: Log in!

メインメニュー
Google


ウェブ 検索
サイト内検索
トップ  >  Linux09歩  >  2009-07-10 dovecotのupgrade

20090710 dovecot-1.2.0にupgradeしました

dovecot-example.confの変更


diff -ur dovecot1116/dovecot-example.conf dovecot120/dovecot-example.conf
--- dovecot1116/dovecot-example.conf 2009-06-05 04:48:18.000000000 +0900
+++ dovecot120/dovecot-example.conf 2009-07-04 06:46:44.000000000 +0900
@@ -85,8 +85,8 @@
# setting if not specified.
#ssl_listen =

-# Disable SSL/TLS support.
-#ssl_disable = no
+# SSL/TLS support: yes, no, required.
+#ssl = yes

# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
@@ -177,6 +177,12 @@
# Greeting message for clients.
#login_greeting = Dovecot ready.

+# Space separated list of trusted network ranges. Connections from these
+# IPs are allowed to override their IP addresses and ports (for logging and
+# for authentication checks). disable_plaintext_auth is also ignored for
+# these networks. Typically you'd specify your IMAP proxy servers here.
+#login_trusted_networks =
+
# Space-separated list of elements we want to log. The elements which have
# a non-empty variable value are joined together to form a comma-separated
# string.
@@ -220,11 +226,13 @@
# If you need to set multiple mailbox locations or want to change default
# namespace settings, you can do it by defining namespace sections.
#
-# You can have private, shared and public namespaces. The only difference
-# between them is how Dovecot announces them to client via NAMESPACE
-# extension. Shared namespaces are meant for user-owned mailboxes which are
-# shared to other users, while public namespaces are for more globally
-# accessible mailboxes.
+# You can have private, shared and public namespaces. Private namespaces
+# are for user's personal mails. Shared namespaces are for accessing other
+# users' mailboxes that have been shared. Public namespaces are for shared
+# mailboxes that are managed by sysadmin. If you create any shared or public
+# namespaces you'll typically want to enable ACL plugin also, otherwise all
+# users can access all the shared mailboxes, assuming they have permissions
+# on filesystem level to do so.
#
# REMEMBER: If you add any namespaces, the default namespace must be added
# explicitly, ie. mail_location does nothing unless you have a namespace
@@ -257,6 +265,7 @@

# Show the mailboxes under this namespace with LIST command. This makes the
# namespace visible for clients that don't support NAMESPACE extension.
+ # "children" value lists child mailboxes, but hides the namespace prefix.
#list = yes

# Namespace handles its own subscriptions. If set to "no", the parent
@@ -264,6 +273,26 @@
#subscriptions = yes
#}

+# Example shared namespace configuration
+#namespace shared {
+ #separator = /
+
+ # Mailboxes are visible under "shared/user@domain/"
+ # %%n, %%d and %%u are expanded to the destination user.
+ #prefix = shared/%%u/
+
+ # Mail location for other users' mailboxes. Note that %variables and ~/
+ # expands to the logged in user's data. %%n, %%d, %%u and %%h expand to the
+ # destination user's data.
+ #location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
+
+ # Use the default namespace for saving subscriptions.
+ #subscriptions = no
+
+ # List the shared/ namespace only if there are visible shared mailboxes.
+ #list = children
+#}
+
# System user and group used to access mails. If you use multiple, userdb
# can override these by returning uid or gid fields. You can use either numbers
# or names.
@@ -430,6 +459,10 @@
# NOTE: This setting requires maildir_copy_with_hardlinks = yes to work.
#maildir_copy_preserve_filename = no

+# Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only
+# when its mtime changes unexpectedly or when we can't find the mail otherwise.
+#maildir_very_dirty_syncs = no
+
##
## mbox-specific settings
##
@@ -509,8 +542,9 @@
# IMAP executable location. Changing this allows you to execute other
# binaries before the imap process is executed.
#
- # This would write rawlogs into ~/dovecot.rawlog/ directory:
+ # This would write rawlogs into user's ~/dovecot.rawlog/, if it exists:
# mail_executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap
+ #
#
# This would attach gdb into the imap process and write backtraces into
# /tmp/gdbhelper.* files:
@@ -532,11 +566,6 @@
#mail_plugins =
#mail_plugin_dir = /usr/lib/dovecot/imap

- # Send IMAP capabilities in greeting message. This makes it unnecessary for
- # clients to request it with CAPABILITY command, so it saves one round-trip.
- # Many clients however don't understand it and ask the CAPABILITY anyway.
- #login_greeting_capability = no
-
# IMAP logout format string:
# %i - total number of bytes read from client
# %o - total number of bytes sent to client
@@ -545,6 +574,18 @@
# Override the IMAP CAPABILITY response.
#imap_capability =

