1 files changed, 13 insertions, 4 deletions

diff --git a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2
index b7aead3..1bf13b0 100644
--- a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2
+++ b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2
@@ -40,93 +40,102 @@ service imap-login {
   process_min_avail = 4
 
   # If you set service_count=0, you probably need to grow this.
   #vsz_limit = $default_vsz_limit
 }
 
 service pop3-login {
   inet_listener pop3 {
     #port = 110
   }
   inet_listener pop3s {
     #port = 995
     #ssl = yes
   }
 }
 
 service lmtp {
   user = vmail
 
   unix_listener /var/spool/postfix-{{ postfix_instance.IMAP.name }}/private/dovecot-lmtpd {
-    group = postfix
     user = postfix
     mode = 0600
   }
 
   # Create inet listener only if you can't use the above UNIX socket
   #inet_listener lmtp {
     # Avoid making LMTP visible for the entire internet
     #address =
     #port = 
   #}
 
   # Number of processes to always keep waiting for more connections.
   process_min_avail = 4
 }
 
 service imap {
   # Most of the memory goes to mmap()ing files. You may need to increase this
   # limit if you have huge mailboxes.
   #vsz_limit = $default_vsz_limit
 
   # Max. number of IMAP processes (connections)
   #process_limit = 1024
+
+  unix_listener imap-master {
+    user = $default_internal_user
+    mode = 0600
+  }
+}
+
+service imap-hibernate {
+  unix_listener imap-hibernate {
+    user = vmail
+    mode = 0600
+  }
 }
 
 service pop3 {
   # Max. number of POP3 processes (connections)
   #process_limit = 1024
 }
 
 service auth {
   # auth_socket_path points to this userdb socket by default. It's typically
   # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
   # full permissions to this socket are able to get a list of all usernames and
   # get the results of everyone's userdb lookups.
   #
   # The default 0666 mode allows anyone to connect to the socket, but the
   # userdb lookups will succeed only if the userdb returns an "uid" field that
   # matches the caller process's UID. Also if caller's uid or gid matches the
   # socket's uid or gid the lookup succeeds. Anything else causes a failure.
   #
   # To give the caller full permissions to lookup all users, set the mode to
   # something else than 0666 and Dovecot lets the kernel enforce the
   # permissions (e.g. 0777 allows everyone full permissions).
   unix_listener auth-userdb {
-    mode = 0600
     user = vmail
-    group = root
+    mode = 0600
   }
 
   # Postfix smtp-auth
   unix_listener /var/spool/postfix-{{ postfix_instance.MSA.name }}/private/dovecot-auth {
-    group = postfix
     user = postfix
     mode = 0600
   }
 
   # Auth process is run as this user.
   #user = $default_internal_user
 }
 
 service auth-worker {
   # Auth worker process is run as root by default, so that it can access
   # /etc/shadow. If this isn't necessary, the user should be changed to
   # $default_internal_user.
   user = $default_internal_user
 }
 
 service dict {
   # If dict proxy is used, mail processes should have access to its socket.
   # For example: mode=0660, group=vmail and global mail_access_groups=vmail
   unix_listener dict {
     #mode = 0600