43 lines
2.2 KiB
Diff
43 lines
2.2 KiB
Diff
|
diff -up dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf.default-settings dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf
|
||
|
--- dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf.default-settings 2021-08-06 11:25:51.000000000 +0200
|
||
|
+++ dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf 2021-10-27 11:13:45.666956339 +0200
|
||
|
@@ -175,7 +175,7 @@ namespace inbox {
|
||
|
# to make sure that users can't log in as daemons or other system users.
|
||
|
# Note that denying root logins is hardcoded to dovecot binary and can't
|
||
|
# be done even if first_valid_uid is set to 0.
|
||
|
-#first_valid_uid = 500
|
||
|
+first_valid_uid = 1000
|
||
|
#last_valid_uid = 0
|
||
|
|
||
|
# Valid GID range for users, defaults to non-root/wheel. Users having
|
||
|
@@ -322,6 +322,7 @@ protocol !indexer-worker {
|
||
|
# them simultaneously.
|
||
|
#mbox_read_locks = fcntl
|
||
|
#mbox_write_locks = dotlock fcntl
|
||
|
+mbox_write_locks = fcntl
|
||
|
|
||
|
# Maximum time to wait for lock (all of them) before aborting.
|
||
|
#mbox_lock_timeout = 5 mins
|
||
|
diff -up dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf.default-settings dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf
|
||
|
--- dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf.default-settings 2021-08-06 11:25:51.000000000 +0200
|
||
|
+++ dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf 2021-10-27 11:13:02.834533975 +0200
|
||
|
@@ -3,7 +3,9 @@
|
||
|
##
|
||
|
|
||
|
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
|
||
|
-#ssl = yes
|
||
|
+# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
|
||
|
+# plain imap and pop3 are still allowed for local connections
|
||
|
+ssl = required
|
||
|
|
||
|
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
|
||
|
# dropping root privileges, so keep the key file unreadable by anyone but
|
||
|
@@ -64,6 +66,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
|
||
|
#ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
|
||
|
# To disable non-EC DH, use:
|
||
|
#ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
|
||
|
+ssl_cipher_list = PROFILE=SYSTEM
|
||
|
|
||
|
# Colon separated list of elliptic curves to use. Empty value (the default)
|
||
|
# means use the defaults from the SSL library. P-521:P-384:P-256 would be an
|