# # Logging # log_path = /data/dovecot/dovecot.log # # Email storage # # Store emails in /data/mail/home/domain/user, which will be inside the # container's volume. mail_home = /data/mail/home/%d/%n # Use Dovecot's native format. mail_location = mdbox:~/mdbox # User and group used to store and access mailboxes. mail_uid = dovecot mail_gid = dovecot # As we're using virtual mailboxes, the system user will be "dovecot", which # has uid in the 100-500 range. By default using uids <500 is blocked, so we # need to explicitly lower the value to allow storage of mail as "dovecot". first_valid_uid = 100 first_valid_gid = 100 # # Authentication # # Static file, in /data/dovecot/users. auth_mechanisms = plain passdb { driver = passwd-file args = scheme=CRYPT username_format=%u /data/dovecot/users } userdb { driver = passwd-file args = /data/dovecot/users } # # TLS # # TLS is mandatory. # The entrypoint generates auto-ssl.conf, with all the certificates. ssl = required !include_try /etc/dovecot/auto-ssl.conf # Only allow TLS 1.2 and up. ssl_min_protocol = TLSv1.2 # # Protocols # protocols = lmtp imap pop3 sieve # # IMAP # service imap-login { inet_listener imap { # Disable plain text IMAP, just in case. port = 0 } inet_listener imaps { port = 993 ssl = yes } } service imap { } # # POP3 # service pop3-login { inet_listener pop3 { # Disable plain text POP3, just in case. port = 0 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { } # # Sieve/managesieve # service managesieve-login { } service managesieve { } protocol sieve { } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } # # Internal services # service auth { unix_listener auth-userdb { } # Grant chasquid access to request user authentication. unix_listener auth-chasquid-userdb { mode = 0660 user = chasquid } unix_listener auth-chasquid-client { mode = 0660 user = chasquid } } service auth-worker { } dict { } service lmtp { # This is used by mda-lmtp. unix_listener lmtp { } }