1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
--- a/doc/example-config/conf.d/10-mail.conf
+++ b/doc/example-config/conf.d/10-mail.conf
@@ -208,10 +208,10 @@
# UNIX socket path to master authentication server to find users.
# This is used by imap (for shared users) and lda.
-#auth_socket_path = /var/run/dovecot/auth-userdb
+#auth_socket_path = /run/dovecot/auth-userdb
# Directory where to look up mail plugins.
-#mail_plugin_dir = /usr/lib/dovecot
+#mail_plugin_dir = /usr/lib/dovecot/modules
# Space separated list of plugins to load for all services. Plugins specific to
# IMAP, LDA, etc. are added to this list in their own .conf files.
@@ -322,6 +322,7 @@ protocol !indexer-worker {
# them simultaneously.
#mbox_read_locks = fcntl
#mbox_write_locks = dotlock fcntl
+mbox_write_locks = fcntl
# Maximum time to wait for lock (all of them) before aborting.
#mbox_lock_timeout = 5 mins
--- a/doc/example-config/conf.d/10-ssl.conf
+++ b/doc/example-config/conf.d/10-ssl.conf
@@ -3,7 +3,10 @@
##
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
-#ssl = yes
+# Disable plain (unencrypted) POP3 and IMAP, allowed are only POP3+TLS,
+# POP3S, IMAP+TLS and IMAPS.
+# Plain IMAP and POP3 are still allowed for local connections.
+ssl = required
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
@@ -57,6 +59,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
#ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
# To disable non-EC DH, use:
#ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+ssl_cipher_list = PROFILE=SYSTEM
# Colon separated list of elliptic curves to use. Empty value (the default)
# means use the defaults from the SSL library. P-521:P-384:P-256 would be an
|
