API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 25th, 2022
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.20 KB | None | 0 0
raw download clone embed print report
  1. # NOTE: Send doveconf -n output instead when asking for help.
  2. auth_anonymous_username = anonymous
  3. auth_cache_negative_ttl = 1 hours
  4. auth_cache_size = 0
  5. auth_cache_ttl = 1 hours
  6. auth_cache_verify_password_with_worker = no
  7. auth_debug = no
  8. auth_debug_passwords = no
  9. auth_default_realm =
  10. auth_failure_delay = 2 secs
  11. auth_gssapi_hostname =
  12. auth_krb5_keytab =
  13. auth_master_user_separator =
  14. auth_mechanisms = plain login
  15. auth_policy_check_after_auth = yes
  16. auth_policy_check_before_auth = yes
  17. auth_policy_hash_mech = sha256
  18. auth_policy_hash_nonce =
  19. auth_policy_hash_truncate = 12
  20. auth_policy_reject_on_fail = no
  21. auth_policy_report_after_auth = yes
  22. auth_policy_request_attributes = login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s
  23. auth_policy_server_api_header =
  24. auth_policy_server_timeout_msecs = 2000
  25. auth_policy_server_url =
  26. auth_proxy_self =
  27. auth_realms =
  28. auth_socket_path = auth-userdb
  29. auth_ssl_require_client_cert = no
  30. auth_ssl_username_from_cert = no
  31. auth_stats = no
  32. auth_use_winbind = no
  33. auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
  34. auth_username_format = %u
  35. auth_username_translation =
  36. auth_verbose = no
  37. auth_verbose_passwords = no
  38. auth_winbind_helper_path = /usr/bin/ntlm_auth
  39. auth_worker_max_count = 30
  40. base_dir = /var/run/dovecot
  41. config_cache_size = 1 M
  42. debug_log_path =
  43. default_client_limit = 1000
  44. default_idle_kill = 1 mins
  45. default_internal_group = dovecot
  46. default_internal_user = dovecot
  47. default_login_user = dovenull
  48. default_process_limit = 100
  49. default_vsz_limit = 256 M
  50. deliver_log_format = msgid=%m: %$
  51. dict_db_config =
  52. director_flush_socket =
  53. director_mail_servers =
  54. director_max_parallel_kicks = 100
  55. director_max_parallel_moves = 100
  56. director_output_buffer_size = 10 M
  57. director_ping_idle_timeout = 30 secs
  58. director_ping_max_timeout = 1 mins
  59. director_servers =
  60. director_user_expire = 15 mins
  61. director_user_kick_delay = 2 secs
  62. director_username_hash = %u
  63. disable_plaintext_auth = yes
  64. dotlock_use_excl = yes
  65. doveadm_allowed_commands =
  66. doveadm_api_key =
  67. doveadm_http_rawlog_dir =
  68. doveadm_password =
  69. doveadm_port = 0
  70. doveadm_socket_path = doveadm-server
  71. doveadm_username = doveadm
  72. doveadm_worker_count = 0
  73. dsync_alt_char = _
  74. dsync_commit_msgs_interval = 100
  75. dsync_features =
  76. dsync_hashed_headers = Date Message-ID
  77. dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u -U
  78. first_valid_gid = 1
  79. first_valid_uid = 500
  80. haproxy_timeout = 3 secs
  81. haproxy_trusted_networks =
  82. hostname =
  83. imap_capability =
  84. imap_client_workarounds =
  85. imap_fetch_failure = disconnect-immediately
  86. imap_hibernate_timeout = 0
  87. imap_id_log =
  88. imap_id_retain = no
  89. imap_id_send = name *
  90. imap_idle_notify_interval = 2 mins
  91. imap_literal_minus = no
  92. imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}
  93. imap_max_line_length = 64 k
  94. imap_metadata = no
  95. imap_urlauth_host =
  96. imap_urlauth_logout_format = in=%i out=%o
  97. imap_urlauth_port = 143
  98. imapc_cmd_timeout = 5 mins
  99. imapc_connection_retry_count = 1
  100. imapc_connection_retry_interval = 1 secs
  101. imapc_features =
  102. imapc_host =
  103. imapc_list_prefix =
  104. imapc_master_user =
  105. imapc_max_idle_time = 29 mins
  106. imapc_max_line_length = 0
  107. imapc_password =
  108. imapc_port = 143
  109. imapc_rawlog_dir =
  110. imapc_sasl_mechanisms =
  111. imapc_ssl = no
  112. imapc_ssl_verify = yes
  113. imapc_user =
  114. import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS
  115. info_log_path =
  116. instance_name = dovecot
  117. last_valid_gid = 0
  118. last_valid_uid = 0
  119. lda_mailbox_autocreate = no
  120. lda_mailbox_autosubscribe = no
  121. lda_original_recipient_header =
  122. libexec_dir = /usr/lib/dovecot
  123. listen = *, ::
  124. lmtp_hdr_delivery_address = final
  125. lmtp_proxy = no
  126. lmtp_proxy_rawlog_dir =
  127. lmtp_rawlog_dir =
  128. lmtp_rcpt_check_quota = no
  129. lmtp_save_to_detail_mailbox = no
  130. lmtp_user_concurrency_limit = 0
  131. lock_method = fcntl
  132. log_core_filter =
  133. log_debug =
  134. log_path = syslog
  135. log_timestamp = "%b %d %H:%M:%S "
  136. login_access_sockets =
  137. login_greeting = Dovecot (Debian) ready.
