#default_process_limit = 100#default_client_limit = 1000# Default VSZ (vir

1. #default_process_limit = 100
2. #default_client_limit = 1000
3.  
4. # Default VSZ (virtual memory size) limit for service processes. This is mainly
5. # intended to catch and kill processes that leak memory before they eat up
6. # everything.
7. #default_vsz_limit = 256M
8.  
9. # Login user is internally used by login processes. This is the most untrusted
10. # user in Dovecot system. It shouldn't have access to anything at all.
11. #default_login_user = dovenull
12.  
13. # Internal user is used by unprivileged processes. It should be separate from
14. # login user, so that login processes can't disturb other processes.
15. #default_internal_user = dovecot
16.  
17. service imap-login {
18. inet_listener imap {
19. port = 993
20. ssl = yes
21. }
22. inet_listener imaps {
23. port = 993
24. ssl = yes
25. }
26.  
27. # Number of connections to handle before starting a new process. Typically
28. # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
29. # is faster. <doc/wiki/LoginProcess.txt>
30. #service_count = 1
31.  
32. # Number of processes to always keep waiting for more connections.
33. #process_min_avail = 0
34.  
35. # If you set service_count=0, you probably need to grow this.
36. #vsz_limit = $default_vsz_limit
37. }
38.  
39. service pop3-login {
40. inet_listener pop3 {
41. #port = 110
42. }
43. inet_listener pop3s {
44. #port = 995
45. #ssl = yes
46. }
47. }
48.  
49. service lmtp {
50. unix_listener /var/spool/postfix/private/dovecot-lmtp {
51. #mode = 0666
52. mode = 0600
53. user = postfix
54. group = postfix
55. }
56.  
57. # Create inet listener only if you can't use the above UNIX socket
58. #inet_listener lmtp {
59. # Avoid making LMTP visible for the entire internet
60. #address =
61. #port =
62. #}
63. }
64.  
65. service imap {
66. # Most of the memory goes to mmap()ing files. You may need to increase this
67. # limit if you have huge mailboxes.
68. #vsz_limit = $default_vsz_limit
69.  
70. # Max. number of IMAP processes (connections)
71. #process_limit = 1024
72. }
73.  
74. service pop3 {
75. # Max. number of POP3 processes (connections)
76. #process_limit = 1024
77. }
78.  
79. service auth {
80. # auth_socket_path points to this userdb socket by default. It's typically
81. # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
82. # full permissions to this socket are able to get a list of all usernames and
83. # get the results of everyone's userdb lookups.
84. #
85. # The default 0666 mode allows anyone to connect to the socket, but the
86. # userdb lookups will succeed only if the userdb returns an "uid" field that
87. # matches the caller process's UID. Also if caller's uid or gid matches the
88. # socket's uid or gid the lookup succeeds. Anything else causes a failure.
89. #
90. # To give the caller full permissions to lookup all users, set the mode to
91. # something else than 0666 and Dovecot lets the kernel enforce the
92. # permissions (e.g. 0777 allows everyone full permissions).
93. unix_listener /var/spool/postfix/private/auth {
94. mode = 0660
95. user = postfix
96. group = postfix
97. }
98.  
99. unix_listener auth-userdb {
100. mode = 0600
101. user = vmail
102. }
103. user = dovecot
104.  
105. # Postfix smtp-auth
106. #unix_listener /var/spool/postfix/private/auth {
107. # mode = 0666
108. #}
109.  
110. # Auth process is run as this user.
111. #user = $default_internal_user
112. }
113.  
114. service auth-worker {
115. # Auth worker process is run as root by default, so that it can access
116. # /etc/shadow. If this isn't necessary, the user should be changed to
117. # $default_internal_user.
118. #user = root
119. user = vmail
120. }
121.  
122. service dict {
123. # If dict proxy is used, mail processes should have access to its socket.
124. # For example: mode=0660, group=vmail and global mail_access_groups=vmail
125. unix_listener dict {
126. #mode = 0600
127. #user =
128. #group =
129. }
130. }