No description
5267a3d716
In our setup users require a specific LDAP group to login. We enforce this with an LDAP filter (user_filter). With DN template, authentication always succeeds for these users, as Dovecot only performs an LDAP BIND request. Successful auth followed by failed userdb lookup seems to trigger a bug in Dovecot that causes the handler processes to stay around indefinitely and fill up the process_limit. Using DN lookup with the LDAP filter set for both user_filter and pass_filter should cause the authentication to fail for these users and work around the bug. |
||
|---|---|---|
| defaults | ||
| files | ||
| handlers | ||
| tasks | ||
| templates | ||
| README.md | ||
dovecot
Parameters and defaults
All configuration is to be placed inside the dovecot dict.
# Array of protocols to enable, by default 'imaps' and 'sieve' are enabled.
# Can be 'imap', 'pop3', 'pop3s', 'sieve'. Note that 'imap' only allows IMAP over TLS on port 993.
protocols: ['imap', 'sieve' ]
# Array of IPs to bind on. By default we bind wildcard IPv4 and IPv6
listen: ["*", "::"]
# Authentication mechanisms to support, for options see https://doc.dovecot.org/configuration_manual/authentication/authentication_mechanisms/
auth_mechanisms: ["plain", "login"]
# Array of users if dovecot should handle users in a db. Not usable if you enable ldap.
# Each user is a dict, for options see *userdict* below
user: []
# The maximum amount of storage a mailbox can use in kilobytes. Supports b/k/M/G/T/% suffixes
quota: ""
# The amount a mailbox can go over quota. Works only for accepting messages. Value in %, defaults to 10
quota_grace: "10"
userdict
# username
name: "name"
# clear text password
password: "pw"