  138. login_log_format = %$: %s
  139. login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>
  140. login_plugin_dir = /usr/lib/dovecot/modules/login
  141. login_plugins =
  142. login_proxy_max_disconnect_delay = 0
  143. login_proxy_notify_path = proxy-notify
  144. login_source_ips =
  145. login_trusted_networks =
  146. mail_access_groups =
  147. mail_always_cache_fields =
  148. mail_attachment_detection_options =
  149. mail_attachment_dir =
  150. mail_attachment_fs = sis posix
  151. mail_attachment_hash = %{sha1}
  152. mail_attachment_min_size = 128 k
  153. mail_attribute_dict =
  154. mail_cache_compress_continued_percentage = 200
  155. mail_cache_compress_delete_percentage = 20
  156. mail_cache_compress_header_continue_count = 4
  157. mail_cache_compress_min_size = 32 k
  158. mail_cache_fields = flags
  159. mail_cache_min_mail_count = 0
  160. mail_cache_record_max_size = 64 k
  161. mail_cache_unaccessed_field_drop = 30 days
  162. mail_chroot =
  163. mail_debug = no
  164. mail_fsync = optimized
  165. mail_full_filesystem_access = no
  166. mail_gid =
  167. mail_home =
  168. mail_index_log2_max_age = 2 days
  169. mail_index_log_rotate_max_size = 1 M
  170. mail_index_log_rotate_min_age = 5 mins
  171. mail_index_log_rotate_min_size = 32 k
  172. mail_index_rewrite_max_log_bytes = 128 k
  173. mail_index_rewrite_min_log_bytes = 8 k
  174. mail_location = maildir:~/Maildir
  175. mail_log_prefix = "%s(%u)<%{pid}><%{session}>: "
  176. mail_max_keyword_length = 50
  177. mail_max_lock_timeout = 0
  178. mail_max_userip_connections = 10
  179. mail_never_cache_fields = imap.envelope
  180. mail_nfs_index = no
  181. mail_nfs_storage = no
  182. mail_plugin_dir = /usr/lib/dovecot/modules
  183. mail_plugins =
  184. mail_prefetch_count = 0
  185. mail_privileged_group = mail
  186. mail_save_crlf = no
  187. mail_server_admin =
  188. mail_server_comment =
  189. mail_shared_explicit_inbox = no
  190. mail_sort_max_read_count = 0
  191. mail_temp_dir = /tmp
  192. mail_temp_scan_interval = 1 weeks
  193. mail_uid =
  194. mail_vsize_bg_after_count = 0
  195. mailbox_idle_check_interval = 30 secs
  196. mailbox_list_index = yes
  197. mailbox_list_index_include_inbox = no
  198. mailbox_list_index_very_dirty_syncs = no
  199. maildir_broken_filename_sizes = no
  200. maildir_copy_with_hardlinks = yes
  201. maildir_empty_new = no
  202. maildir_stat_dirs = no
  203. maildir_very_dirty_syncs = no
  204. master_user_separator =
  205. mbox_dirty_syncs = yes
  206. mbox_dotlock_change_timeout = 2 mins
  207. mbox_lazy_writes = yes
  208. mbox_lock_timeout = 5 mins
  209. mbox_md5 = apop3d
  210. mbox_min_index_size = 0
  211. mbox_read_locks = fcntl
  212. mbox_very_dirty_syncs = no
  213. mbox_write_locks = fcntl dotlock
  214. mdbox_preallocate_space = no
  215. mdbox_rotate_interval = 0
  216. mdbox_rotate_size = 10 M
  217. mmap_disable = no
  218. namespace inbox {
  219. disabled = no
  220. hidden = no
  221. ignore_on_failure = no
