cd_dovecot | Parameters

The following parameters are used in cd_puppetdb. They editable via params.pp or can be overridden through ENC (recommended). Values changed will take immediate effect at next puppet run. Services will be restarted where necessary.

  • pkg_ensure (string) (defaults to: 'latest')

    Specify the package type i.e. latest or present.

  • dt_manage_config (boolean) (defaults to: true)

    Whether we want to fully manage the dovecot configuration. if set to false, only the binaries are installed.

  • dt_imap_u_name (string) (defaults to: 'dovecot')

    Mame of the imap privileged user.

  • dt_imap_u_comment (string) (defaults to: 'Dovecot Imap Service User')

    User comment for the privileged IMAP user in /etc/passwd. shows up in email notifications from the dovecot service.

  • dt_imap_u_uid (string) (defaults to: '97')

    UID for the privileged IMAP user.

  • dt_imap_u_groups (string) (defaults to: undef)

    Any secondary groups teh privileged IMAP user should be in. Must not contain the primary group.

  • dt_imap_u_man_home (boolean) (defaults to: true)

    Whether the user home for the privileged IMAP user should be managed by Puppet.

  • dt_imap_u_home (string) (defaults to: '/usr/libexec/dovecot')

    The home for the privileged IMAP user.

  • dt_imap_u_shell (string) (defaults to: '/sbin/nologin')

    The shell for the privileged IMAP user, which never should be allowed to login.

  • dt_purge_keys (boolean) (defaults to: true)

    Whether we want to purge any SSH keys being added to the authorized_keys file for the service users.

  • dt_null_u_name (string) (defaults to: 'dovenull')

    Name for the unprivileged IMAP service user.

  • dt_null_u_comment (STRING) (defaults to: 'Dovecot unauthorized user')

    User comment for the unprivileged IMAP service user. Shows up in email notifications from the Dovecot service.

  • dt_null_u_uid (string) (defaults to: '993')

    UID for the unprivileged IMAP service user.

  • dt_null_u_groups (string) (defaults to: undef)

    Any secondary groups the unprivileged IMAP service user should be in . Must not contain primary group.

  • dt_null_u_man_home (boolean) (defaults to: true)

    Whether the user home for the unprivileged IMAP service user should be managed by Puppet.

  • dt_null_u_home (string) (defaults to: '/usr/libexec/dovecot')

    The home for the unprivileged IMAP user.

  • dt_null_u_shell (string) (defaults to: '/sbin/nologin')

    The shell for the unprivileged IMAP service user, which never should be allowed to login

  • dt_protocols (string) (defaults to: 'imap lmtp')

    Template parameter. Which protocols we want to support.

  • dt_listen (string) (defaults to: '*,::')

    Template parameter. Which interface dovecot should listen on.

  • dt_instance_name (string) (defaults to: 'dovecot')

    Template parameter. The name of the dovecot instance.

  • dt_login_greeting (string) (defaults to: 'Dovecot ready.')

    Template parameter The greeting for clients logging in.

  • dt_login_trusted_networks (string) (defaults to: '')

    network range for trusted clients allowed to login.

  • dt_login_access_sockets (string) (defaults to: '')

    Template parameter. Dovecot login processes can check via UNIX socket if the incoming connection should be allowed to log in. This is most importantly implemented to enable TCP wrappers support for Dovecot.

  • dt_auth_proxy_self (string) (defaults to: '')

    Template parameter setting in dovecot.conf can be used to specify extra IPs that are also considered to be the proxy's own IPs

  • dt_verbose_proctitle (string) (defaults to: 'no')

    Template parameter whether we want to show verbose process titles in ps -ef etc.

  • dt_shutdown_clients (string) (defaults to: 'yes')

    Template parameter. setting controls whether existing IMAP and POP3 sessions are killed

  • dt_doveadm_worker_count (string) (defaults to: '0')

    Template parameter If non-zero, run mail commands via this many connections to doveadm server, instead of running them directly in the same process.

  • dt_doveadm_socket_path (string) (defaults to: 'doveadm-server')

    Template parameter UNIX socket or host:port used for connecting to doveadm server

  • dt_import_environment (string) (defaults to: 'TZ')

    Template parameter Space separated list of environment variables that are preserved on Dovecot startup and passed down to all of its child processes. You can also give key=value pairs to always set specific settings.

  • dt_enable_dict_quota (boolean) (defaults to: false)

    Template parameter Whether to enable dict quota

  • dt_dict_quota (string) (defaults to: 'mysql:/etc/dovecot/dovecot-dict-sql.conf.ext')

    Template parameter dict quota extension

  • dt_enable_dict_expire (boolean) (defaults to: false)

    Template parameter Whether to enable dict_expire.

