Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Dovecot: Example config for maildir++ quota and so on
uris = ldap://a.ldap.example.jp/ ldap://b.ldap.example.jp/
ldap_version = 3
base = ou=%d,dc=example,dc=jp
scope = subtree
auth_bind = yes
pass_filter = (uid=%n)
pass_attrs = mailQuota=userdb_quota_rule=*:bytes=%$
user_filter = (uid=%n)
user_attrs = mailQuota=quota_rule=*:bytes=%$
protocols = imap pop3 lmtp
## ======================================================================
mail_plugins = quota
ssl = yes
ssl_cert = </etc/dovecot/certs/imap.example.jp.cer
ssl_key = </etc/dovecot/private/imap.example.jp.key
ssl_cipher_list = ALL:!SSLv2:!MD5:!EXP:!LOW:!aNULL:!eNULL:@STRENGTH
## Global mail user attributes
## ======================================================================
## UID of user 'mail'
first_valid_uid = 8
## GID of group 'mail'
first_valid_gid = 12
mail_uid = mail
mail_gid = mail
mail_home = /var/mail/domains/%d/%n
mail_location = maildir:~/Maildir
## IMAP namespace for compatibility with Courier IMAP
namespace {
prefix = INBOX.
separator = .
inbox = yes
}
## Authentication and password database
## ======================================================================
auth_mechanisms = plain
disable_plaintext_auth = no
## Log unsuccessful authentication attempts and the reasons why they failed.
#auth_verbose = no
## Even more verbose logging for debugging purposes. Shows for example SQL
## queries.
#auth_debug = no
passdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
}
## User database
## ======================================================================
userdb {
driver = prefetch
}
## The userdb below is used only by LDA if prefetch driver is enabled above.
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
}
## Master process
## ======================================================================
#default_process_limit = 100
#default_client_limit = 1000
service imap-login {
inet_listener imap {
#port = 143
}
inet_listener imaps {
#port = 993
}
## Number of connections to handle before starting a new process. Typically
## the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
## is faster. <doc/wiki/LoginProcess.txt>
#service_count = 1
## Number of processes to always keep waiting for more connections.
#process_min_avail = 0
## If you set service_count=0, you probably need to grow this.
#vsz_limit = 64M
}
service pop3-login {
inet_listener pop3 {
#port = 110
}
inet_listener pop3s {
#port = 995
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0660
user = dovecot
group = postfix
}
## Create inet listener only if you can't use the above UNIX socket
#inet_listener lmtp {
# ## Avoid making LMTP visible for the entire internet
# address =
# port =
#}
}
service imap {
## Most of the memory goes to mmap()ing files. You may need to increase this
## limit if you have huge mailboxes.
#vsz_limit = 256M
## Max. number of IMAP processes (connections)
#process_limit = 1024
}
service pop3 {
## Max. number of POP3 processes (connections)
#process_limit = 1024
}
service auth {
## auth_socket_path points to this userdb socket by default. It's typically
## used by dovecot-lda, doveadm, possibly imap process, etc. Its default
## permissions make it readable only by root, but you may need to relax these
## permissions. Users that have access to this socket are able to get a list
## of all usernames and get results of everyone's userdb lookups.
unix_listener auth-userdb {
#mode = 0600
#user =
#group =
}
## Postfix smtp-auth
unix_listener /var/spool/postfix/private/dovecot-auth {
mode = 0660
user = dovecot
group = postfix
}
## Auth process is run as this user.
#user = $default_internal_user
}
service auth-worker {
## Auth worker process is run as root by default, so that it can access
## /etc/shadow. If this isn't necessary, the user should be changed to
## $default_internal_user.
#user = root
}
service dict {
## If dict proxy is used, mail processes should have access to its socket.
## For example: mode=0660, group=vmail and global mail_access_groups=vmail
unix_listener dict {
#mode = 0600
#user =
#group =
}
}
## LDA, LMTP
## ======================================================================
## Address to use when sending rejection mails.
## Default is postmaster@<your domain>.
#postmaster_address =
## If user is over quota, return with temporary failure instead of
## bouncing the mail.
#quota_full_tempfail = no
## Binary to use for sending mails.
#sendmail_path = /usr/sbin/sendmail