  222. inbox = yes
  223. list = yes
  224. location =
  225. mailbox Drafts {
  226. auto = no
  227. autoexpunge = 0
  228. autoexpunge_max_mails = 0
  229. comment =
  230. driver =
  231. special_use = \Drafts
  232. }
  233. mailbox Junk {
  234. auto = no
  235. autoexpunge = 0
  236. autoexpunge_max_mails = 0
  237. comment =
  238. driver =
  239. special_use = \Junk
  240. }
  241. mailbox Sent {
  242. auto = no
  243. autoexpunge = 0
  244. autoexpunge_max_mails = 0
  245. comment =
  246. driver =
  247. special_use = \Sent
  248. }
  249. mailbox "Sent Messages" {
  250. auto = no
  251. autoexpunge = 0
  252. autoexpunge_max_mails = 0
  253. comment =
  254. driver =
  255. special_use = \Sent
  256. }
  257. mailbox Trash {
  258. auto = no
  259. autoexpunge = 0
  260. autoexpunge_max_mails = 0
  261. comment =
  262. driver =
  263. special_use = \Trash
  264. }
  265. order = 0
  266. prefix =
  267. separator =
  268. subscriptions = yes
  269. type = private
  270. }
  271. old_stats_carbon_interval = 30 secs
  272. old_stats_carbon_name =
  273. old_stats_carbon_server =
  274. old_stats_command_min_time = 1 mins
  275. old_stats_domain_min_time = 12 hours
  276. old_stats_ip_min_time = 12 hours
  277. old_stats_memory_limit = 16 M
  278. old_stats_session_min_time = 15 mins
  279. old_stats_user_min_time = 1 hours
  280. passdb {
  281. args =
  282. auth_verbose = default
  283. default_fields =
  284. deny = no
  285. driver = pam
  286. master = no
  287. mechanisms =
  288. name =
  289. override_fields =
  290. pass = no
  291. result_failure = continue
  292. result_internalfail = continue
  293. result_success = return-ok
  294. skip = never
  295. username_filter =
  296. }
  297. pop3_client_workarounds =
  298. pop3_delete_type = default
  299. pop3_deleted_flag =
  300. pop3_enable_last = no
  301. pop3_fast_size_lookups = no
  302. pop3_lock_session = no
  303. pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
  304. pop3_no_flag_updates = no
  305. pop3_reuse_xuidl = no
  306. pop3_save_uidl = no
  307. pop3_uidl_duplicates = allow
  308. pop3_uidl_format = %08Xu%08Xv
  309. pop3c_features =
  310. pop3c_host =
  311. pop3c_master_user =
  312. pop3c_password =
  313. pop3c_port = 110
  314. pop3c_quick_received_date = no
  315. pop3c_rawlog_dir =
  316. pop3c_ssl = no
  317. pop3c_ssl_verify = yes
  318. pop3c_user = %u
  319. postmaster_address = postmaster@%{if;%d;ne;;%d;%{hostname}}
  320. protocols = imap pop3 lmtp
  321. quota_full_tempfail = no
  322. rawlog_dir =
  323. recipient_delimiter = +
  324. rejection_reason = Your message to <%t> was automatically rejected:%n%r
  325. rejection_subject = Rejected: %s
  326. replication_dsync_parameters = -d -N -l 30 -U
  327. replication_full_sync_interval = 1 days
  328. replication_max_conns = 10
  329. replicator_host = replicator
  330. replicator_port = 0
  331. sendmail_path = /usr/sbin/sendmail
  332. service aggregator {
  333. chroot = .
