yunohost/conf/dovecot/dovecot.conf

!include yunohost.d/pre-ext.conf

listen = *, ::
auth_mechanisms = plain login

mail_gid = 8
mail_home = /var/mail/%n
mail_location = maildir:/var/mail/%n
mail_uid = 500

protocols = imap sieve {% if pop3_enabled == "True" %}pop3{% endif %}

mail_plugins = $mail_plugins quota notify push_notification

###############################################################################

# generated 2020-08-18, Mozilla Guideline v5.6, Dovecot 2.3.4, OpenSSL 1.1.1d, intermediate configuration
# https://ssl-config.mozilla.org/#server=dovecot&version=2.3.4&config=intermediate&openssl=1.1.1d&guideline=5.6

ssl = required

ssl_cert = </etc/yunohost/certs/{{ main_domain }}/crt.pem
ssl_key = </etc/yunohost/certs/{{ main_domain }}/key.pem
{% for domain in domain_list.split() %}{% if domain != main_domain %}
local_name {{ domain }} {
  ssl_cert = </etc/yunohost/certs/{{ domain }}/crt.pem
  ssl_key = </etc/yunohost/certs/{{ domain }}/key.pem
}{% endif %}{% endfor %}

# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
ssl_dh = </usr/share/yunohost/ffdhe2048.pem

# intermediate configuration
ssl_min_protocol = TLSv1.2
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_prefer_server_ciphers = no

###############################################################################


# Regular Yunohost accounts
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}

# Internally, allow authentication from apps system user who have "enable_email = true"
passdb {
  driver = passwd-file
  args = /etc/dovecot/app-senders-passwd
}

userdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf
}

userdb {
  driver = passwd-file
  args = /etc/dovecot/app-senders-passwd
}

protocol imap {
  imap_client_workarounds =
  mail_plugins = $mail_plugins imap_quota antispam
}

protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  mail_plugins = quota sieve
  postmaster_address = postmaster@{{ main_domain }}
}

namespace inbox {
  inbox = yes

  mailbox Drafts {
    special_use = \Drafts
    auto = subscribe
  }
  mailbox Junk {
    special_use = \Junk
    auto = subscribe
  }
  mailbox Trash {
    special_use = \Trash
    auto = subscribe
  }
  mailbox Sent {
    special_use = \Sent
    auto = subscribe
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox "Archive" {
    special_use = \Archive
    auto = subscribe
  }
}

protocol sieve {
}

service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-master {
    group = mail
    mode = 0660
    user = vmail
  }
}

service quota-warning {
  executable = script /usr/bin/quota-warning.sh
  user = vmail
  unix_listener quota-warning {
  }
}

service stats {
    unix_listener stats-reader {
        user = vmail
        group = mail
        mode = 0660
    }

    unix_listener stats-writer {
        user = vmail
        group = mail
        mode = 0660
    }
}

plugin {
  sieve = /var/mail/sievescript/%n/.dovecot.sieve
  sieve_dir = /var/mail/sievescript/%n/scripts/
  sieve_before = /etc/dovecot/global_script/
}

plugin {
  antispam_debug_target = syslog
  antispam_verbose_debug = 0
  antispam_backend = pipe
  antispam_spam_pattern_ignorecase = junk;spam
  antispam_trash_pattern_ignorecase = trash;papierkorb;deleted messages
  antispam_pipe_program = /usr/bin/rspamc
  antispam_pipe_program_args = -h;localhost:11334;-P;q1
  antispam_pipe_program_spam_arg = learn_spam
  antispam_pipe_program_notspam_arg = learn_ham
}

plugin {
  quota = maildir:User quota
  quota_rule2 = SPAM:ignore
  quota_rule3 = Trash:ignore
}

plugin {
  quota_warning = storage=95%% quota-warning 95 %u
  quota_warning2 = storage=80%% quota-warning 80 %u
  quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota
}

!include yunohost.d/post-ext.conf