git subrepo clone https://github.com/mailcow/mailcow-dockerized.git mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "a832becb"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "a832becb"
git-subrepo: version: "0.4.3"
origin: "???"
commit: "???"
Change-Id: If5be2d621a211e164c9b6577adaa7884449f16b5
diff --git a/mailcow/src/mailcow-dockerized/data/conf/dovecot/dovecot.conf b/mailcow/src/mailcow-dockerized/data/conf/dovecot/dovecot.conf
new file mode 100644
index 0000000..cef7de8
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/dovecot/dovecot.conf
@@ -0,0 +1,535 @@
+# --------------------------------------------------------------------------
+# Please create a file "extra.conf" for persistent overrides to dovecot.conf
+# --------------------------------------------------------------------------
+# LDAP example:
+#passdb {
+# args = /etc/dovecot/ldap/passdb.conf
+# driver = ldap
+#}
+
+auth_mechanisms = plain login
+#mail_debug = yes
+#auth_debug = yes
+log_path = syslog
+disable_plaintext_auth = yes
+# Uncomment on NFS share
+#mmap_disable = yes
+#mail_fsync = always
+#mail_nfs_index = yes
+#mail_nfs_storage = yes
+login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"
+mail_home = /var/vmail/%d/%n
+mail_location = maildir:~/
+mail_plugins = </etc/dovecot/mail_plugins
+mail_attachment_fs = crypt:set_prefix=mail_crypt_global:posix:
+mail_attachment_dir = /var/attachments
+mail_attachment_min_size = 128k
+
+# Dovecot 2.2
+#ssl_protocols = !SSLv3
+# Dovecot 2.3
+ssl_min_protocol = TLSv1.2
+
+ssl_prefer_server_ciphers = yes
+ssl_cipher_list = ALL:!ADH:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:!eNULL:!3DES:!MD5:!PSK:!DSS:!RC4:!SEED:!IDEA:+HIGH:+MEDIUM
+
+# Default in Dovecot 2.3
+ssl_options = no_compression no_ticket
+
+# New in Dovecot 2.3
+ssl_dh = </etc/ssl/mail/dhparams.pem
+# Dovecot 2.2
+#ssl_dh_parameters_length = 2048
+log_timestamp = "%Y-%m-%d %H:%M:%S "
+recipient_delimiter = +
+auth_master_user_separator = *
+mail_shared_explicit_inbox = yes
+mail_prefetch_count = 30
+# try a master passwd
+passdb {
+ driver = passwd-file
+ args = /etc/dovecot/dovecot-master.passwd
+ master = yes
+ pass = yes
+ result_failure = continue
+ result_internalfail = continue
+}
+# try an app passwd
+passdb {
+ driver = lua
+ args = file=/etc/dovecot/lua/app-passdb.lua blocking=yes
+ pass = yes
+ result_failure = continue
+ result_internalfail = continue
+}
+# check for regular password - if empty (e.g. force-passwd-reset), previous pass=yes passdbs also fail
+# a return of the following passdb is mandatory
+passdb {
+ args = /etc/dovecot/sql/dovecot-dict-sql-passdb.conf
+ driver = sql
+ result_success = return-ok
+ result_failure = continue
+ result_internalfail = continue
+}
+passdb {
+ driver = passwd-file
+ args = /etc/dovecot/dovecot-master.passwd
+ skip = authenticated
+}
+# Set doveadm_password=your-secret-password in data/conf/dovecot/extra.conf (create if missing)