  334. client_limit = 0
  335. drop_priv_before_exec = no
  336. executable = aggregator
  337. extra_groups =
  338. fifo_listener replication-notify-fifo {
  339. group =
  340. mode = 0600
  341. user =
  342. }
  343. group =
  344. idle_kill = 0
  345. privileged_group =
  346. process_limit = 0
  347. process_min_avail = 0
  348. protocol =
  349. service_count = 0
  350. type =
  351. unix_listener replication-notify {
  352. group =
  353. mode = 0600
  354. user =
  355. }
  356. user = $default_internal_user
  357. vsz_limit = 18446744073709551615 B
  358. }
  359. service anvil {
  360. chroot = empty
  361. client_limit = 0
  362. drop_priv_before_exec = no
  363. executable = anvil
  364. extra_groups =
  365. group =
  366. idle_kill = 4294967295 secs
  367. privileged_group =
  368. process_limit = 1
  369. process_min_avail = 1
  370. protocol =
  371. service_count = 0
  372. type = anvil
  373. unix_listener anvil-auth-penalty {
  374. group =
  375. mode = 0600
  376. user =
  377. }
  378. unix_listener anvil {
  379. group =
  380. mode = 0600
  381. user =
  382. }
  383. user = $default_internal_user
  384. vsz_limit = 18446744073709551615 B
  385. }
  386. service auth-worker {
  387. chroot =
  388. client_limit = 1
  389. drop_priv_before_exec = no
  390. executable = auth -w
  391. extra_groups =
  392. group =
  393. idle_kill = 0
  394. privileged_group =
  395. process_limit = 0
  396. process_min_avail = 0
  397. protocol =
  398. service_count = 1
  399. type =
  400. unix_listener auth-worker {
  401. group =
  402. mode = 0600
  403. user = $default_internal_user
  404. }
  405. user =
  406. vsz_limit = 18446744073709551615 B
  407. }
  408. service auth {
  409. chroot =
  410. client_limit = 0
  411. drop_priv_before_exec = no
  412. executable = auth
  413. extra_groups =
  414. group =
  415. idle_kill = 0
  416. privileged_group =
  417. process_limit = 1
  418. process_min_avail = 0
  419. protocol =
  420. service_count = 0
  421. type =
  422. unix_listener /var/spool/postfix/private/auth {
  423. group = postfix
  424. mode = 0660
  425. user = postfix
  426. }
  427. unix_listener auth-client {
  428. group =
  429. mode = 0600
  430. user = $default_internal_user
  431. }
  432. unix_listener auth-login {
  433. group =
  434. mode = 0600
  435. user = $default_internal_user
  436. }
  437. unix_listener auth-master {
  438. group =
  439. mode = 0600
  440. user =
  441. }
  442. unix_listener auth-userdb {
  443. group =
  444. mode = 0666
  445. user = $default_internal_user
  446. }
  447. unix_listener login/login {
  448. group =
  449. mode = 0666
  450. user =
  451. }
  452. unix_listener token-login/tokenlogin {
  453. group =
  454. mode = 0666
  455. user =
  456. }
  457. user = $default_internal_user
  458. vsz_limit = 18446744073709551615 B
  459. }
  460. service config {
  461. chroot =
  462. client_limit = 0
  463. drop_priv_before_exec = no
  464. executable = config
  465. extra_groups =
  466. group =
  467. idle_kill = 4294967295 secs
  468. privileged_group =
  469. process_limit = 0
  470. process_min_avail = 0
  471. protocol =
  472. service_count = 0
  473. type = config
  474. unix_listener config {
  475. group =
  476. mode = 0600
  477. user =
  478. }
  479. user =
  480. vsz_limit = 18446744073709551615 B
  481. }
  482. service dict-async {
  483. chroot =
  484. client_limit = 0
  485. drop_priv_before_exec = no
  486. executable = dict
  487. extra_groups =
  488. group =
  489. idle_kill = 0
  490. privileged_group =
  491. process_limit = 0
  492. process_min_avail = 0
  493. protocol =
  494. service_count = 0
  495. type =
  496. unix_listener dict-async {
  497. group = $default_internal_group
  498. mode = 0660
  499. user =
  500. }
  501. user = $default_internal_user
  502. vsz_limit = 18446744073709551615 B
  503. }
  504. service dict {
  505. chroot =
  506. client_limit = 1
  507. drop_priv_before_exec = no
  508. executable = dict
  509. extra_groups =
  510. group =
  511. idle_kill = 0
  512. privileged_group =
  513. process_limit = 0
  514. process_min_avail = 0
  515. protocol =
  516. service_count = 0
  517. type =
  518. unix_listener dict {
  519. group = $default_internal_group
  520. mode = 0660
  521. user =
  522. }
  523. user = $default_internal_user
  524. vsz_limit = 18446744073709551615 B
  525. }
  526. service director {
  527. chroot = .
