From a4b88d46526632705d92b2902d3604907afbcbc9 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 25 Jun 2014 18:46:35 +0200 Subject: Install dovecot from backports (for imapc). Interesting features include caching of mail headers (v2.2.8+) as well as new IMAP capabilities. --- .../IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf | 1 + .../IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf | 20 ++++++++++++++++---- .../files/etc/dovecot/conf.d/20-imapc.conf | 5 ++--- roles/IMAP-proxy/tasks/main.yml | 2 +- roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf | 3 ++- 5 files changed, 22 insertions(+), 9 deletions(-) diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf index 229ac94..1abea0c 100644 --- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf +++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf @@ -6,6 +6,7 @@ # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. +# See also ssl=required setting. disable_plaintext_auth = yes # Authentication cache size (e.g. 10M). 0 means it's disabled. Note that diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf index f106af5..e19b507 100644 --- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf +++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf @@ -98,7 +98,7 @@ namespace inbox { #list = children #} # Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"? -#mail_shared_explicit_inbox = yes +#mail_shared_explicit_inbox = no # System user and group used to access mails. If you use multiple, userdb # can override these by returning uid or gid fields. You can use either numbers @@ -124,6 +124,10 @@ mail_gid = imapproxy # or ~user/. #mail_full_filesystem_access = no +# Dictionary for key=value mailbox attributes. Currently used by URLAUTH, but +# soon intended to be used by METADATA as well. +#mail_attribute_dict = + ## ## Mail processes ## @@ -207,6 +211,10 @@ mail_plugins = virtual ## Mailbox handling optimizations ## +# Mailbox list indexes can be used to optimize IMAP STATUS commands. They are +# also required for IMAP NOTIFY extension to be enabled. +mailbox_list_index = yes + # The minimum number of mails in a mailbox before updates are done to cache # file. This allows optimizing Dovecot's behavior to do less disk writes at # the cost of more disk reads. @@ -276,8 +284,14 @@ mail_plugins = virtual # in is important to avoid deadlocks if other MTAs/MUAs are using multiple # locking methods as well. Some operating systems don't allow using some of # them simultaneously. +# +# The Debian value for mbox_write_locks differs from upstream Dovecot. It is +# changed to be compliant with Debian Policy (section 11.6) for NFS safety. +# Dovecot: mbox_write_locks = dotlock fcntl +# Debian: mbox_write_locks = fcntl dotlock +# #mbox_read_locks = fcntl -#mbox_write_locks = dotlock fcntl +#mbox_write_locks = fcntl dotlock # Maximum time to wait for lock (all of them) before aborting. #mbox_lock_timeout = 5 mins @@ -341,8 +355,6 @@ mail_plugins = virtual # also allows single instance storage for them. Other backends don't support # this for now. -# WARNING: This feature hasn't been tested much yet. Use at your own risk. - # Directory root where to store mail attachments. Disabled, if empty. #mail_attachment_dir = diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf index 47785a4..32cc391 100644 --- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf +++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf @@ -12,7 +12,6 @@ imapc_user = %u mail_prefetch_count = 20 # The list of valid features can be found there -# http://hg.dovecot.org/dovecot-2.1/file/f572fbafb445/src/lib-storage/index/imapc/imapc-settings.c +# http://hg.dovecot.org/dovecot-2.2/file/tip/src/lib-storage/index/imapc/imapc-settings.c # (in the struct 'imapc_feature_list imapc_feature_list') -imapc_features = rfc822.size - +imapc_features = rfc822.size fetch-headers diff --git a/roles/IMAP-proxy/tasks/main.yml b/roles/IMAP-proxy/tasks/main.yml index f76ee72..4a1984c 100644 --- a/roles/IMAP-proxy/tasks/main.yml +++ b/roles/IMAP-proxy/tasks/main.yml @@ -1,5 +1,5 @@ - name: Install Dovecot - apt: pkg={{ item }} + apt: pkg={{ item }} default_release={{ ansible_lsb.codename }}-backports with_items: - dovecot-core - dovecot-imapd diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf index ba8e646..c611bfc 100644 --- a/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf +++ b/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf @@ -26,6 +26,7 @@ # In case of password mismatches, log the attempted password. Valid values are # no, plain and sha1. sha1 can be useful for detecting brute force password # attempts vs. user simply trying the same password over and over again. +# You can also truncate the value to n chars by appending ":n" (e.g. sha1:6). #auth_verbose_passwords = no # Even more verbose logging for debugging purposes. Shows for example SQL @@ -65,7 +66,7 @@ log_timestamp = "%Y-%m-%d %H:%M:%S " # string. #login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c -# Login log format. %$ contains login_log_format_elements string, %s contains +# Login log format. %s contains login_log_format_elements string, %$ contains # the data we want to log. #login_log_format = %$: %s -- cgit v1.2.3