+service doveadm {
+ inet_listener {
+ port = 12345
+ }
+ vsz_limit=2048 MB
+}
+namespace inbox {
+ inbox = yes
+ location =
+ separator = /
+ mailbox "Trash" {
+ auto = subscribe
+ special_use = \Trash
+ }
+ mailbox "Deleted Messages" {
+ special_use = \Trash
+ }
+ mailbox "Deleted Items" {
+ special_use = \Trash
+ }
+ mailbox "Rubbish" {
+ special_use = \Trash
+ }
+ mailbox "Gelöschte Objekte" {
+ special_use = \Trash
+ }
+ mailbox "Gelöschte Elemente" {
+ special_use = \Trash
+ }
+ mailbox "Papierkorb" {
+ special_use = \Trash
+ }
+ mailbox "Itens Excluidos" {
+ special_use = \Trash
+ }
+ mailbox "Itens Excluídos" {
+ special_use = \Trash
+ }
+ mailbox "Lixeira" {
+ special_use = \Trash
+ }
+ mailbox "Prullenbak" {
+ special_use = \Trash
+ }
+ mailbox "Odstránené položky" {
+ special_use = \Trash
+ }
+ mailbox "Koš" {
+ special_use = \Trash
+ }
+ mailbox "Verwijderde items" {
+ special_use = \Trash
+ }
+ mailbox "废件箱" {
+ special_use = \Trash
+ }
+ mailbox "已删除消息" {
+ special_use = \Trash
+ }
+ mailbox "已删除邮件" {
+ special_use = \Trash
+ }
+ mailbox "Archive" {
+ auto = subscribe
+ special_use = \Archive
+ }
+ mailbox "Archiv" {
+ special_use = \Archive
+ }
+ mailbox "Archives" {
+ special_use = \Archive
+ }
+ mailbox "Arquivo" {
+ special_use = \Archive
+ }
+ mailbox "Arquivos" {
+ special_use = \Archive
+ }
+ mailbox "Archief" {
+ special_use = \Archive
+ }
+ mailbox "Archív" {
+ special_use = \Archive
+ }
+ mailbox "Archivovať" {
+ special_use = \Archive
+ }
+ mailbox "归档" {
+ special_use = \Archive
+ }
+ mailbox "Sent" {
+ auto = subscribe
+ special_use = \Sent
+ }
+ mailbox "Sent Messages" {
+ special_use = \Sent
+ }
+ mailbox "Sent Items" {
+ special_use = \Sent
+ }
+ mailbox "已发送" {
+ special_use = \Sent
+ }
+ mailbox "已发送消息" {
+ special_use = \Sent
+ }
+ mailbox "已发送邮件" {
+ special_use = \Sent
+ }
+ mailbox "Gesendet" {
+ special_use = \Sent
+ }
+ mailbox "Gesendete Objekte" {
+ special_use = \Sent
+ }
+ mailbox "Gesendete Elemente" {
+ special_use = \Sent
+ }
+ mailbox "Itens Enviados" {
+ special_use = \Sent
+ }
+ mailbox "Enviados" {
+ special_use = \Sent
+ }
+ mailbox "Verzonden items" {
+ special_use = \Sent
+ }
+ mailbox "Verzonden" {
+ special_use = \Sent
+ }
+ mailbox "Odoslaná pošta" {
+ special_use = \Sent
+ }
+ mailbox "Odoslané" {
+ special_use = \Sent
+ }
+ mailbox "Drafts" {
+ auto = subscribe
+ special_use = \Drafts
+ }
+ mailbox "Entwürfe" {
+ special_use = \Drafts
+ }
+ mailbox "Rascunhos" {
+ special_use = \Drafts
+ }
+ mailbox "Concepten" {
+ special_use = \Drafts
+ }
+ mailbox "Koncepty" {
+ special_use = \Drafts
+ }
+ mailbox "草稿" {
+ special_use = \Drafts
+ }
+ mailbox "草稿箱" {
+ special_use = \Drafts
+ }
+ mailbox "Junk" {
+ auto = subscribe
+ special_use = \Junk
+ }
+ mailbox "Junk-E-Mail" {
+ special_use = \Junk
+ }
+ mailbox "Junk E-Mail" {
+ special_use = \Junk
+ }
+ mailbox "Spam" {
+ special_use = \Junk
+ }
+ mailbox "Lixo Eletrônico" {
+ special_use = \Junk
+ }
+ mailbox "Nevyžiadaná pošta" {
+ special_use = \Junk
+ }
+ mailbox "Infikované položky" {
+ special_use = \Junk
+ }
+ mailbox "Ongewenste e-mail" {
+ special_use = \Junk
+ }
+ mailbox "垃圾" {
+ special_use = \Junk
+ }
+ mailbox "垃圾箱" {
+ special_use = \Junk
+ }
+ mailbox "Koncepty" {
+ special_use = \Drafts
+ }
+ mailbox "Nevyžádaná pošta" {
+ special_use = \Junk
+ }
+ mailbox "Odstraněná pošta" {
+ special_use = \Trash
+ }
+ mailbox "Odeslaná pošta" {
+ special_use = \Sent
+ }
+ mailbox "Skräp" {
+ special_use = \Trash
+ }
+ mailbox "Borttagna Meddelanden" {
+ special_use = \Trash
+ }
+ mailbox "Arkiv" {
+ special_use = \Archive
+ }
+ mailbox "Arkeverat" {
+ special_use = \Archive
+ }
+ mailbox "Skickat" {
+ special_use = \Sent
+ }
+ mailbox "Skickade Meddelanden" {
+ special_use = \Sent
+ }
+ mailbox "Utkast" {
+ special_use = \Drafts
+ }
+ prefix =
+}
+protocols = imap sieve lmtp pop3
+service dict {
+ unix_listener dict {
+ mode = 0660
+ user = vmail
+ group = vmail
+ }
+}
+service log {
+ user = dovenull
+}
+service config {
+ unix_listener config {
+ user = root
+ group = vmail
+ mode = 0660
+ }
+}
+service auth {
+ inet_listener auth-inet {
+ port = 10001
+ }
+ unix_listener auth-master {
+ mode = 0600
+ user = vmail
+ }
+ unix_listener auth-userdb {
+ mode = 0600
+ user = vmail
+ }
+}
+service managesieve-login {
+ inet_listener sieve {
+ port = 4190
+ }
+ inet_listener sieve_haproxy {
+ port = 14190
+ haproxy = yes
+ }
+ service_count = 1
+ process_min_avail = 2
+ vsz_limit = 1G
+}
+service imap-login {
+ service_count = 1
+ process_limit = 10000
+ vsz_limit = 1G
+ user = dovenull
+ inet_listener imap_haproxy {
+ port = 10143
+ haproxy = yes
+ }
+ inet_listener imaps_haproxy {
+ port = 10993
+ ssl = yes
+ haproxy = yes
+ }
+}
+service pop3-login {
+ service_count = 1
+ vsz_limit = 1G
+ inet_listener pop3_haproxy {
+ port = 10110
+ haproxy = yes
+ }
+ inet_listener pop3s_haproxy {
+ port = 10995
+ ssl = yes
+ haproxy = yes
+ }
+}
+service imap {
+ executable = imap imap-postlogin
+ user = vmail
+ vsz_limit = 1G
+}
+service managesieve {
+ process_limit = 256
+}
+service lmtp {
+ inet_listener lmtp-inet {
+ port = 24
+ }
+ user = vmail
+}
+listen = *,[::]
+ssl_cert = </etc/ssl/mail/cert.pem
+ssl_key = </etc/ssl/mail/key.pem
+!include_try /etc/dovecot/sni.conf
+!include_try /etc/dovecot/sogo_trusted_ip.conf
+userdb {
+ driver = passwd-file
+ args = /etc/dovecot/dovecot-master.userdb
+}
+userdb {
+ args = /etc/dovecot/sql/dovecot-dict-sql-userdb.conf
+ driver = sql
+ skip = found
+}
+protocol imap {
+ mail_plugins = </etc/dovecot/mail_plugins_imap
+ imap_metadata = yes
+}
+mail_attribute_dict = file:%h/dovecot-attributes
+protocol lmtp {
+ mail_plugins = </etc/dovecot/mail_plugins_lmtp
+ auth_socket_path = /var/run/dovecot/auth-master
+}
+protocol sieve {
+ managesieve_logout_format = bytes=%i/%o
