$OpenBSD: patch-dovecot-example_conf,v 1.20 2006/07/16 02:43:08 brad Exp $ --- dovecot-example.conf.orig Sat Jul 1 16:07:32 2006 +++ dovecot-example.conf Wed Jul 5 08:41:43 2006 @@ -7,13 +7,12 @@ # value inside quotes, eg.: key = "# char and trailing whitespace " # Default values are shown after each value, it's not required to uncomment -# any of the lines. Exception to this are paths, they're just examples -# with real defaults being based on configure options. The paths listed here -# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -# --with-ssldir=/etc/ssl +# any of the lines. +# *** NOTE *** Some values HAVE been changed for OpenBSD use. + # Base directory where to store runtime data. -#base_dir = /var/run/dovecot/ +base_dir = /var/dovecot/ # Protocols we want to be serving: imap imaps pop3 pop3s #protocols = imap imaps @@ -41,7 +40,7 @@ # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. -#disable_plaintext_auth = yes +disable_plaintext_auth = yes # Should all IMAP and POP3 processes be killed when Dovecot master process # shuts down. Setting this to "no" means that Dovecot can be upgraded without @@ -86,7 +85,7 @@ # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf -#ssl_cert_file = /etc/ssl/certs/dovecot.pem +ssl_cert_file = /etc/ssl/dovecotcert.pem #ssl_key_file = /etc/ssl/private/dovecot.pem # If key file is password protected, give the password here. Alternatively @@ -118,7 +117,7 @@ # which login needs to be able to connect to. The sockets are created when # running as root, so you don't have to worry about permissions. Note that # everything in this directory is deleted when Dovecot is started. -#login_dir = /var/run/dovecot/login +login_dir = /var/dovecot/login # chroot login process to the login_dir. Only reason not to do this is if you # wish to run the whole Dovecot without roots. @@ -130,7 +129,7 @@ # only it has access, it's used to control access for authentication process. # Note that this user is NOT used to access mails. # http://wiki.dovecot.org/UserIds -#login_user = dovecot +login_user = _dovecot # Set max. process size in megabytes. If you don't use # login_process_per_connection you might need to grow this. @@ -265,7 +264,7 @@ # Don't write() to mmaped files. This is required for some operating systems # which use separate caches for them, such as OpenBSD. -#mmap_no_write = no +mmap_no_write = yes # Locking method for index files. Alternatives are fcntl, flock and dotlock. # Dotlocking uses some tricks which may create more disk I/O than other locking @@ -467,19 +466,19 @@ protocol imap { # Login executable location. - #login_executable = /usr/libexec/dovecot/imap-login + #login_executable = /usr/local/libexec/dovecot/imap-login # IMAP executable location. Changing this allows you to execute other # binaries before the imap process is executed. # # This would write rawlogs into ~/dovecot.rawlog/ directory: - # mail_executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap + # mail_executable = /usr/local/libexec/dovecot/rawlog /usr/local/libexec/dovecot/imap # # This would attach gdb into the imap process and write backtraces into # /tmp/gdbhelper.* files: - # mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap + # mail_executable = /usr/local/libexec/dovecot/gdbhelper /usr/local/libexec/dovecot/imap # - #mail_executable = /usr/libexec/dovecot/imap + #mail_executable = /usr/local/libexec/dovecot/imap # Maximum IMAP command line length in bytes. Some clients generate very long # command lines with huge mailboxes, so you may need to raise this if you get @@ -520,7 +519,7 @@ protocol imap { # but not both. Thunderbird separates these two by forcing server to # accept '/' suffix in mailbox names in subscriptions list. # The list is space-separated. - #imap_client_workarounds = outlook-idle + imap_client_workarounds = delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep } ## @@ -529,10 +528,10 @@ protocol imap { protocol pop3 { # Login executable location. - #login_executable = /usr/libexec/dovecot/pop3-login + #login_executable = /usr/local/libexec/dovecot/pop3-login # POP3 executable location - #mail_executable = /usr/libexec/dovecot/pop3 + #mail_executable = /usr/local/libexec/dovecot/pop3 # Don't try to set mails non-recent or seen with POP3 sessions. This is # mostly intended to reduce disk I/O. With maildir it doesn't move files @@ -576,7 +575,7 @@ protocol pop3 { # installations. %08Xu%08Xv will be the new default, so use it for new # installations. # - #pop3_uidl_format = + pop3_uidl_format = %08Xu%08Xv # POP3 logout format string: # %t - number of TOP commands @@ -601,7 +600,7 @@ protocol pop3 { # Outlook Express and Netscape Mail breaks if end of headers-line is # missing. This option simply sends it if it's missing. # The list is space-separated. - #pop3_client_workarounds = + pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } ## @@ -633,7 +632,7 @@ protocol lda { ## # Executable location -#auth_executable = /usr/libexec/dovecot/dovecot-auth +#auth_executable = /usr/local/libexec/dovecot/dovecot-auth # Set max. process size in megabytes. #auth_process_size = 256 @@ -745,7 +744,7 @@ auth default { # database (passwd usually), you can use static userdb. # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM # authentication to actually work. - passdb pam { + #passdb pam { # [session=yes] [setcred=yes] [cache_key=] [] # # session=yes makes Dovecot open and immediately close PAM session. Some @@ -773,13 +772,13 @@ auth default { # args = session=yes * # args = cache_key=%u dovecot #args = dovecot - } + #} # /etc/passwd or similar, using getpwnam() # In many systems nowadays this uses Name Service Switch, which is # configured in /etc/nsswitch.conf. - #passdb passwd { - #} + passdb passwd { + } # /etc/shadow or similiar, using getspnam(). Deprecated by PAM nowadays. #passdb shadow {