improve documentation and migration

2004-12-23 20:17:34 +00:00 · 2004-12-23 20:17:34 +00:00 · 71d947cd2c
commit 71d947cd2c
parent 6cf645eca7
3 changed files with 203 additions and 623 deletions
--- a/dovecot-conf.patch
+++ b/dovecot-conf.patch
@ -1,17 +1,10 @@
 diff -r -u dovecot-0.99.11.orig/configure.in dovecot-0.99.11/configure.in
 --- dovecot-0.99.11.orig/configure.in	2004-09-04 05:20:19.000000000 -0400
-+++ dovecot-0.99.11/configure.in	2004-11-19 16:36:37.000000000 -0500
+++ dovecot-0.99.11/configure.in	2004-12-14 16:26:18.000000000 -0500
-@@ -21,6 +21,20 @@
+@@ -21,6 +21,13 @@
 # check posix headers
 AC_CHECK_HEADERS(sys/time.h)
 +AC_ARG_WITH(logindir,
 +[  --with-logindir=DIR       LOGIN directory (LOCALSTATEDIR/run/dovecot)],
 +	logindir="$withval",
 +	logindir=\${localstatedir}/run/dovecot/login
 +)
 +AC_SUBST(logindir)
 +
 +AC_ARG_WITH(docdir,
 +[  --with-docdir=DIR       directory for documentation (DATADIR/doc/dovecot)],
 +	docdir="$withval",
@ -22,73 +15,66 @@ diff -r -u dovecot-0.99.11.orig/configure.in dovecot-0.99.11/configure.in
 AC_ARG_ENABLE(ipv6,
 [  --enable-ipv6           Enable IPv6 support (default)],
 	if test x$enableval = xno; then
-@@ -180,6 +194,8 @@
+diff -u -r dovecot-0.99.11.orig/doc/Makefile.am dovecot-0.99.11/doc/Makefile.am
 )
 AC_SUBST(ssldir)
 +AM_CONDITIONAL(BUILD_SSL, test "$want_gnutls" = "yes" -o "$want_openssl" = "yes" )
 +
 AC_ARG_WITH(pop3d,
 [  --with-pop3d            Build POP3 server (default)],
 	if test x$withval = xno; then
@@ -1121,6 +1137,13 @@
 	AC_MSG_RESULT($i_cv_type_in6_addr)
 fi
 +if test $i_cv_type_in6_addr = yes; then
 +	listenaddr='[[::]]'
 +else
 +	listenaddr='*'
 +fi
 +AC_SUBST(listenaddr)
 +
 dnl **
 dnl ** storage classes
 dnl **
@@ -1148,7 +1171,9 @@
 AC_OUTPUT(
 Makefile
 +dovecot.conf
 doc/Makefile
 +doc/mkcert.sh
 src/Makefile
 src/lib/Makefile
 src/lib-charset/Makefile
 diff -r -u dovecot-0.99.11.orig/doc/Makefile.am dovecot-0.99.11/doc/Makefile.am
 --- dovecot-0.99.11.orig/doc/Makefile.am	2004-05-25 14:21:10.000000000 -0400
-+++ dovecot-0.99.11/doc/Makefile.am	2004-11-19 12:21:31.000000000 -0500
+++ dovecot-0.99.11/doc/Makefile.am	2004-12-22 14:49:43.000000000 -0500
-@@ -1,4 +1,4 @@
+@@ -1,19 +1,26 @@
 -docdir = $(datadir)/doc/dovecot
 +exampledir=$(docdir)/examples
- doc_DATA = \
+-doc_DATA = \
- 	auth.txt \
+-	auth.txt \
-@@ -10,10 +10,13 @@
+-	configuration.txt \
- 	nfs.txt \
+-	design.txt \
 -	index.txt \
 -	mail-storages.txt \
 -	multiaccess.txt \
 -	nfs.txt \
 +doc_DATA =			\
 +	auth.txt		\
 +	configuration.txt	\
 +	design.txt		\
 +	index.txt		\
 +	mail-storages.txt	\
 +	multiaccess.txt		\
 +	nfs.txt			\
 	securecoding.txt
 -EXTRA_DIST = \
-+example_DATA = \
+-	mkcert.sh \
- 	mkcert.sh \
+-	dovecot-openssl.cnf \
- 	dovecot-openssl.cnf \
+-	dovecot-ldap.conf \
- 	dovecot-ldap.conf \
+-	dovecot-mysql.conf \
 	dovecot-mysql.conf \
 -	dovecot-pgsql.conf \
 +example_DATA =			\
 +	../dovecot-example.conf	\
 +	mkcert.sh		\
 +	dovecot-ldap.conf	\
 +	dovecot-mysql.conf	\
 +	dovecot-pgsql.conf
 +
 +ssl_DATA =			\
 +	dovecot-openssl.cnf
 +
 +EXTRA_DIST =			\
 +	$(example_DATA)		\
 +	$(ssl_DATA)		\
 	$(doc_DATA)
-diff -r -u dovecot-0.99.11.orig/Makefile.am dovecot-0.99.11/Makefile.am
+diff -u -r dovecot-0.99.11.orig/Makefile.am dovecot-0.99.11/Makefile.am
 --- dovecot-0.99.11.orig/Makefile.am	2003-05-05 12:46:57.000000000 -0400
