mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
013aff3d0c
This is reasonably important for the performance of clients such as Delta Chat. The plugins are bundled with dovecot by default (see https://wiki2.dovecot.org/Plugins ) so this should not be disruptive.
130 lines
3.2 KiB
Text
130 lines
3.2 KiB
Text
!include yunohost.d/pre-ext.conf
|
|
|
|
listen = *, ::
|
|
auth_mechanisms = plain login
|
|
|
|
mail_gid = 8
|
|
mail_home = /var/mail/%n
|
|
mail_location = maildir:/var/mail/%n
|
|
mail_uid = 500
|
|
|
|
protocols = imap sieve {% if pop3_enabled == "True" %}pop3{% endif %}
|
|
|
|
mail_plugins = $mail_plugins quota notify push_notification
|
|
|
|
###############################################################################
|
|
|
|
# generated 2020-08-18, Mozilla Guideline v5.6, Dovecot 2.3.4, OpenSSL 1.1.1d, intermediate configuration
|
|
# https://ssl-config.mozilla.org/#server=dovecot&version=2.3.4&config=intermediate&openssl=1.1.1d&guideline=5.6
|
|
|
|
ssl = required
|
|
|
|
ssl_cert = </etc/yunohost/certs/{{ main_domain }}/crt.pem
|
|
ssl_key = </etc/yunohost/certs/{{ main_domain }}/key.pem
|
|
{% for domain in domain_list.split() %}{% if domain != main_domain %}
|
|
local_name {{ domain }} {
|
|
ssl_cert = </etc/yunohost/certs/{{ domain }}/crt.pem
|
|
ssl_key = </etc/yunohost/certs/{{ domain }}/key.pem
|
|
}{% endif %}{% endfor %}
|
|
|
|
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
|
|
ssl_dh = </usr/share/yunohost/ffdhe2048.pem
|
|
|
|
# intermediate configuration
|
|
ssl_min_protocol = TLSv1.2
|
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
|
ssl_prefer_server_ciphers = no
|
|
|
|
###############################################################################
|
|
|
|
|
|
passdb {
|
|
args = /etc/dovecot/dovecot-ldap.conf
|
|
driver = ldap
|
|
}
|
|
|
|
userdb {
|
|
args = /etc/dovecot/dovecot-ldap.conf
|
|
driver = ldap
|
|
}
|
|
|
|
protocol imap {
|
|
imap_client_workarounds =
|
|
mail_plugins = $mail_plugins imap_quota antispam
|
|
}
|
|
|
|
|
|
protocol lda {
|
|
auth_socket_path = /var/run/dovecot/auth-master
|
|
mail_plugins = quota sieve
|
|
postmaster_address = postmaster@{{ main_domain }}
|
|
}
|
|
|
|
protocol sieve {
|
|
}
|
|
|
|
service auth {
|
|
unix_listener /var/spool/postfix/private/auth {
|
|
group = postfix
|
|
mode = 0660
|
|
user = postfix
|
|
}
|
|
unix_listener auth-master {
|
|
group = mail
|
|
mode = 0660
|
|
user = vmail
|
|
}
|
|
}
|
|
|
|
service quota-warning {
|
|
executable = script /usr/bin/quota-warning.sh
|
|
user = vmail
|
|
unix_listener quota-warning {
|
|
}
|
|
}
|
|
|
|
service stats {
|
|
unix_listener stats-reader {
|
|
user = vmail
|
|
group = mail
|
|
mode = 0660
|
|
}
|
|
|
|
unix_listener stats-writer {
|
|
user = vmail
|
|
group = mail
|
|
mode = 0660
|
|
}
|
|
}
|
|
|
|
plugin {
|
|
sieve = /var/mail/sievescript/%n/.dovecot.sieve
|
|
sieve_dir = /var/mail/sievescript/%n/scripts/
|
|
sieve_before = /etc/dovecot/global_script/
|
|
}
|
|
|
|
plugin {
|
|
antispam_debug_target = syslog
|
|
antispam_verbose_debug = 0
|
|
antispam_backend = pipe
|
|
antispam_spam = Junk;SPAM
|
|
antispam_trash = Trash
|
|
antispam_pipe_program = /usr/bin/rspamc
|
|
antispam_pipe_program_args = -h;localhost:11334;-P;q1
|
|
antispam_pipe_program_spam_arg = learn_spam
|
|
antispam_pipe_program_notspam_arg = learn_ham
|
|
}
|
|
|
|
plugin {
|
|
quota = maildir:User quota
|
|
quota_rule2 = SPAM:ignore
|
|
quota_rule3 = Trash:ignore
|
|
}
|
|
|
|
plugin {
|
|
quota_warning = storage=95%% quota-warning 95 %u
|
|
quota_warning2 = storage=80%% quota-warning 80 %u
|
|
quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota
|
|
}
|
|
|
|
!include yunohost.d/post-ext.conf
|