191 lines
4.3 KiB
Django/Jinja
191 lines
4.3 KiB
Django/Jinja
listen = *, ::
|
|
protocols = imap sieve
|
|
mail_plugins = $mail_plugins quota
|
|
|
|
ssl = required
|
|
ssl_cert = <{{ mailserver.imap_tls_cert }}
|
|
ssl_key = <{{ mailserver.imap_tls_key }}
|
|
ssl_dh = </etc/ssl/dh-4096.pem
|
|
ssl_min_protocol = TLSv1.2
|
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
|
ssl_prefer_server_ciphers = yes
|
|
|
|
# Auth
|
|
auth_mechanisms = plain login
|
|
|
|
userdb {
|
|
driver = sql
|
|
args = /etc/dovecot/dovecot-sql.conf
|
|
# Returns: home=/var/mail/vmail/<maildir-from-postfixadmin>, quota_rule=*:bytes=<quota-from-postfixadmin>
|
|
|
|
}
|
|
passdb {
|
|
driver = sql
|
|
args = /etc/dovecot/dovecot-sql.conf
|
|
# Returns: user=<username>, password=<password-hash-for-user>
|
|
}
|
|
|
|
# Mailboxes
|
|
mail_location = maildir:~/Maildir # Expanded to maildir:/var/mail/vmail/<maildir-from-postfixadmin>/Maildir
|
|
mail_uid = vmail
|
|
mail_gid = vmail
|
|
first_valid_uid = 10
|
|
last_valid_uid = 999999
|
|
first_valid_gid = 10
|
|
last_valid_gid = 999999
|
|
mailbox_list_index = yes
|
|
|
|
namespace inbox {
|
|
separator = '/'
|
|
inbox = yes
|
|
mailbox Drafts {
|
|
special_use = \Drafts
|
|
auto = subscribe
|
|
}
|
|
mailbox Junk {
|
|
special_use = \Junk
|
|
auto = subscribe
|
|
}
|
|
mailbox Trash {
|
|
special_use = \Trash
|
|
auto = subscribe
|
|
}
|
|
mailbox Sent {
|
|
special_use = \Sent
|
|
auto = subscribe
|
|
}
|
|
}
|
|
|
|
# IMAP
|
|
protocol imap {
|
|
mail_plugins = $mail_plugins imap_sieve
|
|
}
|
|
|
|
service imap-login {
|
|
inet_listener imap {
|
|
port = 0
|
|
}
|
|
inet_listener imaps {
|
|
port = 993
|
|
ssl = yes
|
|
}
|
|
}
|
|
|
|
# Sieve
|
|
plugin {
|
|
sieve = file:~/sieve;active=~/.dovecot.sieve
|
|
sieve_plugins = sieve_imapsieve sieve_extprograms
|
|
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
|
|
sieve_pipe_bin_dir = /etc/dovecot/sieve-extprograms
|
|
|
|
{% for name, handler in mailserver.dovecot.sieve_mailbox_handlers.items() %}
|
|
# {{ name }}
|
|
imapsieve_mailbox{{ loop.index }}_name = {{ handler.name }}
|
|
imapsieve_mailbox{{ loop.index }}_causes = {{ handler.causes }}
|
|
{% if handler.from|d(False) %}
|
|
imapsieve_mailbox{{ loop.index }}_from = {{ handler.from }}
|
|
{% endif %}
|
|
{% if handler.before|d(False) %}
|
|
imapsieve_mailbox{{ loop.index }}_before = /etc/dovecot/sieve-scripts/mailbox_{{ name }}_before.sieve
|
|
{% endif %}
|
|
{% if handler.after|d(False) %}
|
|
imapsieve_mailbox{{ loop.index }}_after = /etc/dovecot/sieve-scripts/mailbox_{{ name }}_after.sieve
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
service managesieve-login {
|
|
inet_listener sieve {
|
|
port = 4190
|
|
}
|
|
}
|
|
|
|
# Misc
|
|
service auth {
|
|
unix_listener auth-userdb {
|
|
mode = 0777
|
|
}
|
|
|
|
# Postfix uses this socket for submission auth
|
|
unix_listener /var/spool/postfix/private/auth {
|
|
mode = 0666
|
|
user = postfix
|
|
group = postfix
|
|
}
|
|
}
|
|
|
|
service quota-status {
|
|
executable = quota-status -p postfix
|
|
# Postfix uses this socket to check quotas on delivery (as check_policy_service)
|
|
unix_listener /var/spool/postfix/private/policy-quota {
|
|
mode = 0666
|
|
user = postfix
|
|
group = postfix
|
|
}
|
|
client_limit = 1
|
|
}
|
|
|
|
service stats {
|
|
unix_listener stats-reader {
|
|
user = vmail
|
|
group = vmail
|
|
mode = 0660
|
|
}
|
|
|
|
unix_listener stats-writer {
|
|
user = vmail
|
|
group = vmail
|
|
# 0666 instead of 0660, so postfixadmin can call doveadm pw without errors
|
|
mode = 0666
|
|
}
|
|
}
|
|
|
|
# Postfix delivers incoming mails via lda (transport "dovecot")
|
|
lda_mailbox_autocreate = yes
|
|
protocol lda {
|
|
mail_plugins = $mail_plugins sieve
|
|
}
|
|
|
|
# Quota
|
|
plugin {
|
|
# Use postfixadmins quota2 table, so used_quota works
|
|
quota = dict:User quota::proxy::pgsql
|
|
# Default quota rule, overwritten by userdb
|
|
quota_rule = *:storage=0 # 0=unlimited
|
|
quota_grace = 10%%
|
|
quota_status_success = DUNNO
|
|
quota_status_nouser = DUNNO
|
|
quota_status_overquota = "552 5.2.2 Mailbox is full"
|
|
}
|
|
|
|
service dict {
|
|
unix_listener dict {
|
|
mode = 0600
|
|
user = vmail
|
|
}
|
|
}
|
|
dict {
|
|
# proxy::pgsql
|
|
pgsql = pgsql:/etc/dovecot/dovecot-dict-sql.conf
|
|
}
|
|
|
|
{% if mailserver.dovecot.debug %}
|
|
# Debugging
|
|
auth_verbose = yes
|
|
auth_debug = yes
|
|
mail_debug = yes
|
|
{% endif %}
|
|
|
|
{% macro config_items(obj) %}
|
|
{% for key, value in obj.items() %}
|
|
{% if value is mapping %}
|
|
{{ key }} {
|
|
{{ config_items(value)|indent(first=true) }}
|
|
}
|
|
{% else %}
|
|
{{ key }} = {{ value }}
|
|
{% endif %}
|
|
{% endfor %}
|
|
{% endmacro %}
|
|
{{ config_items(mailserver.dovecot.config) }}
|