-+++ dovecot-0.99.11/Makefile.am	2004-11-22 16:08:01.000000000 -0500
+++ dovecot-0.99.11/Makefile.am	2004-12-21 16:29:26.000000000 -0500
-@@ -1,7 +1,18 @@
+@@ -1,11 +1,22 @@
 SUBDIRS = src doc
 confdir = $(sysconfdir)
 -conf_DATA = dovecot-example.conf
 +conf_DATA = dovecot.conf
 -EXTRA_DIST = \
 -	config.rpath \
 -	dovecot.spec \
 -	dovecot.spec.in \
 -	COPYING.LGPL \
 +
 +doc_DATA =			\
 +	AUTHORS			\
@ -100,529 +86,9 @@ diff -r -u dovecot-0.99.11.orig/Makefile.am dovecot-0.99.11/Makefile.am
 +	README			\
 +	TODO
 +
- 
+EXTRA_DIST =			\
- EXTRA_DIST = \
+	config.rpath		\
- 	config.rpath \
+	dovecot.spec		\
-diff -N -u dovecot-0.99.11.orig/doc/mkcert.sh.in dovecot-0.99.11/doc/mkcert.sh.in
+	dovecot.spec.in		\
--- dovecot-0.99.11.orig/doc/mkcert.sh.in	1969-12-31 19:00:00.000000000 -0500
+	COPYING.LGPL		\
-+++ dovecot-0.99.11/doc/mkcert.sh.in	2004-11-19 13:47:38.000000000 -0500
+ 	$(conf_DATA)
@@ -0,0 +1,34 @@
 +#!/bin/sh
 +
 +# Generates a self-signed certificate.
 +# Edit dovecot-openssl.cnf before running this.
 +
 +OPENSSL=${OPENSSL-openssl}
 +SSLDIR=${SSLDIR-@ssldir@}
 +OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
 +
 +CERTFILE=$SSLDIR/certs/@PACKAGE@.pem
 +KEYFILE=$SSLDIR/private/@PACKAGE@.pem
 +
 +if [ ! -d $SSLDIR/certs ]; then
 +  echo "$SSLDIR/certs directory doesn't exist"
 +fi
 +
 +if [ ! -d $SSLDIR/private ]; then
 +  echo "$SSLDIR/private directory doesn't exist"
 +fi
 +
 +if [ -f $CERTFILE ]; then
 +  echo "$CERTFILE already exists, won't overwrite"
 +  exit 1
 +fi
 +
 +if [ -f $KEYFILE ]; then
 +  echo "$KEYFILE already exists, won't overwrite"
 +  exit 1
 +fi
 +
 +$OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
 +chmod 0600 $KEYFILE
 +echo 
 +$OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
 diff -N -u dovecot-0.99.11.orig/dovecot.conf.in dovecot-0.99.11/dovecot.conf.in
 --- dovecot-0.99.11.orig/dovecot.conf.in	1969-12-31 19:00:00.000000000 -0500
 +++ dovecot-0.99.11/dovecot.conf.in	2004-11-19 16:42:03.000000000 -0500
@@ -0,0 +1,481 @@
 +## Dovecot 1.0 configuration file
 +
 +# Base directory where to store runtime data.
 +#base_dir = @localstatedir@/run/dovecot/
 +
 +# Protocols we want to be serving:
 +#  imap imaps pop3 pop3s
 +#protocols = imap imaps
 +
 +# IP or host address where to listen in for connections. It's not currently
 +# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
 +# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
 +# interfaces depending on the operating system. You can specify ports with
 +# "host:port".
 +imap_listen = @listenaddr@
 +pop3_listen = @listenaddr@
 +
 +# IP or host address where to listen in for SSL connections. Defaults
 +# to above non-SSL equilevants if not specified.
 +#imaps_listen = @listenaddr@
 +#pop3s_listen = @listenaddr@
 +
 +# Disable SSL/TLS support.
 +@BUILD_SSL_TRUE@ssl_disable = no
 +
 +# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
 +# dropping root privileges, so keep the key file unreadable by anyone but
 +# root. Included doc/mkcert.sh can be used to easily generate self-signed
 +# certificate, just make sure to update the domains in dovecot-openssl.cnf
 +@BUILD_SSL_TRUE@ssl_cert_file = @ssldir@/certs/@PACKAGE@.pem
 +@BUILD_SSL_TRUE@ssl_key_file = @ssldir@/private/@PACKAGE@.pem
 +
 +# SSL parameter file. Master process generates this file for login processes.
