2005-01-07 21:52:28 +00:00
|
|
|
--- dovecot-0.99.13/dovecot-example.conf 2004-12-29 13:00:24.000000000 -0500
|
2005-01-17 20:12:57 +00:00
|
|
|
+++ dovecot-0.99.13/dovecot.conf 2005-01-17 11:49:56.000000000 -0500
|
2005-01-13 20:24:42 +00:00
|
|
|
@@ -1,30 +1,24 @@
|
2004-12-23 20:17:34 +00:00
|
|
|
## Dovecot 1.0 configuration file
|
|
|
|
|
|
|
|
-# Default values are shown after each value, it's not required to uncomment
|
|
|
|
-# any of the lines. Exception to this are paths, they're just examples
|
|
|
|
-# with real defaults being based on configure options. The paths listed here
|
|
|
|
-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
|
|
|
|
-# --with-ssldir=/etc/ssl
|
|
|
|
-
|
|
|
|
# Base directory where to store runtime data.
|
|
|
|
#base_dir = /var/run/dovecot/
|
|
|
|
|
|
|
|
# Protocols we want to be serving:
|
|
|
|
# imap imaps pop3 pop3s
|
|
|
|
-#protocols = imap imaps
|
|
|
|
+protocols = imap imaps pop3 pop3s
|
|
|
|
|
|
|
|
# IP or host address where to listen in for connections. It's not currently
|
|
|
|
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
|
2005-01-13 20:24:42 +00:00
|
|
|
# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
|
|
|
|
# interfaces depending on the operating system. You can specify ports with
|
|
|
|
# "host:port".
|
|
|
|
-#imap_listen = *
|
|
|
|
-#pop3_listen = *
|
|
|
|
+imap_listen = [::]
|
|
|
|
+pop3_listen = [::]
|
2004-12-23 20:17:34 +00:00
|
|
|
|
|
|
|
# IP or host address where to listen in for SSL connections. Defaults
|
|
|
|
# to above non-SSL equilevants if not specified.
|
2005-01-07 21:52:28 +00:00
|
|
|
-#imaps_listen =
|
|
|
|
-#pop3s_listen =
|
|
|
|
+imaps_listen = [::]
|
|
|
|
+pop3s_listen = [::]
|
|
|
|
|
|
|
|
# Disable SSL/TLS support.
|
|
|
|
#ssl_disable = no
|
2004-12-23 20:17:34 +00:00
|
|
|
@@ -33,8 +27,8 @@
|
|
|
|
# dropping root privileges, so keep the key file unreadable by anyone but
|
|
|
|
# root. Included doc/mkcert.sh can be used to easily generate self-signed
|
|
|
|
# certificate, just make sure to update the domains in dovecot-openssl.cnf
|
|
|
|
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
|
|
|
|
-#ssl_key_file = /etc/ssl/private/dovecot.pem
|
2005-04-22 21:01:48 +00:00
|
|
|
+ssl_cert_file = /etc/pki/dovecot/dovecot.pem
|
|
|
|
+ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
|
2004-12-23 20:17:34 +00:00
|
|
|
|
|
|
|
# SSL parameter file. Master process generates this file for login processes.
|
|
|
|
# It contains Diffie Hellman and RSA parameters.
|
|
|
|
@@ -70,7 +64,7 @@
|
|
|
|
# which login needs to be able to connect to. The sockets are created when
|
|
|
|
# running as root, so you don't have to worry about permissions. Note that
|
|
|
|
# everything in this directory is deleted when Dovecot is started.
|
|
|
|
-#login_dir = /var/run/dovecot/login
|
|
|
|
+login_dir = /var/run/dovecot-login
|
|
|
|
|
|
|
|
# chroot login process to the login_dir. Only reason not to do this is if you
|
|
|
|
# wish to run the whole Dovecot without roots.
|
2005-01-17 20:12:57 +00:00
|
|
|
@@ -308,7 +302,7 @@
|
|
|
|
# with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
|
|
|
|
# and flock. Some operating systems don't allow using both of them
|
|
|
|
# simultaneously, eg. BSDs. If dotlock is used, it's always created first.
|
|
|
|
-#mbox_locks = dotlock fcntl
|
|
|
|
+mbox_locks = fcntl
|
|
|
|
|
|
|
|
# Should we create dotlock file even when we want only a read-lock? Setting
|
|
|
|
# this to yes hurts the performance when the mailbox is accessed simultaneously
|
2004-12-23 20:17:34 +00:00
|
|
|
diff -u -r dovecot-0.99.11.orig/doc/mkcert.sh dovecot-0.99.11/doc/mkcert.sh
|
|
|
|
--- dovecot-0.99.11.orig/doc/mkcert.sh 2004-07-22 20:04:37.000000000 -0400
|
|
|
|
+++ dovecot-0.99.11/doc/mkcert.sh 2004-12-22 16:33:20.000000000 -0500
|
|
|
|
@@ -4,11 +4,12 @@
|
|
|
|
# Edit dovecot-openssl.cnf before running this.
|
|
|
|
|
|
|
|
OPENSSL=${OPENSSL-openssl}
|
|
|
|
-SSLDIR=${SSLDIR-/etc/ssl}
|
|
|
|
-OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
|
2005-04-22 21:01:48 +00:00
|
|
|
+SSLDIR=${SSLDIR-/etc/pki/dovecot}
|
2004-12-23 20:17:34 +00:00
|
|
|
+OPENSSLCONFIG=${OPENSSLCONFIG-$SSLDIR/dovecot-openssl.cnf}
|
|
|
|
+CERTNAME=${CERTNAME-dovecot}
|
|
|
|
|
|
|
|
-CERTFILE=$SSLDIR/certs/imapd.pem
|
|
|
|
-KEYFILE=$SSLDIR/private/imapd.pem
|
2005-04-22 21:01:48 +00:00
|
|
|
+CERTFILE=$SSLDIR/$CERTNAME.pem
|
2004-12-23 20:17:34 +00:00
|
|
|
+KEYFILE=$SSLDIR/private/$CERTNAME.pem
|
|
|
|
|
|
|
|
if [ ! -d $SSLDIR/certs ]; then
|
|
|
|
echo "$SSLDIR/certs directory doesn't exist"
|
|
|
|
@@ -29,6 +30,7 @@
|
|
|
|
fi
|
|
|
|
|
|
|
|
$OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
|
|
|
|
-chmod 0600 $KEYFILE
|
|
|
|
+chown root:root $CERTFILE $KEYFILE
|
|
|
|
+chmod 0600 $CERTFILE $KEYFILE
|
|
|
|
echo
|
|
|
|
$OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
|