From 829f4d830aefedd95a75e61cfc9aa3e03f039c6f Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Tue, 19 May 2020 02:40:48 +0200 Subject: IMAP: Update role to Debian Buster. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For `ssl_cipher_list` we pick the suggested value from https://ssl-config.mozilla.org/#server=dovecot&version=2.3.9&config=intermediate&openssl=1.1.1d At the moment it's equivalent (modulo order) to adding ‘EDH+AESGCM+aRSA’ to ‘EECDH+AESGCM:EECDH+CHACHA20!MEDIUM!LOW!EXP!aNULL!eNULL’. --- roles/IMAP/files/etc/dovecot/conf.d/20-imap.conf | 29 +++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) (limited to 'roles/IMAP/files/etc/dovecot/conf.d/20-imap.conf') diff --git a/roles/IMAP/files/etc/dovecot/conf.d/20-imap.conf b/roles/IMAP/files/etc/dovecot/conf.d/20-imap.conf index 3ddedce..de1fbbb 100644 --- a/roles/IMAP/files/etc/dovecot/conf.d/20-imap.conf +++ b/roles/IMAP/files/etc/dovecot/conf.d/20-imap.conf @@ -21,10 +21,17 @@ imap_hibernate_timeout = 15s # %{fetch_body_count} - Number of mails with mail body data sent to client # %{fetch_body_bytes} - Number of bytes with mail body data sent to client # %{deleted} - Number of mails where client added \Deleted flag -# %{expunged} - Number of mails that client expunged +# %{expunged} - Number of mails that client expunged, which does not +# include automatically expunged mails +# %{autoexpunged} - Number of mails that were automatically expunged after +# client disconnected # %{trashed} - Number of mails that client copied/moved to the # special_use=\Trash mailbox. -#imap_logout_format = in=%i out=%o +# %{appended} - Number of mails saved during the session +#imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} \ +# trashed=%{trashed} hdr_count=%{fetch_hdr_count} \ +# hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} \ +# body_bytes=%{fetch_body_bytes} # Override the IMAP CAPABILITY response. If the value begins with '+', # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). @@ -65,9 +72,25 @@ imap_hibernate_timeout = 15s # Host allowed in URLAUTH URLs sent by client. "*" allows all. #imap_urlauth_host = +# Enable IMAP LITERAL- extension (replaces LITERAL+) +#imap_literal_minus = no + +# What happens when FETCH fails due to some internal error: +# disconnect-immediately: +# The FETCH is aborted immediately and the IMAP client is disconnected. +# disconnect-after: +# The FETCH runs for all the requested mails returning as much data as +# possible. The client is finally disconnected without a tagged reply. +# no-after: +# Same as disconnect-after, but tagged NO reply is sent instead of +# disconnecting the client. If the client attempts to FETCH the same failed +# mail more than once, the client is disconnected. This is to avoid clients +# from going into infinite loops trying to FETCH a broken mail. +#imap_fetch_failure = disconnect-immediately + protocol imap { # Space separated list of plugins to load (default is global mail_plugins). - mail_plugins = $mail_plugins imap_stats imap_zlib + mail_plugins = $mail_plugins imap_zlib # Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. -- cgit v1.2.3