#
# Logging
#
log_path = /data/dovecot/dovecot.log
#
# Email storage
#
# Store emails in /data/mail/home/domain/user, which will be inside the
# container's volume.
mail_home = /data/mail/home/%d/%n
# Use Dovecot's native format.
mail_location = mdbox:~/mdbox
# User and group used to store and access mailboxes.
mail_uid = dovecot
mail_gid = dovecot
# As we're using virtual mailboxes, the system user will be "dovecot", which
# has uid in the 100-500 range. By default using uids <500 is blocked, so we
# need to explicitly lower the value to allow storage of mail as "dovecot".
first_valid_uid = 100
first_valid_gid = 100
#
# Authentication
#
# Static file, in /data/dovecot/users.
auth_mechanisms = plain
passdb {
driver = passwd-file
args = scheme=CRYPT username_format=%u /data/dovecot/users
}
userdb {
driver = passwd-file
args = /data/dovecot/users
}
#
# TLS
#
# TLS is mandatory.
# The entrypoint generates auto-ssl.conf, with all the certificates.
ssl = required
!include_try /etc/dovecot/auto-ssl.conf
# Only allow TLS 1.2 and up.
ssl_min_protocol = TLSv1.2
#
# Protocols
#
protocols = lmtp imap pop3 sieve
#
# IMAP
#
service imap-login {
inet_listener imap {
# Disable plain text IMAP, just in case.
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service imap {
}
#
# POP3
#
service pop3-login {
inet_listener pop3 {
# Disable plain text POP3, just in case.
port = 0
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
}
#
# Sieve/managesieve
#
service managesieve-login {
}
service managesieve {
}
protocol sieve {
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
#
# Internal services
#
service auth {
unix_listener auth-userdb {
}
# Grant chasquid access to request user authentication.
unix_listener auth-chasquid-userdb {
mode = 0660
user = chasquid
}
unix_listener auth-chasquid-client {
mode = 0660
user = chasquid
}
}
service auth-worker {
}
dict {
}
service lmtp {
# This is used by mda-lmtp.
unix_listener lmtp {
}
}