 +# It contains Diffie Hellman and RSA parameters.
 +@BUILD_SSL_TRUE@ssl_parameters_file = @localstatedir@/run/dovecot/ssl-parameters.dat
 +
 +# How often to regenerate the SSL parameters file. Generation is quite CPU
 +# intensive operation. The value is in hours, 0 disables regeneration
 +# entirely.
 +@BUILD_SSL_TRUE@ssl_parameters_regenerate = 24
 +
 +# Disable LOGIN command and all other plaintext authentications unless
 +# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
 +# IPv6 ::1 addresses are considered secure, this setting has no effect if
 +# you connect from those addresses.
 +#disable_plaintext_auth = yes
 +
 +# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
 +# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
 +#log_path = 
 +
 +# For informational messages, use this logfile instead of the default
 +#info_log_path = 
 +
 +# Prefix for each line written to log file. % codes are in strftime(3)
 +# format.
 +#log_timestamp = "%b %d %H:%M:%S "
 +
 +##
 +## Login processes
 +##
 +
 +# Directory where authentication process places authentication UNIX sockets
 +# which login needs to be able to connect to. The sockets are created when
 +# running as root, so you don't have to worry about permissions. Note that
 +# everything in this directory is deleted when Dovecot is started.
 +#login_dir = @logindir@
 +
 +# chroot login process to the login_dir. Only reason not to do this is if you
 +# wish to run the whole Dovecot without roots.
 +#login_chroot = yes
 +
 +
 +##
 +## IMAP login process
 +##
 +
 +login = imap
 +
 +# Executable location.
 +#login_executable = @libexecdir@/dovecot/imap-login
 +
 +# User to use for the login process. Create a completely new user for this,
 +# and don't use it anywhere else. The user must also belong to a group where
 +# only it has access, it's used to control access for authentication process.
 +#login_user = dovecot
 +
 +# Set max. process size in megabytes. If you don't use
 +# login_process_per_connection you might need to grow this.
 +#login_process_size = 32
 +
 +# Should each login be processed in it's own process (yes), or should one
 +# login process be allowed to process multiple connections (no)? Yes is more
 +# secure, espcially with SSL/TLS enabled. No is faster since there's no need
 +# to create processes all the time.
 +#login_process_per_connection = yes
 +
 +# Number of login processes to create. If login_process_per_user is
 +# yes, this is the number of extra processes waiting for users to log in.
 +#login_processes_count = 3
 +
 +# Maximum number of extra login processes to create. The extra process count
 +# usually stays at login_processes_count, but when multiple users start logging
 +# in at the same time more extra processes are created. To prevent fork-bombing
 +# we check only once in a second if new processes should be created - if all
 +# of them are used at the time, we double their amount until limit set by this
 +# setting is reached. This setting is used only if login_process_per_use is yes.
 +#login_max_processes_count = 128
 +
 +# Maximum number of connections allowed in login state. When this limit is
 +# reached, the oldest connections are dropped. If login_process_per_user
 +# is no, this is a per-process value, so the absolute maximum number of users
 +# logging in actually login_processes_count * max_logging_users.
 +#login_max_logging_users = 256
 +
 +##
 +## POP3 login process
 +##
 +
 +# Settings default to same as above, so you don't have to set anything
 +# unless you want to override them.
 +
 +login = pop3
 +
 +# Exception to above rule being the executable location.
 +#login_executable = @libexecdir@/dovecot/pop3-login
 +
 +##
 +## Mail processes
 +##
 +
 +# Maximum number of running mail processes. When this limit is reached,
 +# new users aren't allowed to log in.
 +#max_mail_processes = 1024
 +
 +# Show more verbose process titles (in ps). Currently shows user name and
 +# IP address. Useful for seeing who are actually using the IMAP processes
 +# (eg. shared mailboxes or if same uid is used for multiple accounts).
 +#verbose_proctitle = no
 +
 +# Show protocol level SSL errors.
 +@BUILD_SSL_TRUE@verbose_ssl = no
 +
 +# Valid UID range for users, defaults to 500 and above. This is mostly
 +# to make sure that users can't log in as daemons or other system users.
 +# Note that denying root logins is hardcoded to dovecot binary and can't
 +# be done even if first_valid_uid is set to 0.
 +#first_valid_uid = 500
 +#last_valid_uid = 0
 +
 +# Valid GID range for users, defaults to non-root/wheel. Users having
 +# non-valid GID as primary group ID aren't allowed to log in. If user
 +# belongs to supplementary groups with non-valid GIDs, those groups are
 +# not set.
 +#first_valid_gid = 1
 +#last_valid_gid = 0
 +
 +# Grant access to these extra groups for mail processes. Typical use would be
 +# to give "mail" group write access to /var/mail to be able to create dotlocks.
