!include conf.d/*.conf namespace inbox { type = private inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = create special_use = \Junk autoexpunge = 30d } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash autoexpunge = 360d } prefix = } mail_location = maildir:/var/mail/vmail/%d/%n protocols = imap lmtp sieve ssl = required ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem ssl_dh = </etc/ssl/certs/dhparam.pem ssl_min_protocol = TLSv1.2 ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305 ssl_prefer_server_ciphers = no login_greeting = IMAPd ready auth_mechanisms = plain login first_valid_uid = 65534 disable_plaintext_auth = yes mail_plugins = $mail_plugins zlib old_stats fts fts_xapian plugin { zlib_save_level = 6 zlib_save = gz sieve = /var/mail/vmail/sieve/%d/%n.sieve sieve_dir = /var/mail/vmail/sieve/%d/%n/ sieve_extensions = +vnd.dovecot.pipe sieve_pipe_bin_dir = /var/mail/vmail/sieve/bin sieve_plugins = sieve_imapsieve sieve_extprograms sieve_user_log = /var/mail/vmail/sieve/%d/%n.log old_stats_refresh = 30 secs old_stats_track_cmds = yes fts = xapian fts_xapian = partial=3 full=20 fts_autoindex = yes fts_enforced = yes # Index attachements fts_decoder = decode2text % if node.has_bundle('rspamd'): sieve_before = /var/mail/vmail/sieve/global/spam-global.sieve # From elsewhere to Spam folder imapsieve_mailbox1_name = Junk imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_before = file:/var/mail/vmail/sieve/global/learn-spam.sieve # From Spam folder to elsewhere imapsieve_mailbox2_name = * imapsieve_mailbox2_from = Junk imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_before = file:/var/mail/vmail/sieve/global/learn-ham.sieve % endif } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } unix_listener auth-userdb { mode = 0660 user = nobody group = nogroup } } service decode2text { executable = script /usr/lib/dovecot/decode2text.sh user = dovecot unix_listener decode2text { mode = 0666 } } service indexer-worker { vsz_limit = 0 process_limit = 0 } service imap { executable = imap } service imap-login { service_count = 1 process_min_avail = 8 vsz_limit = 64M } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } } userdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf } protocol lmtp { mail_plugins = $mail_plugins sieve postmaster_address = ${admin_email} } protocol imap { mail_plugins = $mail_plugins imap_zlib imap_sieve imap_old_stats mail_max_userip_connections = 50 imap_idle_notify_interval = 29 mins } protocol sieve { plugin { sieve = /var/mail/vmail/sieve/%d/%n.sieve sieve_storage = /var/mail/vmail/sieve/%d/%n/ } } service old-stats { % if node.has_bundle('telegraf'): inet_listener { address = 127.0.0.1 port = 24242 } % endif unix_listener old-stats { mode = 0660 user = nobody group = nogroup } fifo_listener old-stats-mail { mode = 0660 user = nobody group = nogroup } fifo_listener old-stats-user { mode = 0660 user = nobody group = nogroup } }