blob: aed5df8b2de85490a485d64adfeff449c06aa2ad (
plain)
- #default_process_limit = 100
- #default_client_limit = 1000
- # Default VSZ (virtual memory size) limit for service processes. This is mainly
- # intended to catch and kill processes that leak memory before they eat up
- # everything.
- #default_vsz_limit = 256M
- # Login user is internally used by login processes. This is the most untrusted
- # user in Dovecot system. It shouldn't have access to anything at all.
- #default_login_user = dovenull
- # Internal user is used by unprivileged processes. It should be separate from
- # login user, so that login processes can't disturb other processes.
- #default_internal_user = dovecot
- service imap-login {
- inet_listener imap {
- #port = 143
- }
- inet_listener imaps {
- #port = 993
- #ssl = yes
- }
- # Number of connections to handle before starting a new process. Typically
- # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
- # is faster. <doc/wiki/LoginProcess.txt>
- #service_count = 1
- # Number of processes to always keep waiting for more connections.
- #process_min_avail = 0
- # If you set service_count=0, you probably need to grow this.
- #vsz_limit = $default_vsz_limit
- }
- service pop3-login {
- inet_listener pop3 {
- #port = 110
- }
- inet_listener pop3s {
- #port = 995
- #ssl = yes
- }
- }
- service lmtp {
- unix_listener lmtp {
- #mode = 0666
- }
- unix_listener /var/spool/postfix/private/dovecot-lmtp {
- group = postfix
- mode = 0600
- user = postfix
- }
- # Create inet listener only if you can't use the above UNIX socket
- #inet_listener lmtp {
- # Avoid making LMTP visible for the entire internet
- #address =
- #port =
- #}
- }
- service imap {
- # Most of the memory goes to mmap()ing files. You may need to increase this
- # limit if you have huge mailboxes.
- #vsz_limit = $default_vsz_limit
- # Max. number of IMAP processes (connections)
- #process_limit = 1024
- }
- service pop3 {
- # Max. number of POP3 processes (connections)
- #process_limit = 1024
- }
- service auth {
- # auth_socket_path points to this userdb socket by default. It's typically
- # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
- # full permissions to this socket are able to get a list of all usernames and
- # get the results of everyone's userdb lookups.
- #
- # The default 0666 mode allows anyone to connect to the socket, but the
- # userdb lookups will succeed only if the userdb returns an "uid" field that
- # matches the caller process's UID. Also if caller's uid or gid matches the
- # socket's uid or gid the lookup succeeds. Anything else causes a failure.
- #
- # To give the caller full permissions to lookup all users, set the mode to
- # something else than 0666 and Dovecot lets the kernel enforce the
- # permissions (e.g. 0777 allows everyone full permissions).
- unix_listener auth-userdb {
- mode = 0660
- user = dovecot
- group = mail
- }
- # Postfix smtp-auth
- unix_listener /var/spool/postfix/private/auth {
- mode = 0600
- user = postfix
- group = postfix
- }
- # unix_listener /var/run/ejabberd/auth {
- # mode = 0660
- # user = ejabberd
- # group = ejabberd
- # }
- # Auth process is run as this user.
- #user = $default_internal_user
- }
- service auth-worker {
- # Auth worker process is run as root by default, so that it can access
- # /etc/shadow. If this isn't necessary, the user should be changed to
- # $default_internal_user.
- #user = root
- }
- service dict {
- # If dict proxy is used, mail processes should have access to its socket.
- # For example: mode=0660, group=vmail and global mail_access_groups=vmail
- unix_listener dict {
- #mode = 0600
- #user =
- #group =
- }
- }
|