  528. client_limit = 0
  529. drop_priv_before_exec = no
  530. executable = director
  531. extra_groups =
  532. fifo_listener login/proxy-notify {
  533. group =
  534. mode = 00
  535. user =
  536. }
  537. group =
  538. idle_kill = 4294967295 secs
  539. inet_listener {
  540. address =
  541. haproxy = no
  542. port = 0
  543. reuse_port = no
  544. ssl = no
  545. }
  546. privileged_group =
  547. process_limit = 1
  548. process_min_avail = 0
  549. protocol =
  550. service_count = 0
  551. type =
  552. unix_listener director-admin {
  553. group =
  554. mode = 0600
  555. user =
  556. }
  557. unix_listener director-userdb {
  558. group =
  559. mode = 0600
  560. user =
  561. }
  562. unix_listener login/director {
  563. group =
  564. mode = 00
  565. user =
  566. }
  567. user = $default_internal_user
  568. vsz_limit = 18446744073709551615 B
  569. }
  570. service dns_client {
  571. chroot =
  572. client_limit = 1
  573. drop_priv_before_exec = no
  574. executable = dns-client
  575. extra_groups =
  576. group =
  577. idle_kill = 0
  578. privileged_group =
  579. process_limit = 0
  580. process_min_avail = 0
  581. protocol =
  582. service_count = 0
  583. type =
  584. unix_listener dns-client {
  585. group =
  586. mode = 0666
  587. user =
  588. }
  589. user = $default_internal_user
  590. vsz_limit = 18446744073709551615 B
  591. }
  592. service doveadm {
  593. chroot =
  594. client_limit = 1
  595. drop_priv_before_exec = no
  596. executable = doveadm-server
  597. extra_groups = $default_internal_group
  598. group =
  599. idle_kill = 0
  600. privileged_group =
  601. process_limit = 0
  602. process_min_avail = 0
  603. protocol =
  604. service_count = 1
  605. type =
  606. unix_listener doveadm-server {
  607. group =
  608. mode = 0600
  609. user =
  610. }
  611. user =
  612. vsz_limit = 18446744073709551615 B
  613. }
  614. service imap-hibernate {
  615. chroot =
  616. client_limit = 0
  617. drop_priv_before_exec = no
  618. executable = imap-hibernate
  619. extra_groups =
  620. group =
  621. idle_kill = 0
  622. privileged_group =
  623. process_limit = 0
  624. process_min_avail = 0
  625. protocol = imap
  626. service_count = 0
  627. type =
  628. unix_listener imap-hibernate {
  629. group = $default_internal_group
  630. mode = 0660
  631. user =
  632. }
  633. user = $default_internal_user
  634. vsz_limit = 18446744073709551615 B
  635. }
  636. service imap-login {
  637. chroot = login
  638. client_limit = 0
  639. drop_priv_before_exec = no
  640. executable = imap-login
  641. extra_groups =
  642. group =
  643. idle_kill = 0
  644. inet_listener imap {
  645. address =
  646. haproxy = no
  647. port = 143
  648. reuse_port = no
  649. ssl = no
  650. }
  651. inet_listener imaps {
  652. address =
  653. haproxy = no
  654. port = 993
  655. reuse_port = no
  656. ssl = yes
  657. }
  658. privileged_group =
  659. process_limit = 0
  660. process_min_avail = 0
  661. protocol = imap
  662. service_count = 1
  663. type = login
  664. user = $default_login_user
  665. vsz_limit = 18446744073709551615 B
  666. }
  667. service imap-urlauth-login {
  668. chroot = token-login
  669. client_limit = 0
  670. drop_priv_before_exec = no
  671. executable = imap-urlauth-login
  672. extra_groups =
  673. group =
  674. idle_kill = 0
  675. privileged_group =
  676. process_limit = 0
  677. process_min_avail = 0
  678. protocol = imap
  679. service_count = 1
  680. type = login
  681. unix_listener imap-urlauth {
  682. group =
  683. mode = 0666
  684. user =
  685. }
  686. user = $default_login_user
  687. vsz_limit = 18446744073709551615 B
  688. }
  689. service imap-urlauth-worker {
  690. chroot =
