dovecot.conf.j2 2.76 KB
Newer Older
Florian Pritz's avatar
Florian Pritz committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
auth_mechanisms = plain login
disable_plaintext_auth = yes
mail_location = mdbox:~/.mdbox
mail_plugins = $mail_plugins zlib notify mail_log

# enable imap notify
mailbox_list_index=yes

# remove domain part from username and lowercase it
auth_username_format = %Ln

namespace inbox {
	hidden = no
	inbox = yes
	list = yes
	location = 
	prefix = 
	separator = .
	type = private

	mailbox Trash {
		auto = subscribe
		special_use = \Trash
	}
	mailbox Drafts {
		auto = subscribe
		special_use = \Drafts
	}
	mailbox Sent {
		auto = subscribe # autocreate, autosubscribe
		special_use = \Sent
	}
	mailbox Junk {
		auto = subscribe
		special_use = \Junk
	}
}

passdb {
	driver = pam
}
plugin {
	sieve = ~/.dovecot.sieve
	sieve_dir = ~/.sieve
	sieve_global_dir = /etc/dovecot/sieve/global/
	sieve_global_path = /etc/dovecot/sieve/default.sieve
47
	sieve_before = /etc/dovecot/sieve/spam-to-folder.sieve
Florian Pritz's avatar
Florian Pritz committed
48
49
50
51
52
53
54
55
56
57
58
59
60
61

	mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
	mail_log_fields = uid box msgid size
}
protocols = imap pop3 sieve lmtp
service auth {
	unix_listener auth-client {
		group = postfix
		user = postfix
		mode = 0660
	}
	user = root
}
service imap-login {
62
63
64
65
  # don't listen for plain imap
  inet_listener imap {
    port = 0
  }
Florian Pritz's avatar
Florian Pritz committed
66
67
68
69
	process_limit = 400
	process_min_avail = 5
}

70
71
72
73
74
75
76
service pop3-login {
  # don't listen for plain pop3
  inet_listener pop3 {
    port = 0
  }
}

Florian Pritz's avatar
Florian Pritz committed
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
service managesieve-login {
	inet_listener sieve {
		# use default port
		#port = 4190
	}
	inet_listener sieve-obsolete {
		port = 2000
	}
}
service managesieve {
}
service lmtp {
	unix_listener /var/spool/postfix/private/dovecot-lmtp {
		group = postfix
		user = postfix
		mode = 0660
	}
}

login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"

98
99
ssl_cert = </etc/letsencrypt/live/{{mail_domain}}/fullchain.pem
ssl_key = </etc/letsencrypt/live/{{mail_domain}}/privkey.pem
Florian Pritz's avatar
Florian Pritz committed
100
ssl_prefer_server_ciphers = yes
101
ssl_min_protocol = TLSv1
Florian Pritz's avatar
Florian Pritz committed
102
ssl_dh=</etc/dovecot/dh.pem
Florian Pritz's avatar
Florian Pritz committed
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
ssl_options = no_compression

ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA

userdb {
	driver = passwd
}
protocol imap {
	imap_client_workarounds = tb-extra-mailbox-sep
	mail_max_userip_connections = 30
	mail_plugins = $mail_plugins
}
protocol lda {
	mail_plugins = $mail_plugins sieve
	postmaster_address = postmaster@archlinux.org
}
protocol lmtp {
	postmaster_address = postmaster@archlinux.org
	mail_plugins = $mail_plugins sieve
}
protocol sieve {
	managesieve_logout_format = bytes ( in=%i : out=%o )
}
plugin {
	sieve = ~/.dovecot.sieve
	sieve_dir = ~/.sieve
	zlib_save_level = 6
	zlib_save = gz
}
132
auth_failure_delay = 2s