  • dt_dict_expire (string) (defaults to: 'sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext')

    Template parameter. dict quota expiration extension

  • dt_enable_cyrus (boolean) (defaults to: true)

    Whether to enable Cyrus,

  • dt_smtpd_sasl_type (string) (defaults to: 'dovecot')

    The Cyrus sasl type

  • dt_smtpd_sasl_path (string) (defaults to: 'private/auth')

    The Cyrus sasl path

  • dt_smtpd_sasl_auth_enable (string) (defaults to: 'yes')

    Whether to enable Cyrus sasl auth.

  • dt_smtpd_recipient_restrictions (string) (defaults to: 'permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination')

    Cyrus related smtpd recipient restrictions

  • dt_broken_sasl_auth_clients (string) (defaults to: 'yes')

    should we support broken email clients

  • dt_smtpd_tls_auth_only (string) (defaults to: 'no')

    should we accept tls authentication only.

  • dt_smtp_use_tls (string) (defaults to: 'yes')

    should we use tls for smtp.

  • dt_smtpd_use_tls (string) (defaults to: 'yes')

    should we use tls for the smtpd daemon

  • dt_smtp_tls_note_starttls_offer (string) (defaults to: 'yes')

    should we offer starttls to email clients

  • dt_smtpd_tls_key_file (string) (defaults to: '/etc/postfix/ssl/smtpd.key')

    path and name of the TLS key file

  • dt_smtpd_tls_cert_file (string) (defaults to: '/etc/postfix/ssl/smtpd.crt')

    path and name of the TLS cert file

  • dt_smtpd_tls_cafile (string) (defaults to: '/etc/postfix/ssl/cacert.pem')

    path and name of teh TLS ca-cert file

  • dt_smtpd_tls_loglevel (string) (defaults to: '1')

    Enable additional Postfix SMTP server logging of TLS activity.

  • dt_smtpd_tls_received_header (string) (defaults to: 'yes')

    Request that the Postfix SMTP server produces Received: message headers that include information about the protocol and cipher used, as well as the remote SMTP client CommonName and client certificate issuer CommonName. This is disabled by default, as the information may be modified in transit through other mail servers. Only information that was recorded by the final destination can be trusted.

  • dt_smtpd_tls_session_cache_tmout (string) (defaults to: '3600s')

    The expiration time of Postfix SMTP server TLS session cache information.

  • dt_tls_random_source (string) (defaults to: 'dev:/dev/urandom')

    The external entropy source for the in-memory tlsmgr(8) pseudo random number generator (PRNG) pool.

  • dt_enable_fw (boolean) (defaults to: true)

    whether to enable managing the firewall

  • dt_fw_order_no (string) (defaults to: '50')

    prefix for the firewall rule ordering, i.e. to ensure it is located in the right order in your iptables to be effective. Check with 'iptables -L -n' and adjust to your environment if applicable.

  • dt_disable_plaintext_auth (string) (defaults to: 'yes')

    wther to disable plaintext passwords

  • dt_auth_cache_size (string) (defaults to: '10M')

    maximum memory size for caching passdb/userdb lookups in MB

  • dt_auth_cache_ttl (string) (defaults to: '1 hour')

    Time to live in seconds for cache entries

  • dt_auth_cache_negative_ttl (string) (defaults to: '1 hour')

    If a passdb or userdb lookup didn't return any data (i.e. the user doesn't exist), it's also stored in the cache as a negative entry.

  • dt_auth_realms (string) (defaults to: '')

    Realms are an integral part of Digest-MD5. You will need to specify realms you want to advertise to the client in the config file

  • dt_auth_default_realm (string) (defaults to: '')

    default auth realm

  • dt_auth_username_chars (string) (defaults to: 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@')

    allowed username characters

  • dt_auth_username_translation (string) (defaults to: '')

    Username character translations before it's looked up from databases.

  • dt_auth_username_format (string) (defaults to: '%Lu')

    Username formatting before it's looked up from databases

  • dt_auth_master_user_separator (string) (defaults to: '')

    If you want to allow master users to log in by specifying the master username within the normal username string (ie. not using SASL mechanism's support for it), you can specify the separator character here.

  • dt_auth_anonymous_username (string) (defaults to: 'anonymous')

    Username to use for users logging in with ANONYMOUS SASL mechanism.

  • dt_auth_worker_max_count (string) (defaults to: '30')

    Maximum number of dovecot-auth worker processes.

  • dt_auth_gssapi_hostname (string) (defaults to: '')

    Host name to use in GSSAPI principal names.

  • dt_auth_krb5_keytab (string) (defaults to: '')

    Kerberos keytab to use for the GSSAPI mechanism.

  • dt_auth_use_winbind (string) (defaults to: 'no')

    Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and ntlm_auth helper.

  • dt_auth_winbind_helper_path (string) (defaults to: '/usr/bin/ntlm_auth')

    Path for Samba's ntlm_auth helper binary.

  • dt_auth_failure_delay (string) (defaults to: '2 secs')

    Number of seconds to delay before replying to failed authentications.

  • dt_auth_ssl_require_client_cert (string) (defaults to: 'yes')

    Require a valid SSL client certificate or the authentication fails.

  • dt_auth_ssl_username_from_cert (string) (defaults to: 'no')

    Take the username from client's SSL certificate

  • dt_auth_mechanisms (string) (defaults to: 'plain login')

    Space separated list of wanted authentication mechanisms: plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey gss-spnego

  • dt_incl_auth_system (boolean) (defaults to: true)

    Whether to include auth_system extension

  • dt_incl_auth_deny (boolean) (defaults to: false)

    Whether to include auth_deny extension

  • dt_incl_auth_master (boolean) (defaults to: false)

    Whether to include auth_master extension

  • dt_incl_auth_sql (boolean) (defaults to: false)

    Whether to include auth_sql extension

  • dt_incl_auth_ldap (boolean) (defaults to: false)

    Whether to include auth_ldap extension

  • dt_incl_auth_passwdfile (boolean) (defaults to: false)

    Whether to include auth_passwd extension

  • dt_incl_auth_checkpassword (boolean) (defaults to: false)

    Whether to include auth_checkpassword extension

  • dt_incl_auth_vpopmail (string) (defaults to: false)

    Whether to include auth_vpopmail extension

  • dt_incl_auth_static (string) (defaults to: false)

    Whether to include auth_static extension

  • dt_enable_director (boolean) (defaults to: false)

    Whether to enable dovecot directors. Director can be used by Dovecot proxy to keep a temporary user -> mail server mapping

  • dt_director_servers (string) (defaults to: '')

    List of IPs or hostnames to all director servers, including ourself. Only active if dt_enable_director is set to true.

  • dt_director_mail_servers (string) (defaults to: '')

    List of IPs or hostnames to all backend mail servers.Only active if dt_enable_director is set to true.

  • dt_director_user_expire (string) (defaults to: '15 min')

    How long to redirect users to a specific server after it no longer has any connections. Only active if dt_enable_director is set to true.

  • dt_director_doveadm_port (string) (defaults to: '0')

    TCP/IP port that accepts doveadm connections (instead of director connections). Only active if dt_enable_director is set totrue.

  • dt_director_username_hash (string) (defaults to: '%Lu')

    How the username is translated before being hashed. Only active if dt_enable_director is set to true.

  • dt_director_inet_listener_port (string) (defaults to: '9090')

    the port for the director

  • dt_log_path (string) (defaults to: 'syslog')

    Log file to use for error messages.

  • dt_info_log_path (string) (defaults to: '$log_path')

    Log file to use for informational messages

  • dt_debug_log_path (string) (defaults to: '$log_path')

    Log file to use for debug messages.

  • dt_syslog_facility (string) (defaults to: 'mail')

    Syslog facility to use if you're logging to syslog.

  • dt_auth_verbose (string) (defaults to: 'no')

    Log unsuccessful authentication attempts and the reasons why they failed.

  • dt_auth_verbose_passwords (string) (defaults to: 'no')

    In case of password mismatches, log the attempted password.

  • dt_auth_debug (string) (defaults to: 'no')

    Even more verbose logging for debugging purposes.

  • dt_auth_debug_passwords (string) (defaults to: 'no')

    In case of password mismatches, log the passwords and used scheme so the problem can be debugged

  • dt_mail_debug (string) (defaults to: 'no')

    Enable mail process debugging.

  • dt_verbose_ssl (string) (defaults to: 'no')

    Show protocol level SSL errors.

  • dt_enable_mail_log_events (boolean) (defaults to: false)

    Used in config template to enable mail log plugin settings.

  • dt_mail_log_events (string) (defaults to: 'delete undelete expunge copy mailbox_delete mailbox_rename flag_change append')

    Events to log. available values : delete undelete expunge copy mailbox_delete mailbox_rename. only active if dt_enable_mail_log_events is set to true.