  691. client_limit = 1
  692. drop_priv_before_exec = no
  693. executable = imap-urlauth-worker
  694. extra_groups = $default_internal_group
  695. group =
  696. idle_kill = 0
  697. privileged_group =
  698. process_limit = 1024
  699. process_min_avail = 0
  700. protocol = imap
  701. service_count = 1
  702. type =
  703. unix_listener imap-urlauth-worker {
  704. group =
  705. mode = 0600
  706. user = $default_internal_user
  707. }
  708. user =
  709. vsz_limit = 18446744073709551615 B
  710. }
  711. service imap-urlauth {
  712. chroot =
  713. client_limit = 1
  714. drop_priv_before_exec = no
  715. executable = imap-urlauth
  716. extra_groups =
  717. group =
  718. idle_kill = 0
  719. privileged_group =
  720. process_limit = 1024
  721. process_min_avail = 0
  722. protocol = imap
  723. service_count = 1
  724. type =
  725. unix_listener token-login/imap-urlauth {
  726. group =
  727. mode = 0666
  728. user =
  729. }
  730. user = $default_internal_user
  731. vsz_limit = 18446744073709551615 B
  732. }
  733. service imap {
  734. chroot =
  735. client_limit = 1
  736. drop_priv_before_exec = no
  737. executable = imap
  738. extra_groups = $default_internal_group
  739. group =
  740. idle_kill = 0
  741. privileged_group =
  742. process_limit = 1024
  743. process_min_avail = 0
  744. protocol = imap
  745. service_count = 1
  746. type =
  747. unix_listener imap-master {
  748. group =
  749. mode = 0600
  750. user =
  751. }
  752. unix_listener login/imap {
  753. group =
  754. mode = 0666
  755. user =
  756. }
  757. user =
  758. vsz_limit = 18446744073709551615 B
  759. }
  760. service indexer-worker {
  761. chroot =
  762. client_limit = 1
  763. drop_priv_before_exec = no
  764. executable = indexer-worker
  765. extra_groups = $default_internal_group
  766. group =
  767. idle_kill = 0
  768. privileged_group =
  769. process_limit = 10
  770. process_min_avail = 0
  771. protocol =
  772. service_count = 0
  773. type =
  774. unix_listener indexer-worker {
  775. group =
  776. mode = 0600
  777. user = $default_internal_user
  778. }
  779. user =
  780. vsz_limit = 18446744073709551615 B
  781. }
  782. service indexer {
  783. chroot =
  784. client_limit = 0
  785. drop_priv_before_exec = no
  786. executable = indexer
  787. extra_groups =
  788. group =
  789. idle_kill = 0
  790. privileged_group =
  791. process_limit = 1
  792. process_min_avail = 0
  793. protocol =
  794. service_count = 0
  795. type =
  796. unix_listener indexer {
  797. group =
  798. mode = 0666
  799. user =
  800. }
  801. user = $default_internal_user
  802. vsz_limit = 18446744073709551615 B
  803. }
  804. service ipc {
  805. chroot = empty
  806. client_limit = 0
  807. drop_priv_before_exec = no
  808. executable = ipc
  809. extra_groups =
  810. group =
  811. idle_kill = 0
  812. privileged_group =
  813. process_limit = 1
  814. process_min_avail = 0
  815. protocol =
  816. service_count = 0
  817. type =
  818. unix_listener ipc {
  819. group =
  820. mode = 0600
  821. user = $default_internal_user
  822. }
  823. unix_listener login/ipc-proxy {
  824. group =
  825. mode = 0600
  826. user = $default_login_user
  827. }
  828. user = $default_internal_user
  829. vsz_limit = 18446744073709551615 B
  830. }
  831. service lmtp {
  832. chroot =
  833. client_limit = 1
  834. drop_priv_before_exec = no
  835. executable = lmtp
  836. extra_groups = $default_internal_group
  837. group =
  838. idle_kill = 0
  839. privileged_group =
  840. process_limit = 0
  841. process_min_avail = 0
  842. protocol = lmtp
  843. service_count = 0
  844. type =
  845. unix_listener /var/spool/postfix/private/dovecot-lmtp {
  846. group = postfix
  847. mode = 0600
