients still wish to use this though. Enabling this # makes RSET command clear all \Seen flags from messages. - #pop3_enable_last = no + pop3_enable_last = yes # If mail has X-UIDL header, use it as the mail's UIDL. #pop3_reuse_xuidl = no @@ -614,7 +614,7 @@ # Dovecot's default, so if you're building a new server it would be a good # idea to change this. %08Xu%08Xv should be pretty fail-safe. # - #pop3_uidl_format = %08Xu%08Xv + pop3_uidl_format = %08Xu%08Xv # POP3 logout format string: # %i - total number of bytes read from client @@ -645,7 +645,7 @@ # Outlook Express and Netscape Mail breaks if end of headers-line is # missing. This option simply sends it if it's missing. # The list is space-separated. - #pop3_client_workarounds = + pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } ## @@ -667,7 +667,7 @@ # If user is over quota, return with temporary failure instead of # bouncing the mail. - #quota_full_tempfail = no + quota_full_tempfail = yes # Format to use for logging mail deliveries. You can use variables: # %$ - Delivery status message (e.g. "saved to INBOX") @@ -736,7 +736,7 @@ # the standard variables here, eg. %Lu would lowercase the username, %n would # drop away the domain if it was given, or "%n-AT-%d" would change the '@' into # "-AT-". This translation is done after auth_username_translation changes. -#auth_username_format = +auth_username_format = %Ln # If you want to allow master users to log in by specifying the master # username within the normal username string (ie. not using SASL mechanism's @@ -792,7 +792,7 @@ # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey # gss-spnego # NOTE: See also disable_plaintext_auth setting. - mechanisms = plain + mechanisms = plain login # # Password database is used to verify user's password (and nothing more). @@ -854,6 +854,7 @@ # args = session=yes %Ls # args = cache_key=%u dovecot #args = dovecot + args = session=yes dovecot } # System users (NSS, /etc/passwd, or similiar) @@ -897,14 +898,16 @@ # SQL database #passdb sql { - # Path for SQL configuration file, see doc/dovecot-sql-example.conf - #args = + # Path for SQL configuration file. + # See doc/dovecot-sql-example.conf + #args = /etc/dovecot-sql.conf #} # LDAP database #passdb ldap { - # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf - #args = + # Path for LDAP configuration file. + # See doc/dovecot-ldap-example.conf + #args = /etc/dovecot-ldap.conf #} # vpopmail authentication @@ -931,7 +934,7 @@ # proceses. Useful with remote NSS lookups that may block. # NOTE: Be sure to use this setting with nss_ldap or users might get # logged in as each others! - #args = + args = blocking=yes } # passwd-like file with specified location @@ -960,14 +963,16 @@ # SQL database #userdb sql { - # Path for SQL configuration file, see doc/dovecot-sql-example.conf - #args = + # Path for SQL configuration file. + # See doc/dovecot-sql-example.conf + #args = /etc/dovecot-sql.conf #} # LDAP database #userdb ldap { - # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf - #args = + # Path for LDAP configuration file. + # See doc/dovecot-ldap-example.conf + #args = /etc/dovecot-ldap.conf #} # vpopmail @@ -1007,25 +1012,25 @@ #ssl_username_from_cert = no # It's possible to export the authentication interface to other programs: - #socket listen { - #master { + socket listen { + master { # Master socket provides access to userdb information. It's typically # used to give Dovecot's local delivery agent access to userdb so it # can find mailbox locations. - #path = /var/run/dovecot/auth-master - #mode = 0600 + path = /var/run/dovecot/auth-master + mode = 0600 # Default user/group is the one who started dovecot-auth (root) #user = #group = - #} - #client { + } + client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. - #path = /var/run/dovecot/auth-client - #mode = 0660 - #} - #} + path = /var/run/dovecot/auth-client + mode = 0660 + } + } } # If you wish to use another authentication server than dovecot-auth, you can @@ -1055,8 +1060,9 @@ #quota = mysql:/etc/dovecot-dict-quota.conf } -# Path to Berkeley DB's configuration file. See doc/dovecot-db-example.conf -#dict_db_config = +# Path to Berkeley DB's configuration file. +# See doc/dovecot-db-example.conf +#dict_db_config = /etc/dovecot-db.conf ## ## Plugin settings @@ -1093,8 +1099,8 @@ # Each quota root has separate limits. Only the command for the first # exceeded limit is excecuted, so put the highest limit first. # Note that % needs to be escaped as %%, otherwise "% " expands to empty. - # quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 - # quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 + # quota_warning = storage=95%% /usr/bin/quota-warning.sh 95 + # quota_warning2 = storage=80%% /usr/bin/quota-warning.sh 80 #quota = maildir # ACL plugin. vfile backend reads ACLs from "dovecot-acl" file from maildir @@ -1131,7 +1137,7 @@ # you must set up: # dovecot --exec-mail ext /usr/libexec/dovecot/expire-tool #expire = Trash 7 Spam 30 - #expire_dict = db:/var/lib/dovecot/expire.db + #expire_dict = db:/var/db/dovecot/expire.db # Lazy expunge plugin. Currently works only with maildirs. When a user # expunges mails, the mails are moved to a mailbox in another namespace