1
0
Fork 0
mirror of https://github.com/DO1JLR/ansible_playbook_servers.git synced 2024-09-14 19:53:56 +02:00
ansible_playbook_servers/roles/mailserver_dovecot/templates/dovecot.conf.j2

164 lines
3.6 KiB
Text
Raw Normal View History

2021-01-10 03:15:31 +01:00
# {{ ansible_managed }}
###
### Aktivierte Protokolle
#############################
protocols = imap lmtp sieve
###
### TLS Config
### Quelle: https://ssl-config.mozilla.org/#server=dovecot&version=2.3.9&config=intermediate&openssl=1.1.1d&guideline=5.4
#######################
ssl = required
ssl_cert = <{{ mailserver__ssl_cert }}
ssl_key = <{{ mailserver__ssl_key }}
ssl_dh = </etc/dovecot/dh4096.pem
ssl_min_protocol = TLSv1.2
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_prefer_server_ciphers = yes
###
### Dovecot services
################################
service imap-login {
inet_listener imap {
port = 143
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0660
group = postfix
user = postfix
}
user = {{ mailserver__user }}
}
service auth {
### Auth socket für Postfix
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
### Auth socket für LMTP-Dienst
unix_listener auth-userdb {
mode = 0660
user = {{ mailserver__user }}
group = {{ mailserver__group }}
}
}
###
### Protocol settings
#############################
protocol imap {
mail_plugins = $mail_plugins quota imap_quota imap_sieve
mail_max_userip_connections = 20
imap_idle_notify_interval = 29 mins
}
protocol lmtp {
postmaster_address = {{ mailserver__postmaster_address }}
mail_plugins = $mail_plugins sieve notify push_notification
}
###
### Client authentication
#############################
disable_plaintext_auth = yes
auth_mechanisms = plain login
auth_username_format = %Lu
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
###
### Mail location
#######################
mail_uid = {{ mailserver__user }}
mail_gid = {{ mailserver__group }}
mail_privileged_group = {{ mailserver__group }}
mail_home = {{ mailserver__home }}/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
###
### Mailbox configuration
########################################
namespace inbox {
inbox = yes
mailbox Spam {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
}
###
### Mail plugins
############################
plugin {
sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_before = {{ mailserver__home }}/sieve/global/spam-global.sieve
sieve = file:{{ mailserver__home }}/sieve/%d/%n/scripts;active={{ mailserver__home }}/sieve/%d/%n/active-script.sieve
###
### Spam learning
###
# From elsewhere to Spam folder
imapsieve_mailbox1_name = Spam
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_before = file:{{ mailserver__home }}/sieve/global/learn-spam.sieve
# From Spam folder to elsewhere
imapsieve_mailbox2_name = *
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_before = file:{{ mailserver__home }}/sieve/global/learn-ham.sieve
sieve_pipe_bin_dir = /usr/bin
sieve_global_extensions = +vnd.dovecot.pipe
quota = maildir:User quota
quota_exceeded_message = Benutzer %u hat das Speichervolumen überschritten. / User %u has exhausted allowed storage space.
}