+}
+plugin {
+ # Allow "any" or "authenticated" to be used in ACLs
+ acl_anyone = </etc/dovecot/acl_anyone
+ acl_shared_dict = file:/var/vmail/shared-mailboxes.db
+ acl = vfile
+ last_login_dict = </etc/dovecot/last_login
+ last_login_key = last-login/%s/%u
+ fts = solr
+ fts_autoindex = yes
+ fts_solr = url=http://solr:8983/solr/dovecot-fts/
+ quota = dict:Userquota::proxy::sqlquota
+ quota_rule2 = Trash:storage=+100%%
+ sieve = /var/vmail/sieve/%u.sieve
+ sieve_plugins = sieve_imapsieve sieve_extprograms
+ sieve_vacation_send_from_recipient = yes
+ sieve_redirect_envelope_from = recipient
+ # From elsewhere to Spam folder
+ imapsieve_mailbox1_name = Junk
+ imapsieve_mailbox1_causes = COPY
+ imapsieve_mailbox1_before = file:/usr/lib/dovecot/sieve/report-spam.sieve
+ # END
+ # From Spam folder to elsewhere
+ imapsieve_mailbox2_name = *
+ imapsieve_mailbox2_from = Junk
+ imapsieve_mailbox2_causes = COPY
+ imapsieve_mailbox2_before = file:/usr/lib/dovecot/sieve/report-ham.sieve
+ # END
+ quota_warning = storage=95%% quota-warning 95 %u
+ quota_warning2 = storage=80%% quota-warning 80 %u
+ sieve_pipe_bin_dir = /usr/lib/dovecot/sieve
+ sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+ sieve_extensions = +notify +imapflags +vacation-seconds +editheader
+ sieve_max_script_size = 1M
+ sieve_max_redirects = 100
+ sieve_max_actions = 101
+ sieve_quota_max_scripts = 0
+ sieve_quota_max_storage = 0
+ listescape_char = "\\"
+ sieve_vacation_min_period = 5s
+ sieve_vacation_max_period = 0
+ sieve_vacation_default_period = 60s
+ sieve_before = /var/vmail/sieve/global_sieve_before.sieve
+ sieve_before2 = dict:proxy::sieve_before;name=active;bindir=/var/vmail/sieve_before_bindir
+ sieve_after = dict:proxy::sieve_after;name=active;bindir=/var/vmail/sieve_after_bindir
+ sieve_after2 = /var/vmail/sieve/global_sieve_after.sieve
+ sieve_duplicate_default_period = 1m
+ sieve_duplicate_max_period = 7d
+ sieve_vacation_dont_check_recipient = yes
+
+ # -- Global keys
+ mail_crypt_global_private_key = </mail_crypt/ecprivkey.pem
+ mail_crypt_global_public_key = </mail_crypt/ecpubkey.pem
+ mail_crypt_save_version = 2
+
+ # Enable compression while saving, lz4 Dovecot v2.2.11+
+ zlib_save = lz4
+
+ mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
+ mail_log_fields = uid box msgid size
+ mail_log_cached_only = yes
+}
+service quota-warning {
+ executable = script /usr/local/bin/quota_notify.py
+ # use some unprivileged user for executing the quota warnings
+ user = vmail
+ unix_listener quota-warning {
+ user = vmail
+ }
+}
+dict {
+ sqlquota = mysql:/etc/dovecot/sql/dovecot-dict-sql-quota.conf
+ sieve_after = mysql:/etc/dovecot/sql/dovecot-dict-sql-sieve_after.conf
+ sieve_before = mysql:/etc/dovecot/sql/dovecot-dict-sql-sieve_before.conf
+}
+remote 127.0.0.1 {
+ disable_plaintext_auth = no
+}
+submission_host = postfix:588
+mail_max_userip_connections = 500