  • dt_mail_log_fields (string) (defaults to: 'uid, box, msgid, from, subject, size, vsize, flags')

    available fields: uid, box, msgid, from, subject, size, vsize, flags

  • dt_log_timestamp (string) (defaults to: '%b %d %H:%M:%S')

    Prefix for each line written to log file.

  • dt_login_log_format_elements (string) (defaults to: 'user=<%u> method=%m rip=%r lip=%l mpid=%e %c')

    Space-separated list of elements we want to log.

  • dt_login_log_format (string) (defaults to: '%$: %s')

    Login log format. %s contains login_log_format_elements string, %$ contains the data we want to log.

  • dt_mail_log_prefix (string) (defaults to: '%s(%u): ')

    Log prefix for mail processes.

  • dt_deliver_log_format (string) (defaults to: 'msgid=%m: %$')

    Format to use for logging mail deliveries.

  • dt_mail_location (string) (defaults to: 'maildir:~/Maildir')

    Location for users' mailboxes

  • dt_enable_namespace (boolean) (defaults to: true)

    Whether to enable name spaces. If you need to set multiple mailbox locations or want to change default namespace settings, you can do it by defining namespace sections.

  • dt_namespace_type (string) (defaults to: 'private')

    You can have private, shared and public namespaces.

  • dt_mail_uid (string) (defaults to: '')

    System user used to access mails.

  • dt_mail_gid (string) (defaults to: '')

    System group used to access mails.

  • dt_mail_privileged_group (string) (defaults to: 'mail')

    Group to enable temporarily for privileged operations

  • dt_mail_access_groups (string) (defaults to: '')

    Grant access to these supplementary groups for mail processes.

  • dt_mail_full_filesystem_access (string) (defaults to: 'no')

    Allow full filesystem access to clients. There's no access checks other than what the operating system does for the active UID/GID.

  • dt_mmap_disable (string) (defaults to: 'no')

    Don't use mmap() at all. This is required if you store indexes to shared filesystems (NFS or clustered filesystem).

  • dt_dotlock_use_excl (string) (defaults to: 'yes')

    Rely on O_EXCL to work when creating dotlock files.

  • dt_mail_fsync (string) (defaults to: 'optimized')

    When to use fsync() or fdatasync() calls: optimized (default): Whenever necessary to avoid losing important data always: Useful with e.g. NFS when write()s are delayed never: Never use it (best performance, but crashes can lose data)

  • dt_mail_nfs_storage (string) (defaults to: 'no')

    Mail storage exists in NFS. Set this to yes to make Dovecot flush NFS caches whenever needed. If you're using only a single mail server this isn't needed.

  • dt_mail_nfs_index (string) (defaults to: 'no')

    Mail index files also exist in NFS. Setting this to yes requires mmap_disable=yes and fsync_disable=no.

  • dt_lock_method (string) (defaults to: 'fcntl')

    Locking method for index files. Alternatives are fcntl, flock and dotlock.

  • dt_mail_temp_dir (string) (defaults to: '/tmp')

    Directory in which LDA/LMTP temporarily stores incoming mails

  • dt_first_valid_uid (string) (defaults to: '500')

    Valid UID range for users, defaults to 500 and above. This is mostly to make sure that users can't log in as daemons or other system users.

  • dt_last_valid_uid (string) (defaults to: '0')

    This is mostly to make sure that users can't log in as daemons or other system users.

  • dt_first_valid_gid (string) (defaults to: '1')

    Valid GID range for users, defaults to non-root/wheel. Users having non-valid GID as primary group ID aren't allowed to log in.

  • dt_last_valid_gid (string) (defaults to: '0')

    Valid GID range for users, defaults to non-root/wheel. Users having non-valid GID as primary group ID aren't allowed to log in.

  • dt_mail_max_keyword_length (string) (defaults to: '50')

    Maximum allowed length for mail keyword name.

  • dt_valid_chroot_dirs (string) (defaults to: '')

    separated list of directories under which chrooting is allowed for mail processes

  • dt_mail_chroot (string) (defaults to: '')

    Default chroot directory for mail processes.

  • dt_auth_socket_path (string) (defaults to: '/var/run/dovecot/auth-userdb')

    NIX socket path to master authentication server to find users.

  • dt_mail_plugin_dir (string) (defaults to: '/usr/lib64/dovecot')

    Directory where to look up mail plugins.

  • dt_mail_plugins (string) (defaults to: '')

    pace separated list of plugins to load for all services.