 +#mail_extra_groups =
 +
 +# ':' separated list of directories under which chrooting is allowed for mail
 +# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
 +# This setting doesn't affect login_chroot or auth_chroot variables.
 +# WARNING: Never add directories here which local users can modify, that
 +# may lead to root exploit. Usually this should be done only if you don't
 +# allow shell access for users. See doc/configuration.txt for more information.
 +#valid_chroot_dirs = 
 +
 +# Default chroot directory for mail processes. This can be overridden by
 +# giving /./ in user's home directory (eg. /home/./user chroots into /home).
 +#mail_chroot = 
 +
 +# Default MAIL environment to use when it's not set. By leaving this empty
 +# dovecot tries to do some automatic detection as described in
 +# doc/mail-storages.txt. There's a few special variables you can use:
 +#
 +#   %u - username
 +#   %n - user part in user@domain, same as %u if there's no domain
 +#   %d - domain part in user@domain, empty if user there's no domain
 +#   %h - home directory
 +#
 +# You can also limit a width of string by giving the number of max. characters
 +# after the '%' character. For example %1u gives the first character of
 +# username. Some examples:
 +#
 +#   default_mail_env = maildir:/var/mail/%1u/%u/Maildir
 +#   default_mail_env = mbox:~/mail/:INBOX=/var/mail/%u
 +#   default_mail_env = mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n
 +#
 +#default_mail_env = 
 +
 +# Space-separated list of fields to cache for all mails. Currently these
 +# fields are allowed followed by a list of commands they speed up:
 +#
 +#  Envelope      - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT,
 +#                  SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID,
 +#                  HEADER IN-REPLY-TO
 +#  Body          - FETCH BODY
 +#  Bodystructure - FETCH BODY, BODYSTRUCTURE
 +#  MessagePart   - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE,
 +#                  SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE
 +#                  generation. This is always set with mbox mailboxes, and
 +#                  also default with Maildir.
 +#
 +# Different IMAP clients work in different ways, that's why Dovecot by default
 +# only caches MessagePart which speeds up most operations. Whenever client
 +# does something where caching could be used, the field is automatically marked
 +# to be cached later. For example after FETCH BODY the BODY will be cached
 +# for all new messages. Normally you should leave this alone, unless you know
 +# what most of your IMAP clients are. Caching more fields than needed makes
 +# the index files larger and generate useless I/O.
 +#
 +# With maildir there's one extra optimization - if nothing is cached, indexing
 +# the maildir becomes much faster since it's not opening any of the mail files.
 +# This could be useful if your IMAP clients access only new mails.
 +
 +#mail_cache_fields = MessagePart
 +
 +# Space-separated list of fields that Dovecot should never set to be cached.
 +# Useful if you want to save disk space at the cost of more I/O when the fields
 +# needed.
 +#mail_never_cache_fields = 
 +
 +# Workarounds for various client bugs:
 +#   oe6-fetch-no-newmail:
 +#     Never send EXISTS/RECENT when replying to FETCH command. Outlook Express
 +#     seems to think they are FETCH replies and gives user "Message no longer
 +#     in server" error. Note that OE6 still breaks even with this workaround
 +#     if synchronization is set to "Headers Only".
 +#   outlook-idle:
 +#     Outlook and Outlook Express never abort IDLE command, so if no mail
 +#     arrives in half a hour, Dovecot closes the connection. This is still
 +#     fine, except Outlook doesn't connect back so you don't see if new mail
 +#     arrives.
 +#   outlook-pop3-no-nuls:
 +#     Outlook and Outlook Express hang if mails contain NUL characters.
 +#     This setting replaces them with 0x80 character.
 +#client_workarounds = 
 +
 +# Dovecot can notify client of new mail in selected mailbox soon after it's
 +# received. This setting specifies the minimum interval in seconds between
 +# new mail notifications to client - internally they may be checked more or
 +# less often. Setting this to 0 disables the checking.
 +# NOTE: Evolution client breaks with this option when it's trying to APPEND.
 +#mailbox_check_interval = 0
 +
 +# Like mailbox_check_interval, but used for IDLE command.
 +#mailbox_idle_check_interval = 30
 +
 +# Allow full filesystem access to clients. There's no access checks other than
 +# what the operating system does for the active UID/GID. It works with both
 +# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
 +# or ~user/.
 +#mail_full_filesystem_access = no
 +
 +# Maximum allowed length for custom flag name. It's only forced when trying
 +# to create new flags.
 +#mail_max_flag_length = 50
 +
 +# Save mails with CR+LF instead of plain LF. This makes sending those mails
 +# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
 +# But it also creates a bit more disk I/O which may just make it slower.
 +#mail_save_crlf = no
 +
 +# Use mmap() instead of read() to read mail files. read() seems to be a bit
 +# faster with my Linux/x86 and it's better with NFS, so that's the default.
 +#mail_read_mmaped = no
 +
 +# By default LIST command returns all entries in maildir beginning with dot.
 +# Enabling this option makes Dovecot return only entries which are directories.
 +# This is done by stat()ing each entry, so it causes more disk I/O.
 +# (For systems setting struct dirent->d_type, this check is free and it's
 +# done always regardless of this setting)
 +#maildir_stat_dirs = no
 +
 +# Copy mail to another folders using hard links. This is much faster than
 +# actually copying the file. This is problematic only if something modifies
 +# the mail in one folder but doesn't want it modified in the others. I don't
 +# know any MUA which would modify mail files directly. IMAP protocol also
 +# requires that the mails don't change, so it would be problematic in any case.
 +# If you care about performance, enable it.
 +#maildir_copy_with_hardlinks = no
 +
 +# Check if mails' content has been changed by external programs. This slows
 +# down things as extra stat() needs to be called for each file. If changes are
 +# noticed, the message is treated as a new message, since IMAP protocol
 +# specifies that existing messages are immutable.
 +#maildir_check_content_changes = no
 +
 +# Which locking methods to use for locking mbox. There's three available:
 +#  dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
 +#           solution. If you want to use /var/mail/ like directory, the users
 +#           will need write access to that directory.
 +#  fcntl  : Use this if possible. Works with NFS too if lockd is used.
 +#  flock  : May not exist in all systems. Doesn't work with NFS.
 +#
 +# You can use both fcntl and flock too; if you do the order they're declared
 +# with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
 +# and flock. Some operating systems don't allow using both of them
 +# simultaneously, eg. BSDs. If dotlock is used, it's always created first.
 +#mbox_locks = dotlock fcntl
 +
 +# Should we create dotlock file even when we want only a read-lock? Setting
 +# this to yes hurts the performance when the mailbox is accessed simultaneously
 +# by multiple processes, but it's needed for reliable reading if no other
 +# locking methods are available.
 +#mbox_read_dotlock = no
 +
 +# Maximum time in seconds to wait for lock (all of them) before aborting.
 +#mbox_lock_timeout = 300
 +
 +# If dotlock exists but the mailbox isn't modified in any way, override the
 +# lock file after this many seconds.
 +#mbox_dotlock_change_timeout = 30
 +
 +# umask to use for mail files and directories
 +#umask = 0077
 +
 +# Drop all privileges before exec()ing the mail process. This is mostly
 +# meant for debugging, otherwise you don't get core dumps. Note that setting
 +# this to yes means that log file is opened as the logged in user, which
 +# might not work. It could also be a small security risk if you use single UID
 +# for multiple users, as the users could ptrace() each others processes then.
 +#mail_drop_priv_before_exec = no
 +
 +##
 +## IMAP process
 +##
 +
 +# Executable location
 +#imap_executable = @libexecdir@/dovecot/imap
 +
 +# Set max. process size in megabytes. Most of the memory goes to mmap()ing
 +# files, so it shouldn't harm much even if this limit is set pretty high.
 +#imap_process_size = 256
 +
 +# Support for dynamically loadable modules.
 +#imap_use_modules = no
 +#imap_modules = @moduledir@/imap
 +
 +##
 +## POP3 process
 +##
 +
 +# Executable location
 +#pop3_executable = @libexecdir@/dovecot/pop3
 +
 +# Set max. process size in megabytes. Most of the memory goes to mmap()ing
 +# files, so it shouldn't harm much even if this limit is set pretty high.
 +#pop3_process_size = 256
 +
 +# Support for dynamically loadable modules.
 +#pop3_use_modules = no
 +#pop3_modules = @moduledir@/pop3
 +
 +##
 +## Authentication processes
 +##
 +
 +# An Authentication process is a child process used by Dovecot that
 +# handles the authentication steps. The steps cover an authentication
 +# mechanism (auth_mechanisms, how the client authenticates in the IMAP or
 +# POP3 protocol), which password database should be queried (auth_passdb),
 +# and which user database should be queried (auth_userdb, to obtain
 +# UID, GID, and location of the user's mailbox/home directory).
 +#
 +# You can have multiple processes, though a typical configuration will
 +# have only one. Each time "auth = xx" is seen, a new process
 +# definition is started. The point of multiple processes is to be able
 +# to set stricter permissions. (See auth_user below.)
 +#
 +# Just remember that only one Authentication process is asked for the
 +# password, so you can't have different passwords accessible through
 +# different process definitions (unless they have different
 +# auth_mechanisms, and you're ok with having different password for
 +# each mechanisms).
 +
 +# Authentication process name.
 +auth = default
 +
 +# Specifies how the client authenticates in the IMAP protocol.
 +# Space separated list of permitted authentication mechanisms:
 +#   anonymous plain digest-md5 cram-md5
 +#
 +# anonymous - No authentication required.
 +# plain - The password is sent as plain text. All IMAP/POP3 clients
 +#  support this, and the password can be encrypted by Dovecot to match
 +#  any of the encryption schemes used in password databases.
 +# digest-md5 and cram-md5 - both encrypt the password so it is more
 +#  secure in transit, but are not well supported by clients, and
 +#  require that the password database use a matching encryption
 +#  scheme (or be in plaintext).
 +#
 +# See auth.txt for more details.
 +#
 +# If you are using SSL there is less benefit to digest-md5 and
 +# cram-md5 as the communication is already encrypted.
 +auth_mechanisms = plain
 +
 +# Space separated list of realms for SASL authentication mechanisms that need
 +# them. You can leave it empty if you don't want to support multiple realms.
 +# Many clients simply use the first one listed here, so keep the default realm
 +# first.
 +#auth_realms =
 +
 +# Default realm/domain to use if none was specified. This is used for both
 +# SASL realms and appending @domain to username in plaintext logins.
 +#auth_default_realm = 
 +
 +# Where user database is kept:
 +#   passwd: /etc/passwd or similiar, using getpwnam()
 +#   passwd-file <path>: passwd-like file with specified location
 +#   static uid=<uid> gid=<gid> home=<dir template>: static settings
 +#   vpopmail: vpopmail library
 +#   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
 +#   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
 +auth_userdb = passwd
 +
 +# Where password database is kept:
 +#   passwd: /etc/passwd or similiar, using getpwnam()
 +#   shadow: /etc/shadow or similiar, using getspnam()
 +#   pam [<service> | *]: PAM authentication
 +#   passwd-file <path>: passwd-like file with specified location
 +#   vpopmail: vpopmail authentication
 +#   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
 +#   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
 +auth_passdb = pgsql @sysconfdir@/dovecot-pgsql.conf
 +
 +#auth_executable = @libexecdir@/dovecot/dovecot-auth
 +
 +# Set max. process size in megabytes.
 +#auth_process_size = 256
 +
 +# User to use for the process. This user needs access to only user and
 +# password databases, nothing else. Only shadow and pam authentication
 +# requires roots, so use something else if possible. Note that passwd
 +# authentication with BSDs internally accesses shadow files, which also
 +# requires roots.
 +auth_user = root
 +
 +# Directory where to chroot the process. Most authentication backends don't
 +# work if this is set, and there's no point chrooting if auth_user is root.
 +#auth_chroot = 
 +
 +# Number of authentication processes to create
 +#auth_count = 1
 +
 +# List of allowed characters in username. If the user-given username contains
 +# a character not listed in here, the login automatically fails. This is just
 +# an extra check to make sure user can't exploit any potential quote escaping
 +# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
 +# set this value to empty.
 +#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
 +
 +# Username to use for users logging in with ANONYMOUS SASL mechanism
 +#auth_anonymous_username = anonymous
 +
 +# More verbose logging. Useful for figuring out why authentication isn't
 +# working.
 +#auth_verbose = no
 +
 +# Even more verbose logging for debugging purposes. Shows for example SQL
 +# queries.
 +#auth_debug = no
 +
 +# digest-md5 authentication process. It requires special MD5 passwords which
 +# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
 +# Note that the passwd-file is opened before chrooting and dropping root
 +# privileges, so it may be 0600-root owned file.
 +
 +#auth = digest_md5
 +#auth_mechanisms = digest-md5
 +#auth_realms = 
 +#auth_userdb = passwd-file /etc/passwd.imap
 +#auth_passdb = passwd-file /etc/passwd.imap
 +#auth_user = imapauth
 +#auth_chroot = 
 +
 +# if you plan to use only passwd-file, you don't need the two auth processes,
 +# simply set "auth_methods = plain digest-md5"
--- a/dovecot-configfile.patch
+++ b/dovecot-configfile.patch
@ -0,0 +1,100 @@
 diff -u dovecot-0.99.11/dovecot-example.conf dovecot-0.99.11/dovecot.conf
 --- dovecot-0.99.11/dovecot-example.conf	2004-08-28 08:26:10.000000000 -0400
 +++ dovecot-0.99.11/dovecot.conf	2004-12-21 17:18:01.000000000 -0500
@@ -1,25 +1,19 @@
 ## Dovecot 1.0 configuration file
 -# Default values are shown after each value, it's not required to uncomment
 -# any of the lines. Exception to this are paths, they're just examples
 -# with real defaults being based on configure options. The paths listed here
 -# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
 -# --with-ssldir=/etc/ssl
 -
 # Base directory where to store runtime data.
 #base_dir = /var/run/dovecot/
 # Protocols we want to be serving:
 #  imap imaps pop3 pop3s
 -#protocols = imap imaps
 +protocols = imap imaps pop3 pop3s
 # IP or host address where to listen in for connections. It's not currently
 # possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
 # "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
 # interfaces depending on the operating system. You can specify ports with
 # "host:port".
 -#imap_listen = *
 -#pop3_listen = *
 +imap_listen = [::]
 +pop3_listen = [::]
 # IP or host address where to listen in for SSL connections. Defaults
 # to above non-SSL equilevants if not specified.
@@ -33,8 +27,8 @@
 # dropping root privileges, so keep the key file unreadable by anyone but
 # root. Included doc/mkcert.sh can be used to easily generate self-signed
 # certificate, just make sure to update the domains in dovecot-openssl.cnf
 -#ssl_cert_file = /etc/ssl/certs/dovecot.pem
 -#ssl_key_file = /etc/ssl/private/dovecot.pem
 +ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
 +ssl_key_file = /usr/share/ssl/private/dovecot.pem
 # SSL parameter file. Master process generates this file for login processes.
 # It contains Diffie Hellman and RSA parameters.
@@ -70,7 +64,7 @@
 # which login needs to be able to connect to. The sockets are created when
 # running as root, so you don't have to worry about permissions. Note that
 # everything in this directory is deleted when Dovecot is started.
 -#login_dir = /var/run/dovecot/login
 +login_dir = /var/run/dovecot-login
 # chroot login process to the login_dir. Only reason not to do this is if you
 # wish to run the whole Dovecot without roots.
@@ -305,7 +299,7 @@
 # with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
 # and flock. Some operating systems don't allow using both of them
 # simultaneously, eg. BSDs. If dotlock is used, it's always created first.
 -#mbox_locks = dotlock fcntl
 +#mbox_locks = fcntl
 # Should we create dotlock file even when we want only a read-lock? Setting
 # this to yes hurts the performance when the mailbox is accessed simultaneously
@@ -431,8 +425,8 @@
 #   vpopmail: vpopmail authentication
 #   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
 #   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
 -auth_passdb = pgsql /usr/local/etc/dovecot-pgsql.conf
 +#auth_passdb = pgsql /usr/local/etc/dovecot-pgsql.conf
 #auth_executable = /usr/libexec/dovecot/dovecot-auth
 diff -u -r dovecot-0.99.11.orig/doc/mkcert.sh dovecot-0.99.11/doc/mkcert.sh
 --- dovecot-0.99.11.orig/doc/mkcert.sh	2004-07-22 20:04:37.000000000 -0400
 +++ dovecot-0.99.11/doc/mkcert.sh	2004-12-22 16:33:20.000000000 -0500
@@ -4,11 +4,12 @@
 # Edit dovecot-openssl.cnf before running this.
 OPENSSL=${OPENSSL-openssl}
 -SSLDIR=${SSLDIR-/etc/ssl}
 -OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
 +SSLDIR=${SSLDIR-/usr/share/ssl}
 +OPENSSLCONFIG=${OPENSSLCONFIG-$SSLDIR/dovecot-openssl.cnf}
 +CERTNAME=${CERTNAME-dovecot}
 -CERTFILE=$SSLDIR/certs/imapd.pem
 -KEYFILE=$SSLDIR/private/imapd.pem
 +CERTFILE=$SSLDIR/certs/$CERTNAME.pem
 +KEYFILE=$SSLDIR/private/$CERTNAME.pem
 if [ ! -d $SSLDIR/certs ]; then
   echo "$SSLDIR/certs directory doesn't exist"
@@ -29,6 +30,7 @@
 fi
 $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
 -chmod 0600 $KEYFILE
 +chown root:root $CERTFILE $KEYFILE
 +chmod 0600 $CERTFILE $KEYFILE
 echo 
 $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
--- a/dovecot.spec
+++ b/dovecot.spec
@ -1,7 +1,7 @@
 Summary: Dovecot Secure imap server
 Name: dovecot
 Version: 0.99.11
-Release: 6.devel
+Release: 7.devel
 License: LGPL
 Group: System Environment/Daemons
 Source: %{name}-%{version}.tar.gz
@ -12,6 +12,7 @@ Source4: migrate-folders
 Source5: migrate-users
 Source6: perfect_maildir.pl
 Patch100: dovecot-conf.patch
 Patch101: dovecot-configfile.patch
 # Patches 500+ from upstream fixes
 URL: http://dovecot.procontrol.fi/
@ -23,11 +24,12 @@ BuildRequires: openldap-devel
 BuildRequires: pam-devel
 BuildRequires: pkgconfig
 BuildRequires: zlib-devel
 BuildRequires: gettext-devel
 Prereq: openssl, /sbin/chkconfig, /usr/sbin/useradd
 %define docdir %{_docdir}/%{name}-%{version}
 %define ssldir /usr/share/ssl
 %define dovecot-uid 97
 %define dovecot-gid 97
 %description
 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security 
@ -39,16 +41,16 @@ in either of maildir or mbox formats.
 %setup -q -n %{name}-%{version}
 %patch100 -p1 -b .config
 cp $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-${RPM_PACKAGE_VERSION}/dovecot-example.conf $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-${RPM_PACKAGE_VERSION}/dovecot.conf
 %patch101 -p1 -b .configfile
 %build
 rm -f ./configure
 aclocal
-automake -a -f
+automake -a
-autoconf -f
+autoconf
 %configure                           \
 	--with-docdir=%{docdir}	     \
 	--with-logindir=/var/run/dovecot-login	\
 	--with-mbox-locks=fcntl			\
 	--with-pgsql                 \
 	--with-mysql                 \
 	--with-ssl=openssl           \
@ -59,8 +61,7 @@ make
 %install
 rm -rf $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT install
+make install DESTDIR=$RPM_BUILD_ROOT
 rm -rf $RPM_BUILD_ROOT/%{_datadir}/%{name}
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/rc.d/init.d
 install -m 755 %{SOURCE1} $RPM_BUILD_ROOT/%{_sysconfdir}/rc.d/init.d/dovecot
@ -77,33 +78,40 @@ mkdir -p $RPM_BUILD_ROOT/var/run/dovecot
 chmod 700 $RPM_BUILD_ROOT/var/run/dovecot
 mkdir -p $RPM_BUILD_ROOT/var/run/dovecot-login
 # Install some of our own documentation
 install -m755 -d $RPM_BUILD_ROOT%{docdir}/UW-to-Dovecot-Migration
-for f in maildir-migration.txt migrate-folders migrate-users perfect_maildir.pl
+for f in maildir-migration.txt
 do
    install -m644 $RPM_SOURCE_DIR/$f $RPM_BUILD_ROOT%{docdir}/UW-to-Dovecot-Migration
 done
 for f in migrate-folders migrate-users perfect_maildir.pl
 do
    install -m755 $RPM_SOURCE_DIR/$f $RPM_BUILD_ROOT%{docdir}/UW-to-Dovecot-Migration
 done
 %pre
-/usr/sbin/useradd -c "dovecot" -u 97 -s /sbin/nologin -r -d /usr/libexec/dovecot dovecot 2>/dev/null || :
+/usr/sbin/useradd -c "dovecot" -u %{dovecot-uid} -s /sbin/nologin -r -d /usr/libexec/dovecot dovecot 2>/dev/null || :
 %post
 /sbin/chkconfig --add dovecot
 # create a ssl cert
 if [ ! -f %{ssldir}/certs/dovecot.pem ]; then
-pushd %{ssldir} &>/dev/null
+%{docdir}/examples/mkcert.sh &> /dev/null
-umask 077
+#pushd %{ssldir} &>/dev/null
-cat << EOF | openssl req -new -x509 -days 365 -nodes -out certs/dovecot.pem -keyout private/dovecot.pem &>/dev/null
+#umask 077
--
+#cat << EOF | openssl req -new -x509 -days 365 -nodes -out certs/dovecot.pem -keyout private/dovecot.pem &>/dev/null
-SomeState
+#--
-SomeCity
+#SomeState
-SomeOrganization
+#SomeCity
-SomeOrganizationalUnit
+#SomeOrganization
-localhost.localdomain
+#SomeOrganizationalUnit
-root@localhost.localdomain
+#localhost.localdomain
-EOF
+#root@localhost.localdomain
-chown root:root private/dovecot.pem certs/dovecot.pem
+#EOF
-chmod 600 private/dovecot.pem certs/dovecot.pem
+#chown root:root private/dovecot.pem certs/dovecot.pem
-popd &>/dev/null
+#chmod 600 private/dovecot.pem certs/dovecot.pem
 #popd &>/dev/null
 fi
 exit 0
@ -125,6 +133,7 @@ rm -rf $RPM_BUILD_ROOT
 %config(noreplace) %{_sysconfdir}/dovecot.conf
 %config %{_sysconfdir}/rc.d/init.d/dovecot
 %config %{_sysconfdir}/pam.d/dovecot
 %config(noreplace) %{ssldir}/dovecot-openssl.cnf
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/certs/dovecot.pem
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/private/dovecot.pem
 %dir %{_libexecdir}/%{name}
@ -132,9 +141,14 @@ rm -rf $RPM_BUILD_ROOT
 %{_sbindir}/dovecot
 %dir /var/run/dovecot
 %attr(0750,root,dovecot) %dir /var/run/dovecot-login
 %attr(0750,root,dovecot) %{docdir}/examples/mkcert.sh
 %changelog
 * Thu Dec 23 2004 John Dennis <jdennis@redhat.com> 0.99.11-7.devel
 - add UW to Dovecot migration documentation and scripts, bug #139954
  fix SSL documentation and scripts, add missing documentation, bug #139276
 * Thu Nov 15 2004 Warren Togami <wtogami@redhat.com> 0.99.11-2.FC4.1
 - rebuild against MySQL4