dovecot.conf.j2 2.51 KB
Newer Older
Florian Pritz's avatar
Florian Pritz committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
auth_mechanisms = plain login
disable_plaintext_auth = yes
mail_location = mdbox:~/.mdbox
mail_plugins = $mail_plugins zlib notify mail_log

# enable imap notify
mailbox_list_index=yes

# remove domain part from username and lowercase it
auth_username_format = %Ln

namespace inbox {
	hidden = no
	inbox = yes
	list = yes
	location = 
	prefix = 
	separator = .
	type = private

	mailbox Trash {
		auto = subscribe
		special_use = \Trash
	}
	mailbox Drafts {
		auto = subscribe
		special_use = \Drafts
	}
	mailbox Sent {
		auto = subscribe # autocreate, autosubscribe
		special_use = \Sent
	}
	mailbox Junk {
		auto = subscribe
		special_use = \Junk
	}
}

passdb {
	driver = pam
}
plugin {
	sieve = ~/.dovecot.sieve
	sieve_dir = ~/.sieve
	sieve_global_dir = /etc/dovecot/sieve/global/
	sieve_global_path = /etc/dovecot/sieve/default.sieve

	mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
	mail_log_fields = uid box msgid size
}
protocols = imap pop3 sieve lmtp
service auth {
	unix_listener auth-client {
		group = postfix
		user = postfix
		mode = 0660
	}
	user = root
}
service imap-login {
	process_limit = 400
	process_min_avail = 5
}

service managesieve-login {
	inet_listener sieve {
		# use default port
		#port = 4190
	}
	inet_listener sieve-obsolete {
		port = 2000
	}
}
service managesieve {
}
service lmtp {
	unix_listener /var/spool/postfix/private/dovecot-lmtp {
		group = postfix
		user = postfix
		mode = 0660
	}
}

login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"

86
87
ssl_cert = </etc/letsencrypt/live/{{mail_domain}}/fullchain.pem
ssl_key = </etc/letsencrypt/live/{{mail_domain}}/privkey.pem
Florian Pritz's avatar
Florian Pritz committed
88
ssl_prefer_server_ciphers = yes
Florian Pritz's avatar
Florian Pritz committed
89
ssl_protocols = !SSLv3
Florian Pritz's avatar
Florian Pritz committed
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
ssl_options = no_compression

ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA

userdb {
	driver = passwd
}
protocol imap {
	imap_client_workarounds = tb-extra-mailbox-sep
	mail_max_userip_connections = 30
	mail_plugins = $mail_plugins
}
protocol lda {
	mail_plugins = $mail_plugins sieve
	postmaster_address = postmaster@archlinux.org
}
protocol lmtp {
	postmaster_address = postmaster@archlinux.org
	mail_plugins = $mail_plugins sieve
}
protocol sieve {
	managesieve_logout_format = bytes ( in=%i : out=%o )
}
plugin {
	sieve = ~/.dovecot.sieve
	sieve_dir = ~/.sieve
	zlib_save_level = 6
	zlib_save = gz
}
119
auth_failure_delay = 2s