  • dt_mail_cache_min_mail_count (string) (defaults to: '0')

    The minimum number of mails in a mailbox before updates are done to cache file.

  • dt_mailbox_idle_check_interval (string) (defaults to: '30 secs')

    When IDLE command is running, mailbox is checked once in a while to see if there are any new mails or other changes.

  • dt_mail_save_crlf (string) (defaults to: 'no')

    Save mails with CR+LF instead of plain LF.

  • dt_maildir_stat_dirs (string) (defaults to: 'no')

    By default LIST command returns all entries in maildir beginning with a dot.

  • dt_maildir_copy_with_hardlinks (string) (defaults to: 'yes')

    When copying a message, do it with hard links whenever possible

  • dt_maildir_very_dirty_syncs (string) (defaults to: 'no')

    Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only when its mtime changes unexpectedly or when we can't find the mail otherwise.

  • dt_mbox_read_locks (string) (defaults to: 'fcntl')

    Which locking methods to use for locking mbox: dotlock / dotlock_try, fcntl, flock, lockf

  • dt_mbox_write_locks (string) (defaults to: 'fcntl')

    Which locking methods to use for locking mbox: dotlock / dotlock_try, fcntl, flock, lockf

  • dt_mbox_lock_timeout (string) (defaults to: '5 mins')

    Maximum time to wait for lock (all of them) before aborting.

  • dt_mbox_dotlock_change_timeout (string) (defaults to: '2mins')

    If dotlock exists but the mailbox isn't modified in any way, override the lock file after this much time

  • dt_mbox_dirty_syncs (string) (defaults to: 'yes')

    When mbox changes unexpectedly we have to fully read it to find out what changed. If the mbox is large this can take a long time.

  • dt_mbox_very_dirty_syncs (string) (defaults to: 'no')

    Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE, EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored.

  • dt_mbox_lazy_writes (string) (defaults to: 'yes')

    Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK commands and when closing the mailbox).

  • dt_mbox_min_index_size (string) (defaults to: '0')

    If mbox size is smaller than this (e.g. 100k), don't write index files. If an index file already exists it's still read, just not updated.

  • dt_mdbox_rotate_size (string) (defaults to: '2M')

    Maximum dbox file size until it's rotated.

  • dt_mdbox_rotate_interval (string) (defaults to: '1d')

    Maximum dbox file age until it's rotated. Typically in days.

  • dt_mdbox_preallocate_space (string) (defaults to: 'no')

    When creating new mdbox files, immediately preallocate their size to mdbox_rotate_size.

  • dt_mail_attachment_dir (string) (defaults to: '')

    Directory root where to store mail attachments. Disabled, if empty.

  • dt_mail_attachment_min_size (string) (defaults to: '128k')

    Attachments smaller than this aren't saved externally.

  • dt_mail_attachment_fs (string) (defaults to: 'sis posix')

    Filesystem backend to use for saving attachments:

  • dt_mail_attachment_hash (string) (defaults to: '%{sha1}')

    Hash format to use in attachment filenames

  • dt_mail_shared_explicit_inbox (string) (defaults to: 'no')

    Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"?

  • dt_mail_attribute_dict (string) (defaults to: '')

    Dictionary for key=value mailbox attributes.

  • dt_mailbox_list_index (string) (defaults to: 'no')

    Mailbox list indexes can be used to optimize IMAP STATUS commands.

  • dt_mail_prefetch_count (string) (defaults to: '0')

    Max number of mails to keep open and prefetch to memory.

  • dt_mail_temp_scan_interval (string) (defaults to: '1w')

    How often to scan for stale

  • dt_maildir_broken_filename_sizes (string) (defaults to: 'no')

    If enabled, Dovecot doesn't use the S=<size> in the Maildir filenames for getting the mail's physical size, except when recalculating Maildir++ quota.

  • dt_mbox_md5 (string) (defaults to: 'apop3d')

    Mail header selection algorithm to use for MD5 POP3 UIDLs when pop3_uidl_format=%m.

  • dt_default_process_limit (string) (defaults to: '100')

    max concurrent processes

  • dt_default_client_limit (string) (defaults to: '1000')

    max concurrent clients

  • dt_default_vsz_limit (string) (defaults to: '256M')

    Default VSZ (virtual memory size) limit for service processes.

  • dt_default_login_user (string) (defaults to: 'dovenull')

    Login user is internally used by login processes.

  • dt_default_internal_user (string) (defaults to: 'dovecot')

    Internal user is used by unprivileged processes. It should be separate from login user, so that login processes can't disturb other processes.

  • dt_imap_port (string) (defaults to: '143')

    the port to use for IMAP. Also ppens firewall port if firewall management is enabled.

  • dt_enable_imaps (boolean) (defaults to: false)

    whether to enable IMAPs.

  • dt_imap_s_port (string) (defaults to: '993')

    the port for IMAPs. only active if dt_enable_imaps is set to true

  • dt_imap_service_count (string) (defaults to: '1')

    Number of connections to handle before starting a new process.

  • dt_imap_login_process_min_avail (string) (defaults to: '0')

    Number of processes to always keep waiting for more connections

  • dt_imap_login_vsz_limit (string) (defaults to: '64M')

    If you set service_count=0, you probably need to grow this.

  • dt_enable_pop3 (boolean) (defaults to: false)

    Whether to enable POP3.

  • dt_pop3_port (string) (defaults to: '110')

    The port for POP3. Also opens firewall port if firewall management is enabled.

  • dt_enable_pop3_s (boolean) (defaults to: false)

    Whether to enable POP3s.

  • dt_pop3_s_port (string) (defaults to: '995')

    The port fpr POP3s. Also opens firewall port if firewall management is enabled.

  • dt_pop3_process_limit (string) (defaults to: '1024')

    Max. number of POP3 processes

  • dt_enable_lmtp (string) (defaults to: true)

    Whether to enable LMTP.

  • dt_lmtp_listener_mode (string) (defaults to: '0600')

    the mode for the lmtp listener

  • dt_lmtp_worldreadable (boolean) (defaults to: false)

    Whether we want to make the LMTP listener visible for the internet.

  • dt_inet_lmtp_address (string) (defaults to: undef)

    The ipaddress for the LMTP listener. only active if dt_lmtp_worldreadable is set to true.

  • dt_inet_lmtp_port (string) (defaults to: undef)

    the listener LMTP port only active if dt_lmtp_worldreadable is set to true.

  • dt_imap_service_vsz_limit (string) (defaults to: '256M')

    Most of the memory goes to mmap()ing files. You may need to increase this limit if you have huge mailboxes.

  • dt_imap_service_process_limit (string) (defaults to: '1024')

    max IMAP processes

  • dt_unix_listener_authdb_mode (string) (defaults to: '0600')

    Mode for the authdb listener

  • dt_unix_listener_authdb_user (string) (defaults to: 'root')

    User for the authdb listener

  • dt_unix_listener_authdb_group (string) (defaults to: 'root')

    Group for the authdb listener

  • dt_unix_listener_smtp_auth_mode (string) (defaults to: '0666')

    Mode for the SMTP-authdb listener

  • dt_service_auth_worker_user (string) (defaults to: 'root')

    User for the auth_worker service

  • dt_service_dict_mode (string) (defaults to: '0660')

    The mode for the dict service

  • dt_service_dict_user (string) (defaults to: 'vmail')

    The user for the dict service

  • dt_service_dict_user_uid (string) (defaults to: '992')

    UID for the dict service

  • dt_service_dict_u_manage_home (string) (defaults to: true)

    Whether to manage the user home for the dict service user.

  • dt_service_dict_u_home_path (string) (defaults to: '/home')

    the path for the user home for dict service user

  • dt_service_dict_user_shell (string) (defaults to: '/sbin/nologin')

    Shell for the dict service user

  • dt_ssl_tls_support (string) (defaults to: 'required')

    SSL/TLS support: yes, no, required.

  • dt_ssl_cert_path (string) (defaults to: '</etc/pki/dovecot/certs/dovecot.pem')

    Path for the ssl certificate.

  • dt_ssl_key_path (string) (defaults to: '</etc/pki/dovecot/private/dovecot.pem')

    Path for the ssl private key.

  • dt_ssl_ca_path (string) (defaults to: '</etc/pki/dovecot/certs/ca.pem')

    Path for the ssl ca certificate.

  • dt_ssl_require_crl (string) (defaults to: 'yes')

    whether we want to require a crl.

  • dt_ssl_client_ca_dir (string) (defaults to: '/etc/pki/tls/')

    path to the client CA file.

  • dt_ssl_client_ca_file (string) (defaults to: 'cert.pem')

    Name of the client CA file.

  • dt_ssl_enable_key_password (string) (defaults to: false)

    whether to enable a password for accessing the private SSL key (i.e. if it is encrypted)

  • dt_ssl_key_password_path (string) (defaults to: undef)

    path to a file containing the password for the encrypted SSL key, only active if dt_ssl_enable_key_password is set to true. Only required if key was encrypted at creation.

