dovecot_config_version = ${config_version} dovecot_storage_version = ${storage_version} protocols = imap lmtp sieve auth_mechanisms = plain login mail_privileged_group = mail ssl = required ssl_server_cert_file = /var/lib/dehydrated/certs/${hostname}/fullchain.pem ssl_server_key_file = /var/lib/dehydrated/certs/${hostname}/privkey.pem ssl_server_dh_file = /etc/dovecot/dhparam.pem ssl_client_ca_dir = /etc/ssl/certs mail_driver = maildir mail_path = ${maildir}/%{user} mail_index_path = ${maildir}/index/%{user} mail_plugins = fts fts_xapian namespace inbox { inbox = yes separator = . mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = create special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } mailbox Sent { auto = subscribe special_use = \Sent } } sql_driver = pgsql pgsql main { parameters { host = ${db_host} dbname = ${db_name} user = ${db_user} password = ${db_password} } } # postgres passdb userdb passdb sql { passdb_default_password_scheme = ARGON2ID query = SELECT \ CONCAT(users.name, '@', domains.name) AS "user", \ password \ FROM users \ LEFT JOIN domains ON users.domain_id = domains.id \ WHERE redirect IS NULL \ AND users.name = SPLIT_PART('%{user}', '@', 1) \ AND domains.name = SPLIT_PART('%{user}', '@', 2) } mail_uid = vmail mail_gid = vmail userdb sql { query = SELECT \ '/var/vmail/%{user}' AS home, \ 'vmail' AS uid, \ 'vmail' AS gid iterate_query = SELECT \ CONCAT(users.name, '@', domains.name) AS username \ FROM users \ LEFT JOIN domains ON users.domain_id = domains.id \ WHERE redirect IS NULL } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 user = postfix group = postfix } } service stats { unix_listener stats-reader { user = vmail group = vmail mode = 0660 } unix_listener stats-writer { user = vmail group = vmail mode = 0660 } } service managesieve-login { inet_listener sieve { } process_min_avail = 0 process_min_avail = 1 process_limit = 1 vsz_limit = 64 M } service managesieve { process_limit = 100 } protocol imap { mail_plugins = $mail_plugins imap_sieve mail_max_userip_connections = 50 imap_idle_notify_interval = 29 mins } protocol lmtp { mail_plugins = $mail_plugins sieve } protocol sieve { sieve = /var/vmail/sieve/%u.sieve sieve_storage = /var/vmail/sieve/%u/ } # fulltext search fts = xapian fts_xapian = partial=3 full=20 verbose=0 fts_autoindex = yes fts_enforced = yes # Index attachements fts_decoder = decode2text service indexer-worker { vsz_limit = ${indexer_ram} } service decode2text { executable = script /usr/local/libexec/dovecot/decode2text.sh user = dovecot unix_listener decode2text { mode = 0666 } } # spam filter sieve_plugins = sieve_imapsieve sieve_extprograms sieve_dir = /var/vmail/sieve/%u/ sieve = /var/vmail/sieve/%u.sieve sieve_pipe_bin_dir = /var/vmail/sieve/bin sieve_extensions = +vnd.dovecot.pipe sieve_after = /var/vmail/sieve/global/spam-to-folder.sieve # From elsewhere to Spam folder imapsieve_mailbox1_name = Junk imapsieve_mailbox1_causes = COPY imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve # From Spam folder to elsewhere imapsieve_mailbox2_name = * imapsieve_mailbox2_from = Junk imapsieve_mailbox2_causes = COPY imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve