source: companies/serpro/doc-expressolivre/arqs-conf/etc/imapd.conf @ 903

Revision 903, 11.0 KB checked in by niltonneto, 15 years ago (diff)

Importacao inicial do Expresso do Serpro

Line 
1# Debian Cyrus imapd.conf
2# See imapd.conf(5) for more information and more options
3
4# Configuration directory
5configdirectory: /var/lib/cyrus
6
7# Which partition to use for default mailboxes
8defaultpartition: default
9partition-default: /var/spool/cyrus/mail
10
11# News setup
12partition-news: /var/spool/cyrus/news
13newsspool: /var/spool/news
14
15# Alternate namespace
16# If enabled, activate the alternate namespace as documented in
17# /usr/share/doc/cyrus21-doc/html/altnamespace.html, where an user's
18# subfolders are in the same level as the INBOX
19# See also userprefix and sharedprefix on imapd.conf(5)
20altnamespace: no
21
22# UNIX Hierarchy Convention
23# Set to yes, and cyrus will accept dots in names, and use the forward
24# slash "/" to delimit levels of the hierarchy. This is done by converting
25# internally all dots to "^", and all "/" to dots. So the "rabbit.holes"
26# mailbox of user "helmer.fudd" is stored in "user.elmer^fud.rabbit^holes"
27unixhierarchysep: yes
28
29# Munging illegal characters in headers
30# Headers of RFC2882 messages must not have characters with the 8th bit
31# set. However, too many badly-written MUAs generate this, including most
32# spamware.  Disable this if you want Cyrus to leave the crappage untouched
33# and you don't care that IMAP SEARCH won't work right anymore.
34reject8bit: no
35munge8bit: no
36
37# Forcing recipient user to lowercase
38# Cyrus 2.1 is case-sensitive.  If all your mail users are in lowercase, it is
39# probably a very good idea to set lmtp_downcase_rcpt to true.  The default is
40# to assume the user knows what he is doing, and not downcase anything.
41#lmtp_downcase_rcpt: yes
42
43# Uncomment the following and add the space-separated users who
44# have admin rights for all services.
45admins: expresso-admin
46
47# Space-separated list of users that have lmtp "admin" status (i.e. that
48# can deliver email through TCP/IP lmtp) in addition to those in the
49# admins: entry above
50#lmtp_admins: postman
51
52# Space-separated list of users that have mupdate "admin" status, in
53# addition to those in the admins: entry above. Note that mupdate slaves and
54# backends in a Murder cluster need to autenticate against the mupdate master
55# as admin users.
56#mupdate_admins: mupdateman
57
58# Space-separated list of users that have imapd "admin" status, in
59# addition to those in the admins: entry above
60#imap_admins: cyrus
61
62# Space-separated list of users that have sieve "admin" status, in
63# addition to those in the admins: entry above
64#sieve_admins: cyrus
65
66# List of users and groups that are allowed to proxy for other users,
67# seperated by spaces.  Any user listed in this will be allowed to login
68# for any other user.  Like "admins:" above, you can have imap_proxyservers
69# and sieve_proxyservers.
70#proxyservers: cyrus
71
72# No anonymous logins
73allowanonymouslogin: no
74
75# Minimum time between POP mail fetches in minutes
76popminpoll: 1
77
78# If nonzero, normal users may create their own IMAP accounts by creating
79# the mailbox INBOX.  The user's quota is set to the value if it is positive,
80# otherwise the user has unlimited quota.
81autocreatequota: 0
82
83# umask used by Cyrus programs
84umask: 077
85
86# Sendmail binary location
87# DUE TO A BUG, Cyrus sends CRLF EOLs to this program. This breaks Exim 3.
88# For now, to work around the bug, set this to a wrapper that calls
89# /usr/sbin/sendmail -dropcr instead if you use Exim 3.
90#sendmail: /usr/sbin/sendmail
91
92# If enabled, cyrdeliver will look for Sieve scripts in user's home
93# directories: ~user/.sieve.
94sieveusehomedir: false
95
96# If sieveusehomedir is false, this directory is searched for Sieve scripts.
97sievedir: /var/spool/sieve
98
99# notifyd(8) method to use for "MAIL" notifications.  If not set, "MAIL"
100# notifications are disabled.  Valid methods are: null, log, zephyr
101#mailnotifier: zephyr
102
103# notifyd(8) method to use for "SIEVE" notifications.  If not set, "SIEVE"
104# notifications are disabled.  This method is only used when no method is
105# specified in the script.  Valid methods are null, log, zephyr, mailto
106#sievenotifier: zephyr
107
108# DRAC (pop-before-smtp, imap-before-smtp) support
109# Set dracinterval to the time in minutes to call DRAC while a user is
110# connected to the imap/pop services. Set to 0 to disable DRAC (default)
111# Set drachost to the host where the rpc drac service is running
112#dracinterval: 0
113#drachost: localhost
114
115# If enabled, the partitions will also be hashed, in addition to the hashing
116# done on configuration directories. This is recommended if one partition has a
117# very bushy mailbox tree.
118hashimapspool: true
119
120# Allow plaintext logins by default (SASL PLAIN)
121allowplaintext: yes
122
123# Force PLAIN/LOGIN authentication only
124# (you need to uncomment this if you are not using an auxprop-based SASL
125# mechanism.  saslauthd users, that means you!). And pay attention to
126# sasl_minimum_layer and allowapop below, too.
127sasl_mech_list: PLAIN
128
129# Allow use of the POP3 APOP authentication command.
130# Note that this command requires that the plaintext passwords are
131# available in a SASL auxprop backend (eg. sasldb), and that the system
132# can provide enough entropy (eg. from /dev/urandom) to create a challenge
133# in the banner.
134#allowapop: no
135
136# The minimum SSF that the server will allow a client to negotiate. A
137# value of 1 requires integrity protection; any higher value requires some
138# amount of encryption.
139#sasl_minimum_layer: 0
140
141# The maximum SSF that the server will allow a client to negotiate. A
142# value of 1 requires integrity protection; any higher value requires some
143# amount of encryption.
144#sasl_maximum_layer: 256
145
146# List of remote realms whose users may log in using cross-realm
147# authentications.  Seperate each realm name by a space. A cross-realm
148# identity is considered any identity returned by SASL with an "@" in it.
149#loginrealms:
150
151#
152# SASL library options (these are handled directly by the SASL libraries,
153# refer to SASL documentation for an up-to-date list of these)
154#
155
156# The mechanism(s) used by the server to verify plaintext passwords. Possible
157# values are "saslauthd", "auxprop", "pwcheck" and "alwaystrue".  They
158# are tried in order, you can specify more than one, separated by spaces.
159#
160# Do note that, since sasl will be run as user cyrus, you may have a lot of
161# trouble to set this up right.
162sasl_pwcheck_method: saslauthd
163
164# What auxpropd plugins to load, if using sasl_pwcheck_method: auxprop
165# by default, all plugins are tried (which is probably NOT what you want).
166#sasl_auxprop_plugin: sasldb
167
168# If enabled, the SASL library will automatically create authentication secrets
169# when given a plaintext password. Refer to SASL documentation
170sasl_auto_transition: no
171
172#
173# SSL/TLS Options
174#
175
176# File containing the global certificate used for ALL services (imap, pop3,
177# lmtp, sieve)
178#tls_cert_file: /etc/ssl/certs/cyrus-global.pem
179
180# File containing the private key belonging to the global server certificate.
181#tls_key_file: /etc/ssl/private/cyrus-global.key
182
183# File containing the certificate used for imap. If not specified, the global
184# certificate is used.  A value of "disabled" will disable SSL/TLS for imap.
185#tls_imap_cert_file: /etc/ssl/certs/cyrus-imap.pem
186
187# File containing the private key belonging to the imap-specific server
188# certificate.  If not specified, the global private key is used.  A value of
189# "disabled" will disable SSL/TLS for imap.
190#tls_imap_key_file: /etc/ssl/private/cyrus-imap.key
191
192# File containing the certificate used for pop3. If not specified, the global
193# certificate is used.  A value of "disabled" will disable SSL/TLS for pop3.
194#tls_pop3_cert_file: /etc/ssl/certs/cyrus-pop3.pem
195
196# File containing the private key belonging to the pop3-specific server
197# certificate.  If not specified, the global private key is used.  A value of
198# "disabled" will disable SSL/TLS for pop3.
199#tls_pop3_key_file: /etc/ssl/private/cyrus-pop3.key
200
201# File containing the certificate used for lmtp. If not specified, the global
202# certificate is used.  A value of "disabled" will disable SSL/TLS for lmtp.
203#tls_lmtp_cert_file: /etc/ssl/certs/cyrus-lmtp.pem
204
205# File containing the private key belonging to the lmtp-specific server
206# certificate.  If not specified, the global private key is used.  A value of
207# "disabled" will disable SSL/TLS for lmtp.
208#tls_lmtp_key_file: /etc/ssl/private/cyrus-lmtp.key
209
210# File containing the certificate used for sieve. If not specified, the global
211# certificate is used.  A value of "disabled" will disable SSL/TLS for sieve.
212#tls_sieve_cert_file: /etc/ssl/certs/cyrus-sieve.pem
213
214# File containing the private key belonging to the sieve-specific server
215# certificate.  If not specified, the global private key is used.  A value of
216# "disabled" will disable SSL/TLS for sieve.
217#tls_sieve_key_file: /etc/ssl/private/cyrus-sieve.key
218
219# File containing one or more Certificate Authority (CA) certificates.
220#tls_ca_file: /etc/ssl/certs/cyrus-imapd-ca.pem
221
222# Path to directory with certificates of CAs.
223tls_ca_path: /etc/ssl/certs
224
225# The length of time (in minutes) that a TLS session will be cached for later
226# reuse.  The maximum value is 1440 (24 hours), the default.  A value of 0 will
227# disable session caching.
228tls_session_timeout: 1440
229
230# The list of SSL/TLS ciphers to allow.  The format of the string is described
231# in ciphers(1). THIS DISABLES THE WEAK 'FOR EXPORT' CRAP!
232tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
233
234# Require a client certificate for ALL services (imap, pop3, lmtp, sieve).
235#tls_require_cert: false
236
237# Require a client certificate for imap ONLY.
238#tls_imap_require_cert: false
239
240# Require a client certificate for pop3 ONLY.
241#tls_pop3_require_cert: false
242
243# Require a client certificate for lmtp ONLY.
244#tls_lmtp_require_cert: false
245
246# Require a client certificate for sieve ONLY.
247#tls_sieve_require_cert: false
248
249#
250# Cyrus Murder cluster configuration
251#
252# Set the following options to the values needed for this server to
253# autenticate against the mupdate master server:
254# mupdate_server
255# mupdate_port
256# mupdate_username
257# mupdate_authname
258# mupdate_realm
259# mupdate_password
260# mupdate_retry_delay
261
262##
263## KEEP THESE IN SYNC WITH cyrus.conf
264##
265# Unix domain socket that lmtpd listens on.
266lmtpsocket: /var/run/cyrus/socket/lmtp
267
268# Unix domain socket that idled listens on.
269idlesocket: /var/run/cyrus/socket/idle
270
271# Unix domain socket that the new mail notification daemon listens on.
272notifysocket: /var/run/cyrus/socket/notify
273
274##
275## DEBUGGING
276##
277# Debugging hook. See /usr/share/doc/cyrus21-common/README.Debian.debug
278# Keep the hook disabled when it is not in use
279#
280# gdb Back-traces
281#debug_command: /usr/bin/gdb -batch -cd=/tmp -x /usr/lib/cyrus/get-backtrace.gdb /usr/lib/cyrus/bin/%s %d >/tmp/gdb-backtrace.cyrus.%1$s.%2$d <&- 2>&1 &
282#
283# system-call traces
284#debug_command: /usr/bin/strace -tt -o /tmp/strace.cyrus.%s.%d -p %2$d <&- 2>&1 &
285#
286# library traces
287#debug_command: /usr/bin/ltrace -tt -n 2 -o /tmp/ltrace.cyrus.%s.%d -p %2$d <&- 2>&1 &
288
289# Allow rename of users
290allowusermoves: yes
291
292#Size (in kilobytes) of the shared memory buffer pool (cache) used by the berkeley environment.
293berkeley_cachesize: 2048
294
295#Maximum number of transactions to be supported in the berkeley environment.
296berkeley_txns_max: 200
297
298# Disable duplicate message suppression
299duplicatesuppression: 0
300
301#lmtpd returns a permanent failure code when a user's mailbox is over quota.
302lmtp_over_quota_perm_failure: 1
Note: See TracBrowser for help on using the repository browser.