  848. user = postfix
  849. }
  850. unix_listener lmtp {
  851. group =
  852. mode = 0666
  853. user =
  854. }
  855. user =
  856. vsz_limit = 18446744073709551615 B
  857. }
  858. service log {
  859. chroot =
  860. client_limit = 0
  861. drop_priv_before_exec = no
  862. executable = log
  863. extra_groups =
  864. group =
  865. idle_kill = 4294967295 secs
  866. privileged_group =
  867. process_limit = 1
  868. process_min_avail = 0
  869. protocol =
  870. service_count = 0
  871. type = log
  872. unix_listener log-errors {
  873. group =
  874. mode = 0600
  875. user =
  876. }
  877. user =
  878. vsz_limit = 18446744073709551615 B
  879. }
  880. service old-stats {
  881. chroot = empty
  882. client_limit = 0
  883. drop_priv_before_exec = no
  884. executable = old-stats
  885. extra_groups =
  886. fifo_listener old-stats-mail {
  887. group =
  888. mode = 0600
  889. user =
  890. }
  891. fifo_listener old-stats-user {
  892. group =
  893. mode = 0600
  894. user =
  895. }
  896. group =
  897. idle_kill = 4294967295 secs
  898. privileged_group =
  899. process_limit = 1
  900. process_min_avail = 0
  901. protocol =
  902. service_count = 0
  903. type =
  904. unix_listener old-stats {
  905. group =
  906. mode = 0600
  907. user =
  908. }
  909. user = $default_internal_user
  910. vsz_limit = 18446744073709551615 B
  911. }
  912. service pop3-login {
  913. chroot = login
  914. client_limit = 0
  915. drop_priv_before_exec = no
  916. executable = pop3-login
  917. extra_groups =
  918. group =
  919. idle_kill = 0
  920. inet_listener pop3 {
  921. address =
  922. haproxy = no
  923. port = 110
  924. reuse_port = no
  925. ssl = no
  926. }
  927. inet_listener pop3s {
  928. address =
  929. haproxy = no
  930. port = 995
  931. reuse_port = no
  932. ssl = yes
  933. }
  934. privileged_group =
  935. process_limit = 0
  936. process_min_avail = 0
  937. protocol = pop3
  938. service_count = 1
  939. type = login
  940. user = $default_login_user
  941. vsz_limit = 18446744073709551615 B
  942. }
  943. service pop3 {
  944. chroot =
  945. client_limit = 1
  946. drop_priv_before_exec = no
  947. executable = pop3
  948. extra_groups = $default_internal_group
  949. group =
  950. idle_kill = 0
  951. privileged_group =
  952. process_limit = 1024
  953. process_min_avail = 0
  954. protocol = pop3
  955. service_count = 1
  956. type =
  957. unix_listener login/pop3 {
  958. group =
  959. mode = 0666
  960. user =
  961. }
  962. user =
  963. vsz_limit = 18446744073709551615 B
  964. }
  965. service replicator {
  966. chroot =
  967. client_limit = 0
  968. drop_priv_before_exec = no
  969. executable = replicator
  970. extra_groups =
  971. group =
  972. idle_kill = 4294967295 secs
  973. privileged_group =
  974. process_limit = 1
  975. process_min_avail = 0
  976. protocol =
  977. service_count = 0
  978. type =
  979. unix_listener replicator-doveadm {
  980. group =
  981. mode = 00
  982. user = $default_internal_user
  983. }
  984. unix_listener replicator {
  985. group =
  986. mode = 0600
  987. user = $default_internal_user
  988. }
  989. user =
  990. vsz_limit = 18446744073709551615 B
  991. }
  992. service stats {
  993. chroot = empty
  994. client_limit = 0
  995. drop_priv_before_exec = no
  996. executable = stats
  997. extra_groups =
  998. group =
  999. idle_kill = 4294967295 secs
  1000. privileged_group =
  1001. process_limit = 1
  1002. process_min_avail = 0
  1003. protocol =
  1004. service_count = 0
  1005. type =
  1006. unix_listener stats-reader {
  1007. group =
  1008. mode = 0600
  1009. user =
  1010. }
  1011. unix_listener stats-writer {
  1012. group = $default_internal_group
  1013. mode = 0660