  • dt_ssl_key_password (string) (defaults to: undef)

    The password for the SSL key, if not contained in a hidden file. only active if dt_ssl_enable_key_password<code>is set to</code>false`. Only required if key was encrypted at creation.

  • dt_ssl_client_verify_cert (string) (defaults to: false)

    Whether we want to verify the client certificate. Requires a valied CA certificate.

  • dt_ssl_cert_username_field (string) (defaults to: 'commonName')

    Which field from certificate to use for username

  • dt_ssl_parameters_regenerate (string) (defaults to: '0')

    How often to regenerate the SSL parameters file. Generation is quite CPU intensive operation. The value is in hours, 0 disables regeneration entirely.

  • dt_ssl_dh_parameters_length (string) (defaults to: '2048')

    DH parameters length to use.

  • dt_ssl_protocols (string) (defaults to: '!SSLv2 !SSLv3')

    SSL protocols to use

  • dt_ssl_cipher_list (string) (defaults to: 'ALL:!LOW:!SSLv2:!SSLv3!EXP:!aNULL')

    SSL ciphers to use

  • dt_ssl_prefer_server_ciphers (string) (defaults to: 'no')

    Prefer the server's order of ciphers over client's.

  • dt_ssl_crypto_device (string) (defaults to: '')

    SSL crypto device to use, for valid values run "openssl engine"

  • dt_postmaster_address (string) (defaults to: "postmaster.${::domain}")

    Address to use when sending rejection mails.

  • dt_lda_hostname (string) (defaults to: $::fqdn)

    Hostname to use in various parts of sent mails (e.g. in Message-Id) and in LMTP replies.

  • dt_lda_quota_full_tempfail (string) (defaults to: 'no')

    f user is over quota, return with temporary failure instead of bouncing the mail.

  • dt_lda_sendmail_path (string) (defaults to: '/usr/sbin/sendmail.postfix')

    Binary to use for sending mails.

  • dt_lda_submission_host (string) (defaults to: '')

    If non-empty, send mails via this SMTP host instead of sendmail.

  • dt_lda_rejection_subject (string) (defaults to: 'Rejected: %s')

    Subject: header to use for rejection mails.

  • dt_lda_rejection_reason (string) (defaults to: 'Your message to <%t> was automatically rejected:%n%r')

    Human readable error message for rejection mails.

  • dt_lda_recipient_delimiter (string) (defaults to: '+')

    Delimiter character between local-part and detail in email address.

  • dt_lda_original_recipient_header (string) (defaults to: 'X-Original-To')

    Header where the original recipient address (SMTP's RCPT TO: address) is taken from if not available elsewhere

  • dt_lda_mailbox_autocreate (string) (defaults to: 'no')

    Should saving a mail to a nonexistent mailbox automatically create it?

  • dt_lda_mailbox_autosubscribe (string) (defaults to: 'no')

    Should automatically created mailboxes be also automatically subscribed?

  • dt_lda_mail_plugins (string) (defaults to: '$mail_plugins')

    Space separated list of plugins to load (default is global mail_plugins).

  • dt_mailbox_auto (string) (defaults to: 'no')

    Whether to create mailboxes automatically valid options are create, subscribe, no

  • dt_mailbox_special_use (string) (defaults to: '\All \Archive \Drafts \Flagged \Junk \Sent \Trash')

    Space separated list of IMAP SPECIAL-USE attributes as specified by RFC 6154: \All \Archive \Drafts \Flagged \Junk \Sent \Trash

  • dt_use_virtual_all_messages (boolean) (defaults to: false)

    Whether to use a virtual "all messages" inbox

  • dt_use_virtual_flag_messages (boolean) (defaults to: false)

    Whether to use a virtual "flagged messages" inbox

  • dt_imap_max_line_length (string) (defaults to: '64k')

    Maximum IMAP command line length

  • dt_imap_logout_format (string) (defaults to: 'in=%i out=%o')

    IMAP logout format string

  • dt_imap_capability (string) (defaults to: '')

    Override the IMAP CAPABILITY response

  • dt_imap_idle_notify_interval (string) (defaults to: '2 mins')

    How long to wait between "OK Still here" notifications when client is IDLEing.

  • dt_imap_id_send (string) (defaults to: '*')

    ID field names and values to send to clients.

  • dt_imap_id_log (string) (defaults to: '*')

    ID fields sent by client to log.