## LDA
## ----------------------------------------------------------------------
## Should saving a mail to a nonexistent mailbox automatically create it?
#lda_mailbox_autocreate = no
## Should automatically created mailboxes be also automatically subscribed?
#lda_mailbox_autosubscribe = no
protocol lda {
mail_plugins = $mail_plugins
}
## LMTP
## ----------------------------------------------------------------------
## When recipient address includes the detail (e.g. user+detail), try to
## save the mail to the detail mailbox. See also recipient_delimiter and
## lda_mailbox_autocreate settings.
#lmtp_save_to_detail_mailbox = no
protocol lmtp {
mail_plugins = $mail_plugins
}
## IMAP
## ======================================================================
protocol imap {
mail_plugins = $mail_plugins imap_quota
ssl_cert = </etc/dovecot/certs/imap.example.jp.cer
ssl_key = </etc/dovecot/private/imap.example.jp.key
## Workarounds for various client bugs:
## delay-newmail:
## Send EXISTS/RECENT new mail notifications only when replying to NOOP
## and CHECK commands. Some clients ignore them otherwise, for example OSX
## Mail (<v2.1). Outlook Express breaks more badly though, without this it
## may show user "Message no longer in server" errors. Note that OE6 still
## breaks even with this workaround if synchronization is set to
## "Headers Only".
## tb-extra-mailbox-sep:
## With mbox storage a mailbox can contain either mails or submailboxes,
## but not both. Thunderbird separates these two by forcing server to
## accept '/' suffix in mailbox names in subscriptions list.
## The list is space-separated.
#imap_client_workarounds =
}
## POP3
## ======================================================================
protocol pop3 {
mail_plugins = $mail_plugins
ssl_cert = </etc/dovecot/certs/pop.example.jp.cer
ssl_key = </etc/dovecot/private/pop.example.jp.key
## If mail has X-UIDL header, use it as the mail's UIDL.
#pop3_reuse_xuidl = no
## POP3 requires message sizes to be listed as if they had CR+LF linefeeds.
## Many POP3 servers violate this by returning the sizes with LF linefeeds,
## because it's faster to get. When this setting is enabled, Dovecot still
## tries to do the right thing first, but if that requires opening the
## message, it fallbacks to the easier (but incorrect) size.
#pop3_fast_size_lookups = no
## POP3 UIDL (unique mail identifier) format to use. You can use following
## variables, along with the variable modifiers described in
## doc/wiki/Variables.txt (e.g. %Uf for the filename in uppercase)
##
## %v - Mailbox's IMAP UIDVALIDITY
## %u - Mail's IMAP UID
## %m - MD5 sum of the mailbox headers in hex (mbox only)
## %f - filename (maildir only)
## %g - Mail's GUID
##
## If you want UIDL compatibility with other POP3 servers, use:
## UW's ipop3d : %08Xv%08Xu
## Courier : %f or %v-%u (both might be used simultaneosly)
## Cyrus (<= 2.1.3) : %u
## Cyrus (>= 2.1.4) : %v.%u
## Dovecot v0.99.x : %v.%u
## tpop3d : %Mf
##
## Note that Outlook 2003 seems to have problems with %v.%u format which was
## Dovecot's default, so if you're building a new server it would be a good
## idea to change this. %08Xu%08Xv should be pretty fail-safe.
pop3_uidl_format = %f
## Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
## won't change those UIDLs. Currently this works only with Maildir.
#pop3_save_uidl = no
## Workarounds for various client bugs:
## outlook-no-nuls:
## Outlook and Outlook Express hang if mails contain NUL characters.
## This setting replaces them with 0x80 character.
## oe-ns-eoh:
## Outlook Express and Netscape Mail breaks if end of headers-line is
## missing. This option simply sends it if it's missing.
## The list is space-separated.
#pop3_client_workarounds =
}
## Quota
## ======================================================================
plugin {
quota = maildir:User quota
quota_rule = *:storage=1G
quota_warning = storage=95%% quota-warning 95 %u
}
## Quota warning
## ----------------------------------------------------------------------
## Example quota-warning service. The unix listener's permissions should be
## set in a way that mail processes can connect to it. Below example assumes
## that mail processes run as vmail user. If you use mode=0666, all system users
## can generate quota warnings to anyone.
#service quota-warning {
# executable = script /usr/local/bin/quota-warning
# user = dovecot
# unix_listener quota-warning {
# user = mail
# }
#}
## Postfix main.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment