1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Mailu/dovecot/conf/dovecot.conf

199 lines
4.1 KiB
Plaintext
Raw Normal View History

2016-02-17 23:56:40 +02:00
###############
# General
###############
log_path = /dev/stderr
protocols = imap pop3 lmtp sieve
postmaster_address = {{ POSTMASTER }}@{{ DOMAIN }}
hostname = {{ HOSTNAME }}
2016-02-21 16:39:01 +02:00
mail_plugins = $mail_plugins quota
2016-04-20 21:17:43 +02:00
submission_host = smtp
2016-02-17 23:56:40 +02:00
service dict {
unix_listener dict {
group = mail
mode = 0660
}
}
2016-04-20 21:20:02 +02:00
dict {
sieve = sqlite:/etc/dovecot/pigeonhole-sieve.dict
}
2016-02-17 23:56:40 +02:00
###############
# Mailboxes
###############
first_valid_gid = 8
first_valid_uid = 8
mail_location = maildir:/mail/%u
mail_home = /mail/%u
2016-02-17 23:56:40 +02:00
mail_uid = mail
mail_gid = mail
mail_privileged_group = mail
mail_access_groups = mail
maildir_stat_dirs = yes
2016-02-17 23:56:40 +02:00
2016-02-21 16:07:12 +02:00
namespace inbox {
inbox = yes
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
}
2016-02-17 23:56:40 +02:00
###############
# TLS
###############
ssl = yes
ssl_cert = </certs/cert.pem
ssl_key = </certs/key.pem
ssl_dh = </certs/dhparam.pem
# TLS hardening is based on the following documentation:
# https://bettercrypto.org/static/applied-crypto-hardening.pdf
ssl_protocols=!SSLv3 !SSLv2
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
ssl_prefer_server_ciphers = yes
ssl_options = no_compression
2016-02-17 23:56:40 +02:00
###############
# Authentication
###############
auth_mechanisms = plain login
2016-02-17 23:56:40 +02:00
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
service auth {
user = dovecot
unix_listener auth-userdb {
}
inet_listener {
port = 2102
2016-02-17 23:56:40 +02:00
}
}
service auth-worker {
unix_listener auth-worker {
user = dovecot
group = mail
2016-02-17 23:56:40 +02:00
mode = 0660
}
user = mail
}
###############
# IMAP & POP
2016-02-17 23:56:40 +02:00
###############
protocol imap {
mail_plugins = $mail_plugins imap_quota imap_sieve
2016-02-17 23:56:40 +02:00
}
protocol pop3 {
}
2016-02-17 23:56:40 +02:00
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
}
}
###############
# Delivery
###############
protocol lmtp {
2016-02-21 16:07:12 +02:00
mail_plugins = $mail_plugins sieve
recipient_delimiter = {{ RECIPIENT_DELIMITER }}
2016-02-17 23:56:40 +02:00
}
service lmtp {
inet_listener lmtp {
port = 2525
2016-02-17 23:56:40 +02:00
}
}
2016-02-21 16:39:01 +02:00
plugin {
quota = maildir:User quota
}
2016-02-17 23:56:40 +02:00
###############
# Filtering
###############
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service managesieve {
}
2016-02-17 23:56:40 +02:00
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_plugins = sieve_extdata sieve_imapsieve sieve_extprograms
sieve_global_extensions = +vnd.dovecot.extdata +spamtest +spamtestplus +vnd.dovecot.execute
sieve_before = /var/lib/dovecot/before.sieve
sieve_default = /var/lib/dovecot/default.sieve
sieve_after = /var/lib/dovecot/after.sieve
2016-04-20 21:20:02 +02:00
sieve_extdata_dict_uri = proxy::sieve
# Sieve execute
sieve_execute_bin_dir = /var/lib/dovecot/bin
# Send vacation replies even for aliases
# See the Pigeonhole documentation about warnings: http://wiki2.dovecot.org/Pigeonhole/Sieve/Extensions/Vacation
# It appears that our implemntation of mail delivery meets criteria of section 4.5
# from RFC 5230 and that disabling the recipient checks is not an issue here.
sieve_vacation_dont_check_recipient = yes
# Include the recipient in vacation replies so that DKIM applies
sieve_vacation_send_from_recipient = yes
# extract spam score from
# X-Spam-Result: .... [<value> / <max_value] ...
sieve_spamtest_status_type = score
sieve_spamtest_status_header = X-Spamd-Result: .*\[(-?[[:digit:]]+\.[[:digit:]]+) .*\]
sieve_spamtest_max_header = X-Spamd-Result: .*\[.* ([[:digit:]]+\.[[:digit:]]+)\]
# Learn from spam
imapsieve_mailbox1_name = Junk
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_before = file:/var/lib/dovecot/report-spam.sieve
imapsieve_mailbox2_name = *
imapsieve_mailbox2_from = Junk
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_before = file:/var/lib/dovecot/report-ham.sieve
}
###############
# Extensions
###############
!include_try /overrides/dovecot.conf