  • dt_imap_client_workarounds (string) (defaults to: 'delay-newmail tb-extra-mailbox-sep tb-lsub-flags')

    Workarounds for various client bugs

  • dt_imap_urlauth_host (string) (defaults to: '*')

    Host allowed in URLAUTH URLs sent by client.

  • dt_imap_mail_plugins (string) (defaults to: '$mail_plugins')

    Space separated list of plugins to load (default is global mail_plugins).

  • dt_mail_max_userip_connections (string) (defaults to: '10')

    Maximum number of IMAP connections allowed for a user from each IP address.

  • dt_lmtp_proxy (string) (defaults to: 'no')

    Support proxying to other LMTP/SMTP servers by performing passdb lookups.

  • dt_lmtp_save_to_detail_mailbox (string) (defaults to: 'no')

    When recipient address includes the detail (e.g. user+detail), try to save the mail to the detail mailbox.

  • dt_lmtp_rcpt_check_quota (string) (defaults to: 'no')

    Verify quota before replying to RCPT TO.

  • dt_lmpt_mail_plugins (string) (defaults to: '$mail_plugins')

    Space separated list of plugins to load (default is global mail_plugins).

  • dt_pop3_no_flag_updates (string) (defaults to: 'no')

    Don't try to set mails non-recent or seen with POP3 sessions.

  • dt_pop3_enable_last (string) (defaults to: 'no')

    Support LAST command which exists in old POP3 specs, but has been removed from new ones.

  • dt_pop3_reuse_xuidl (string) (defaults to: 'no')

    If mail has X-UIDL header, use it as the mail's UIDL.

  • dt_pop3_lock_session (string) (defaults to: 'no')

    Allow only one POP3 session to run simultaneously for the same user.

  • dt_pop3_fast_size_lookups (string) (defaults to: 'no')

    POP3 requires message sizes to be listed as if they had CR+LF linefeeds.

  • dt_pop3_uidl_format (string) (defaults to: '%08Xu%08Xv')

    POP3 UIDL (unique mail identifier) format to use.

  • dt_pop3_save_uidl (string) (defaults to: 'no')

    Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes won't change those UIDLs.

  • dt_pop3_uidl_duplicates (string) (defaults to: 'allow')

    What to do about duplicate UIDLs if they exist? Valid options are allow and rename.

  • dt_pop3_deleted_flag (string) (defaults to: '')

    This option changes POP3 behavior so that it's not possible to actually delete mails via POP3.

  • dt_pop3_logout_format (string) (defaults to: 'top=%t/%p, retr=%r/%b, del=%d/%m, size=%s')

    POP3 logout format string

  • dt_pop3_client_workarounds (string) (defaults to: '')

    outlook-no-nuls, oe-ns-eoh,

  • dt_pop3_mail_plugins (string) (defaults to: '$mail_plugins')

    Space separated list of plugins to load (default is global mail_plugins).

  • dt_pop3_max_userip_connections (string) (defaults to: '10')

    Maximum number of POP3 connections allowed for a user from each IP address

  • dt_enable_acl (boolean) (defaults to: false)

    whether we want to enable ACLs for email.

  • dt_acl_vfile (string) (defaults to: 'vfile:/etc/dovecot/global-acls:cache_secs=300')

    vfile backend reads ACLs from “dovecot-acl” file from mail directory. only active ifdt_enable_acl is set to true

  • dt_acl_shared_dict (string) (defaults to: 'file:/var/lib/dovecot/shared-mailboxes')

    To let users LIST mailboxes shared by other users, Dovecot needs a shared mailbox dictionary. only active if dt_enable_acl is set to true

  • dt_enable_mail_plugins (boolean) (defaults to: false)

    Whether to enable mail plugins

  • dt_enable_quota (boolean) (defaults to: false)

    Whether to enable mail quotas. Requires dt_enable_mail_plugins to be set to true and the qouta plugin to be listed indt_mail_plugins.

  • dt_storage_quota (string) (defaults to: '*:storage=1G')

    Value for storage quotas.

  • dt_trash_quota (string) (defaults to: 'Trash:storage=+100M')

    Value for the trash quota

  • dt_quota_grace (string) (defaults to: '10%%')

    Value for the quota grace.

  • dt_quota_crit_warn (string) (defaults to: 'storage=95%% quota-warning 95 %u')

    critical quota warning

  • dt_quota_soft_warn (string) (defaults to: 'storage=80%% quota-warning 80 %u')

    soft quota warning

  • dt_quota_backend (string) (defaults to: 'fs:User quota')

    Specify the quota backend

See Also:

Leave a Reply