mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2025-01-18 08:06:16 +01:00
81156c645b
Per Mozilla's guidelines: https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1d&guideline=5.6
111 lines
2.5 KiB
Django/Jinja
111 lines
2.5 KiB
Django/Jinja
auth_mechanisms = plain login
|
|
disable_plaintext_auth = yes
|
|
mail_location = mdbox:~/.mdbox
|
|
mail_plugins = $mail_plugins zlib notify mail_log
|
|
|
|
# remove domain part from username and lowercase it
|
|
auth_username_format = %Ln
|
|
|
|
namespace inbox {
|
|
hidden = no
|
|
inbox = yes
|
|
list = yes
|
|
location =
|
|
prefix =
|
|
separator = .
|
|
type = private
|
|
|
|
mailbox Trash {
|
|
auto = subscribe
|
|
special_use = \Trash
|
|
}
|
|
mailbox Drafts {
|
|
auto = subscribe
|
|
special_use = \Drafts
|
|
}
|
|
mailbox Sent {
|
|
auto = subscribe # autocreate, autosubscribe
|
|
special_use = \Sent
|
|
}
|
|
mailbox Junk {
|
|
auto = subscribe
|
|
special_use = \Junk
|
|
}
|
|
}
|
|
|
|
passdb {
|
|
driver = pam
|
|
}
|
|
plugin {
|
|
sieve = ~/.dovecot.sieve
|
|
sieve_dir = ~/.sieve
|
|
sieve_global_dir = /etc/dovecot/sieve/global/
|
|
sieve_global_path = /etc/dovecot/sieve/default.sieve
|
|
sieve_before = /etc/dovecot/sieve/spam-to-folder.sieve
|
|
|
|
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
|
|
mail_log_fields = uid box msgid size
|
|
|
|
zlib_save_level = 6
|
|
zlib_save = gz
|
|
}
|
|
protocols = imap pop3 sieve lmtp
|
|
service auth {
|
|
unix_listener auth-client {
|
|
group = postfix
|
|
user = postfix
|
|
mode = 0660
|
|
}
|
|
user = root
|
|
}
|
|
service imap-login {
|
|
# don't listen for plain imap
|
|
inet_listener imap {
|
|
port = 0
|
|
}
|
|
process_limit = 400
|
|
process_min_avail = 5
|
|
}
|
|
|
|
service pop3-login {
|
|
# don't listen for plain pop3
|
|
inet_listener pop3 {
|
|
port = 0
|
|
}
|
|
}
|
|
service lmtp {
|
|
unix_listener /var/spool/postfix/private/dovecot-lmtp {
|
|
group = postfix
|
|
user = postfix
|
|
mode = 0660
|
|
}
|
|
}
|
|
|
|
login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"
|
|
|
|
# https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=intermediate&openssl=1.1.1d&guideline=5.6
|
|
ssl_cert = </etc/letsencrypt/live/{{mail_domain}}/fullchain.pem
|
|
ssl_key = </etc/letsencrypt/live/{{mail_domain}}/privkey.pem
|
|
ssl_prefer_server_ciphers = yes
|
|
ssl_min_protocol = TLSv1.2
|
|
ssl_dh=</etc/dovecot/dh.pem
|
|
ssl_options = no_compression
|
|
|
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
|
|
|
userdb {
|
|
driver = passwd
|
|
}
|
|
protocol imap {
|
|
imap_client_workarounds = tb-extra-mailbox-sep
|
|
mail_max_userip_connections = 30
|
|
mail_plugins = $mail_plugins
|
|
}
|
|
protocol lmtp {
|
|
postmaster_address = postmaster@archlinux.org
|
|
mail_plugins = $mail_plugins sieve
|
|
}
|
|
protocol sieve {
|
|
managesieve_logout_format = bytes ( in=%i : out=%o )
|
|
}
|