159 lines
3.2 KiB
Django/Jinja
159 lines
3.2 KiB
Django/Jinja
listen = *, ::
|
|
protocols = imap sieve
|
|
mail_plugins = $mail_plugins quota
|
|
|
|
ssl = required
|
|
ssl_cert = <{{ mailserver.tls_cert }}
|
|
ssl_key = <{{ mailserver.tls_key }}
|
|
ssl_dh = </etc/ssl/dh-4096.pem
|
|
ssl_min_protocol = TLSv1.2
|
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
|
ssl_prefer_server_ciphers = yes
|
|
|
|
# Auth
|
|
auth_mechanisms = plain login
|
|
|
|
userdb {
|
|
driver = sql
|
|
args = /etc/dovecot/dovecot-sql.conf
|
|
# Returns: home=/var/mail/vmail/<maildir-from-postfixadmin>, quota_rule=*:bytes=<quota-from-postfixadmin>
|
|
|
|
}
|
|
passdb {
|
|
driver = sql
|
|
args = /etc/dovecot/dovecot-sql.conf
|
|
# Returns: user=<username>, password=<password-hash-for-user>
|
|
}
|
|
|
|
# Mailboxes
|
|
mail_location = maildir:~/Maildir # Expanded to maildir:/var/mail/vmail/<maildir-from-postfixadmin>/Maildir
|
|
mail_uid = 1000
|
|
mail_gid = 1000
|
|
first_valid_uid = 1000
|
|
last_valid_uid = 1000
|
|
first_valid_gid = 1000
|
|
last_valid_gid = 1000
|
|
mailbox_list_index = yes
|
|
|
|
namespace inbox {
|
|
separator = '/'
|
|
inbox = yes
|
|
mailbox Drafts {
|
|
special_use = \Drafts
|
|
auto = subscribe
|
|
}
|
|
mailbox Junk {
|
|
special_use = \Junk
|
|
auto = subscribe
|
|
}
|
|
mailbox Trash {
|
|
special_use = \Trash
|
|
auto = subscribe
|
|
}
|
|
mailbox Sent {
|
|
special_use = \Sent
|
|
auto = subscribe
|
|
}
|
|
}
|
|
|
|
# IMAP
|
|
protocol imap {
|
|
# TODO: imap_quota?
|
|
mail_plugins = $mail_plugins
|
|
}
|
|
|
|
service imap-login {
|
|
inet_listener imap {
|
|
port = 0
|
|
}
|
|
inet_listener imaps {
|
|
port = 993
|
|
ssl = yes
|
|
}
|
|
}
|
|
|
|
# Sieve
|
|
plugin {
|
|
sieve = file:~/sieve;active=~/.dovecot.sieve
|
|
}
|
|
|
|
service managesieve-login {
|
|
inet_listener sieve {
|
|
port = 4190
|
|
}
|
|
}
|
|
|
|
# Misc
|
|
service auth {
|
|
unix_listener auth-userdb {
|
|
mode = 0777
|
|
}
|
|
|
|
# Postfix uses this socket for submission auth
|
|
unix_listener /var/spool/postfix/private/auth {
|
|
mode = 0666
|
|
user = postfix
|
|
group = postfix
|
|
}
|
|
}
|
|
|
|
service quota-status {
|
|
executable = quota-status -p postfix
|
|
# Postfix uses this socket to check quotas on delivery (as check_policy_service)
|
|
unix_listener /var/spool/postfix/private/policy-quota {
|
|
mode = 0666
|
|
user = postfix
|
|
group = postfix
|
|
}
|
|
client_limit = 1
|
|
}
|
|
|
|
service stats {
|
|
unix_listener stats-reader {
|
|
user = vmail
|
|
group = vmail
|
|
mode = 0660
|
|
}
|
|
|
|
unix_listener stats-writer {
|
|
user = vmail
|
|
group = vmail
|
|
# 0666 instead of 0660, so postfixadmin can call doveadm pw without errors
|
|
mode = 0666
|
|
}
|
|
}
|
|
|
|
# Postfix delivers incoming mails via lda (transport "dovecot")
|
|
quota_full_tempfail = yes
|
|
lda_mailbox_autocreate = yes
|
|
protocol lda {
|
|
mail_plugins = $mail_plugins sieve
|
|
}
|
|
|
|
# Debugging
|
|
auth_verbose = yes
|
|
auth_debug = yes
|
|
mail_debug = yes
|
|
|
|
# Quota
|
|
plugin {
|
|
# Use postfixadmins quota2 table, so used_quota works
|
|
quota = dict:User quota::proxy::pgsql
|
|
# Default quota rule, overwritten by userdb
|
|
quota_rule = *:storage=0 # 0=unlimited
|
|
quota_grace = 10%%
|
|
quota_status_success = DUNNO
|
|
quota_status_nouser = DUNNO
|
|
quota_status_overquota = "552 5.2.2 Mailbox is full"
|
|
}
|
|
|
|
service dict {
|
|
unix_listener dict {
|
|
mode = 0600
|
|
user = vmail
|
|
}
|
|
}
|
|
dict {
|
|
# proxy::pgsql
|
|
pgsql = pgsql:/etc/dovecot/dovecot-dict-sql.conf
|
|
}
|