## Dovecot configuration file

# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration

# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.

# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace  "

# Most (but not all) settings can be overridden by different protocols and/or
# source/destination IPs by placing the settings inside sections, for example:
# protocol imap, local 127.0.0.1 { }, remote 10.0.0.0/8 { }

# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol

# A comma separated list of IPs or hosts where to listen in for connections. 
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::
#listen = *

# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/

# Name of this instance. In multi-instance setup doveadm and other commands
# can use -i <instance_name> to select which instance is used (an alternative
# to -c <config_path>). The instance name is also added to Dovecot processes
# in ps output.
#instance_name = dovecot

# Greeting message for clients.
#login_greeting = Dovecot ready.

# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =

# Space separated list of login access check sockets (e.g. tcpwrap)
#login_access_sockets = 

# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
# proxying. This isn't necessary normally, but may be useful if the destination
# IP is e.g. a load balancer's IP.
#auth_proxy_self =

# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no

# Should all processes be killed when Dovecot master process shuts down.
# Setting this to "no" means that Dovecot can be upgraded without
# forcing existing client connections to close (although that could also be
# a problem if the upgrade is e.g. because of a security fix).
#shutdown_clients = yes

# If non-zero, run mail commands via this many connections to doveadm server,
# instead of running them directly in the same process.
#doveadm_worker_count = 0
# UNIX socket or host:port used for connecting to doveadm server
#doveadm_socket_path = doveadm-server

# Space separated list of environment variables that are preserved on Dovecot
# startup and passed down to all of its child processes. You can also give
# key=value pairs to always set specific settings.
#import_environment = TZ

##
## Dictionary server settings
##

# Dictionary can be used to store key=value lists. This is used by several
# plugins. The dictionary can be accessed either directly or though a
# dictionary server. The following dict block maps dictionary names to URIs
# when the server is used. These can then be referenced using URIs in format
# "proxy::<name>".

dict {
  #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
  #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}

# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.

!include conf.d/*.conf

# A config file can also tried to be included without giving an error if
# it's not found:

#!include_try local.conf


####### AUTHENTIFICATION #########

auth_master_user_separator = +
#auth_username_chars = *  #dovecot complains about the “*” character
#auth_username_format = %Lu
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
passdb {
        driver = passwd-file
        args = /etc/dovecot/passwd.masterusers
        master = yes
        #pass = yes
        #result_success -> doesn’t work with PAM or LDAP without auth_bind=yes, because both of them require knowing the user’s password
        #result_success=continue
}
passdb {
        # driver = shadow
        # driver = pam -> pam_unix.so module, which authenticates user from the system’s shadow password file
        driver = pam
}
userdb {
  driver = passwd
}

############ PROTOCOLS ############

# the protocols we use
protocols = imap pop3 lmtp sieve
#lmtp sieve

############ LOG ############

log_path = /var/log/dovecot.log
# If you want everything in one file, just don't specify info_log_path and debug_log_path
#info_log_path = /var/log/dovecot-info.log
# Leave empty in order to send debug-level messages to info_log_path
#debug_log_path = /var/log/dovecot-debug.log

#log_path = syslog
#debug_log_path =
#syslog_facility = mail
#auth_verbose = no
#auth_verbose_passwords = no
#auth_debug = no
#auth_debug_passwords = no
#mail_debug = no
#verbose_ssl = no

#plugin {
  #mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  # Available fields: uid, box, msgid, from, subject, size, vsize, flags
  # size and vsize are available only for expunge and copy events.
  #mail_log_fields = uid box msgid size
#}

#log_timestamp = "%b %d %H:%M:%S "
#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
#login_log_format = %$: %s
#mail_log_prefix = "%s(%u): "

# %$ - Delivery status message (e.g. "saved to INBOX")
# %m - Message-ID
# %s - Subject
# %f - From address
# %p - Physical size
# %w - Virtual size
#deliver_log_format = msgid=%m: %$

############ MAIL ############
#   %u - username
#   %n - user part in user@domain, same as %u if there's no domain
#   %d - domain part in user@domain, empty if there's no domain
#   %h - home directory

# Chemin des mails de chaque user cree sous linux
#mail_home = /home/vmail/%d/%n
mail_location = maildir:~/Maildir

namespace inbox {
  separator = /
  inbox = yes
}

# User accept to access mails
first_valid_uid = 2000
last_valid_uid = 2050
first_valid_gid = 2000
last_valid_gid = 2000

#If you use multiple, userdb
#mail_uid = 11111
#mail_gid = 11111
#mail_privileged_group = mail

# ?
#mail_plugins = $mail_plugins imap_sieve

#mail_temp_dir=/mnt/my_data/srv_mail/mail_tmp

# Directory root where to store mail attachments. Disabled, if empty.
#mail_attachment_dir = /mnt/my_data/srv_mail/

# Hash format to use in attachment filenames. You can add any text and
# variables: %{md4}, %{md5}, %{sha1}, %{sha256}, %{sha512}, %{size}.
# Variables can be truncated, e.g. %{sha256:80} returns only first 80 bits
#mail_attachment_hash = %{sha1}

#mail_attachment_min_size = 128k

# Voir /etc/dovecot/conf.d/10-mail.conf
#valid_chroot_dirs = <doc/wiki/Chrooting.txt>
#mail_chroot = <doc/wiki/Chrooting.txt>

# Maildir-specific settings

#maildir_stat_dirs = no
#maildir_copy_with_hardlinks = yes
#maildir_broken_filename_sizes = no
#maildir_empty_new = no

############ MASTER ############
# /etc/dovecot/conf.d/10-master.conf

service imap-login {

  inet_listener imap {
    port = 143
  }
  #inet_listener imaps {
  #  port = 993
  #  ssl = yes
  #}
}

#service imap {
#  service_count = 5
#  process_min_avail = 1
#}

#service lmtp {
#  unix_listener lmtp {
#    mode = 0666
#  }

  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port =
  #}
#}

#service submission-login {
#  inet_listener submission {
#    port = 587
#  }
#}

#service submission {
  # Max. number of SMTP Submission processes (connections)
  #process_limit = 1024
#}

# Postfix smtp-auth
service auth {
unix_listener /var/spool/postfix/private/auth {
   mode = 0660
   user = postfix
   group = postfix
   }
}

#service auth {
#  unix_listener auth-userdb {
#    mode = 0666
    #user = postfix
    #group = postfix
#  }
#}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  #user = root
}

############ SSL ############

ssl = yes
#ssl_ca = </etc/letsencrypt/live/domain.org/cert.pem
ssl_cert = </etc/letsencrypt/live/domain.org/fullchain.pem
ssl_key = </etc/letsencrypt/live/domain.org/privkey.pem
#ssl_dh_parameters_length = 1024
#ssl_protocols = !SSLv3 !TLSv1 !TLSv1.1 TLSv1.2
#ssl_min_protocol = 
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_prefer_server_ciphers = yes

############ MAILBOX ############

namespace inbox {
  separator = /
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox Archive {
    auto = subscribe
    special_use = \Archive
  }
}

############ IMAP ############

#imap_idle_notify_interval = 30 mins

protocol imap {
  mail_max_userip_connections = 50
  postmaster_address = postmaster@domain.org
  mail_plugins = $mail_plugins imap_sieve
}

############ LMTP ############

#protocol lmtp {
#  mail_fsync = optimized
#  postmaster_address = postmaster@domain.org
#}

############ SIEVE ############

#plugin {
#    sieve = ~/.dovecot.sieve
#    sieve_dir = ~/sieve
#    #sieve_extensions = +notify +imap4flags +imapflags +editheader +vnd.dovecot.pipe +imapsieve
#    seive_plugins = sieve_extdata sieve_extprograms
#    sieve_extensions = +notify +imap4flags +imapflags +editheader +vnd.dovecot.pipe +imapsieve +vnd.dovecot.filter +vnd.dovecot.extdata
#}

plugin {
  sieve_plugins = sieve_imapsieve sieve_extprograms

  sieve_global_dir=/etc/dovecot/sieve

  # From elsewhere to Spam folder
  imapsieve_mailbox1_name = Junk
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_before = file:/etc/dovecot/sieve/report-spam.sieve

  # From Spam folder to elsewhere
  imapsieve_mailbox2_name = *
  imapsieve_mailbox2_from = Junk
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_before = file:/etc/dovecot/sieve/report-ham.sieve

  sieve_pipe_bin_dir = /etc/dovecot/sieve

  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment