diff -up dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf.default-settings dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf --- dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf.default-settings 2018-02-28 15:28:57.000000000 +0100 +++ dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf 2018-03-01 10:29:38.208368555 +0100 @@ -165,7 +165,7 @@ namespace inbox { # to make sure that users can't log in as daemons or other system users. # Note that denying root logins is hardcoded to dovecot binary and can't # be done even if first_valid_uid is set to 0. -#first_valid_uid = 500 +first_valid_uid = 1000 #last_valid_uid = 0 # Valid GID range for users, defaults to non-root/wheel. Users having @@ -322,6 +322,7 @@ protocol !indexer-worker { # them simultaneously. #mbox_read_locks = fcntl #mbox_write_locks = dotlock fcntl +mbox_write_locks = fcntl # Maximum time to wait for lock (all of them) before aborting. #mbox_lock_timeout = 5 mins diff -up dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf.default-settings dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf --- dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf.default-settings 2018-02-28 15:28:57.000000000 +0100 +++ dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf 2018-03-01 10:33:54.779499044 +0100 @@ -3,7 +3,9 @@ ## # SSL/TLS support: yes, no, required. -#ssl = yes +# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps +# plain imap and pop3 are still allowed for local connections +ssl = required # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but @@ -57,6 +59,7 @@ ssl_key =