50 lines
1.3 KiB
Django/Jinja
50 lines
1.3 KiB
Django/Jinja
# https://ssl-config.mozilla.org/#server=dovecot&version=2.3.8&config=intermediate&openssl=1.1.1g&guideline=5.6
|
|
ssl = required
|
|
|
|
ssl_cert = <{{ tls_certs }}/{{ mail_server }}-fullchain.crt
|
|
ssl_key = <{{ tls_private }}/{{ mail_server }}.key
|
|
|
|
ssl_dh = <{{ tls_certs }}/ffdhe3072.pem
|
|
|
|
ssl_min_protocol = TLSv1.2
|
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
|
ssl_prefer_server_ciphers = no
|
|
|
|
# kerberos
|
|
auth_gssapi_hostname = "$ALL"
|
|
auth_krb5_keytab = /etc/dovecot/dovecot.keytab
|
|
auth_mechanisms = gssapi plain login
|
|
|
|
# enable only imap
|
|
protocols = imap
|
|
|
|
# use index from tmpfs
|
|
mail_location = mbox:~/imapmail/:INBOX=/var/mail/%u:INDEX=/var/spool/dovecot/index/home/%u
|
|
|
|
# special icons for mailboxes
|
|
namespace inbox {
|
|
mailbox spam {
|
|
special_use = \Junk
|
|
}
|
|
mailbox Sent {
|
|
auto = subscribe
|
|
special_use = \Sent
|
|
}
|
|
mailbox Trash {
|
|
auto = subscribe
|
|
special_use = \Trash
|
|
}
|
|
}
|
|
|
|
# imap specific
|
|
protocol imap {
|
|
mail_max_userip_connections = 20
|
|
imap_idle_notify_interval = 29 mins
|
|
}
|
|
|
|
# disable plain text imap
|
|
service imap-login {
|
|
inet_listener imap {
|
|
port = 0
|
|
}
|
|
}
|