  1014. user =
  1015. }
  1016. user = $default_internal_user
  1017. vsz_limit = 18446744073709551615 B
  1018. }
  1019. service submission-login {
  1020. chroot = login
  1021. client_limit = 0
  1022. drop_priv_before_exec = no
  1023. executable = submission-login
  1024. extra_groups =
  1025. group =
  1026. idle_kill = 0
  1027. inet_listener submission {
  1028. address =
  1029. haproxy = no
  1030. port = 587
  1031. reuse_port = no
  1032. ssl = no
  1033. }
  1034. privileged_group =
  1035. process_limit = 0
  1036. process_min_avail = 0
  1037. protocol = submission
  1038. service_count = 1
  1039. type = login
  1040. user = $default_login_user
  1041. vsz_limit = 18446744073709551615 B
  1042. }
  1043. service submission {
  1044. chroot =
  1045. client_limit = 1
  1046. drop_priv_before_exec = no
  1047. executable = submission
  1048. extra_groups = $default_internal_group
  1049. group =
  1050. idle_kill = 0
  1051. privileged_group =
  1052. process_limit = 1024
  1053. process_min_avail = 0
  1054. protocol = submission
  1055. service_count = 1
  1056. type =
  1057. unix_listener login/submission {
  1058. group =
  1059. mode = 0666
  1060. user =
  1061. }
  1062. user =
  1063. vsz_limit = 18446744073709551615 B
  1064. }
  1065. service tcpwrap {
  1066. chroot =
  1067. client_limit = 1
  1068. drop_priv_before_exec = no
  1069. executable = tcpwrap
  1070. extra_groups =
  1071. group =
  1072. idle_kill = 0
  1073. privileged_group =
  1074. process_limit = 0
  1075. process_min_avail = 0
  1076. protocol =
  1077. service_count = 0
  1078. type =
  1079. user = $default_internal_user
  1080. vsz_limit = 18446744073709551615 B
  1081. }
  1082. shutdown_clients = yes
  1083. ssl = required
  1084. ssl_alt_cert =
  1085. ssl_alt_key =
  1086. ssl_ca =
  1087. ssl_cert = </etc/letsencrypt/live/domain.net/fullchain.pem
  1088. ssl_cert_username_field = commonName
  1089. ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
  1090. ssl_client_ca_dir = /etc/ssl/certs
  1091. ssl_client_ca_file =
  1092. ssl_client_cert =
  1093. ssl_client_key =
  1094. ssl_crypto_device =
  1095. ssl_curve_list =
  1096. ssl_dh = # hidden, use -P to show it
  1097. ssl_key = # hidden, use -P to show it
  1098. ssl_key_password =
  1099. ssl_min_protocol = TLSv1.2
  1100. ssl_options =
  1101. ssl_prefer_server_ciphers = yes
  1102. ssl_require_crl = yes
  1103. ssl_verify_client_cert = no
  1104. state_dir = /var/lib/dovecot
  1105. stats_writer_socket_path = stats-writer
  1106. submission_client_workarounds =
  1107. submission_host =
  1108. submission_logout_format = in=%i out=%o
  1109. submission_max_mail_size = 40 M
  1110. submission_max_recipients = 0
  1111. submission_relay_command_timeout = 5 mins
  1112. submission_relay_connect_timeout = 30 secs
  1113. submission_relay_host =
  1114. submission_relay_master_user =
  1115. submission_relay_max_idle_time = 29 mins
  1116. submission_relay_password =
  1117. submission_relay_port = 25
  1118. submission_relay_rawlog_dir =
  1119. submission_relay_ssl = no
  1120. submission_relay_ssl_verify = yes
  1121. submission_relay_trusted = no
  1122. submission_relay_user =
  1123. submission_ssl = no
  1124. submission_timeout = 30 secs
  1125. syslog_facility = mail
  1126. userdb {
  1127. args =
  1128. auth_verbose = default
  1129. default_fields =
  1130. driver = passwd
  1131. name =
  1132. override_fields =
  1133. result_failure = continue
  1134. result_internalfail = continue
  1135. result_success = return-ok
  1136. skip = never
  1137. }
  1138. valid_chroot_dirs =
  1139. verbose_proctitle = no
  1140. verbose_ssl = no
  1141. version_ignore = no
  1142.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!