+service imap-postlogin {
+ executable = script-login /usr/local/bin/postlogin.sh
+ unix_listener imap-postlogin {
+ user = vmail
+ mode = 0660
+ }
+}
+service stats {
+ unix_listener stats-writer {
+ mode = 0660
+ user = vmail
+ }
+}
+imap_max_line_length = 2 M
+#auth_cache_verify_password_with_worker = yes
+#auth_cache_negative_ttl = 0
+#auth_cache_ttl = 30 s
+#auth_cache_size = 2 M
+service replicator {
+ process_min_avail = 1
+}
+service aggregator {
+ fifo_listener replication-notify-fifo {
+ user = vmail
+ }
+ unix_listener replication-notify {
+ user = vmail
+ }
+}
+service replicator {
+ unix_listener replicator-doveadm {
+ mode = 0666
+ }
+}
+replication_max_conns = 10
+doveadm_port = 12345
+replication_dsync_parameters = -d -l 30 -U -n INBOX
+!include_try /etc/dovecot/extra.conf
+!include_try /etc/dovecot/sogo-sso.conf
+!include_try /etc/dovecot/shared_namespace.conf
+default_client_limit = 10400
+default_vsz_limit = 1024 M
diff --git a/mailcow/src/mailcow-dockerized/data/conf/dovecot/global_sieve_after b/mailcow/src/mailcow-dockerized/data/conf/dovecot/global_sieve_after
new file mode 100644
index 0000000..cf12543
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/dovecot/global_sieve_after
@@ -0,0 +1,30 @@
+# global_sieve_after script
+# global_sieve_before -> user sieve_before (mailcow UI) -> user sieve_after (mailcow UI) -> global_sieve_after
+
+require "fileinto";
+require "mailbox";
+require "variables";
+require "subaddress";
+require "envelope";
+require "duplicate";
+
+if header :contains "X-Spam-Flag" "YES" {
+ fileinto "Junk";
+}
+
+if allof (
+ envelope :detail :matches "to" "*",
+ header :contains "X-Moo-Tag" "YES"
+ ) {
+ set :lower :upperfirst "tag" "${1}";
+ if mailboxexists "INBOX/${1}" {
+ fileinto "INBOX/${1}";
+ } else {
+ fileinto :create "INBOX/${tag}";
+ }
+}
+
+if duplicate {
+ discard;
+ stop;
+}
\ No newline at end of file
diff --git a/mailcow/src/mailcow-dockerized/data/conf/dovecot/global_sieve_before b/mailcow/src/mailcow-dockerized/data/conf/dovecot/global_sieve_before
new file mode 100644
index 0000000..e6a523d
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/dovecot/global_sieve_before
@@ -0,0 +1,2 @@
+# global_sieve_before script
+# global_sieve_before -> user sieve_before (mailcow UI) -> user sieve_after (mailcow UI) -> global_sieve_after
diff --git a/mailcow/src/mailcow-dockerized/data/conf/dovecot/ldap/passdb.conf b/mailcow/src/mailcow-dockerized/data/conf/dovecot/ldap/passdb.conf
new file mode 100644
index 0000000..12fc3c0
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/conf/dovecot/ldap/passdb.conf
@@ -0,0 +1,9 @@
+#hosts = 1.2.3.4
+#dn = cn=admin,dc=example,dc=local
+#dnpass = password
+#ldap_version = 3
+#base = ou=People,dc=example,dc=local
+#auth_bind = no
+#pass_filter = (&(objectClass=posixAccount)(mail=%u))
+#pass_attrs = mail=user,userPassword=password
+#default_pass_scheme = SSHA