+ # How many seconds to wait between "OK Still here" notifications when
+ # client is IDLEing.
+ #imap_idle_notify_interval = 120
+
+ # ID field names and values to send to clients. Using * as the value makes
+ # Dovecot use the default value. The following fields have default values
+ # currently: name, version, os, os-version, support-url, support-email.
+ #imap_id_send =
+
+ # ID fields sent by client to log. * means everything.
+ #imap_id_log =
+
# Workarounds for various client bugs:
# delay-newmail:
# Send EXISTS/RECENT new mail notifications only when replying to NOOP
@@ -683,7 +724,7 @@

# Subject: header to use for rejection mails. You can use the same variables
# as for rejection_reason below.
- #rejection_subject = Automatically rejected mail
+ #rejection_subject = Rejected: %s

# Human readable error message for rejection mails. You can use variables:
# %n = CRLF, %r = reason, %s = original subject, %t = recipient
@@ -713,7 +754,8 @@
# user's previous authentication was successful, but this one wasn't, the
# cache isn't used. For now this works only with plaintext authentication.
#auth_cache_ttl = 3600
-# TTL for negative hits (user not found). 0 disables caching them completely.
+# TTL for negative hits (user not found, password mismatch).
+# 0 disables caching them completely.
#auth_cache_negative_ttl = 3600

# Space separated list of realms for SASL authentication mechanisms that need
@@ -754,8 +796,7 @@
# Username to use for users logging in with ANONYMOUS SASL mechanism
#auth_anonymous_username = anonymous

-# More verbose logging. Useful for figuring out why authentication isn't
-# working.
+# Log unsuccessful authentication attempts and the reasons why they failed.
#auth_verbose = no

# Even more verbose logging for debugging purposes. Shows for example SQL
@@ -771,21 +812,17 @@
# automatically created and destroyed as needed.
#auth_worker_max_count = 30

-# Number of auth requests to handle before destroying the process. This may
-# be useful if PAM plugins leak memory.
-#auth_worker_max_request_count = 0
-
# Host name to use in GSSAPI principal names. The default is to use the
-# name returned by gethostname().
+# name returned by gethostname(). Use "$ALL" to allow all keytab entries.
#auth_gssapi_hostname =

# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
# default (usually /étc/krb5.keytab) if not specified.
#auth_krb5_keytab =

-# Do NTLM authentication using Samba's winbind daemon and ntlm_auth helper.
-#
-#auth_ntlm_use_winbind = no
+# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
+# ntlm_auth helper.
+#auth_use_winbind = no

# Path for Samba's ntlm_auth helper binary.
#auth_winbind_helper_path = /usr/bin/ntlm_auth
@@ -832,7 +869,7 @@
# REMEMBER: You'll need /étc/pam.d/dovecot file created for PAM
# authentication to actually work.
passdb pam {
- # [session=yes] [setcred=yes] [failure_show_msg=yes]
+ # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=]
# [cache_key=] []
#
# session=yes makes Dovecot open and immediately close PAM session. Some
@@ -842,12 +879,16 @@
# need that. They aren't ever deleted though, so this isn't enabled by
# default.
#
+ # max_requests specifies how many PAM lookups to do in one process before
+ # recreating the process. The default is 100, because many PAM plugins
+ # leak memory.
+ #
# cache_key can be used to enable authentication caching for PAM
# (auth_cache_size also needs to be set). It isn't enabled by default
# because PAM modules can do all kinds of checks besides checking password,
# such as checking IP address. Dovecot can't know about these checks
# without some help. cache_key is simply a list of variables (see
- # ) which must match for the cached data to be used.
+ # doc/wiki/Variables.txt) which must match for the cached data to be used.
# Here are some examples:
# %u - Username must match. Probably sufficient for most uses.
# %u%r - Username and remote IP address must match.
@@ -895,7 +936,7 @@

# checkpassword executable authentication
# NOTE: You will probably want to use "userdb prefetch" with this.
- #
+ #
#passdb checkpassword {
# Path for checkpassword binary
#args =
@@ -955,6 +996,13 @@
#args =
#}

+ # checkpassword executable user database lookup
+ #
+ #userdb checkpassword {
+ # Path for checkpassword binary
+ #args =
+ #}
+
# static settings generated from template
#userdb static {
# Template for the fields. Can return anything a userdb could normally
@@ -1112,6 +1160,10 @@
# to see if it changed.
#acl = vfile:/étc/dovecot-acls:cache_secs=300

+ # To let users LIST mailboxes shared by other users, Dovecot needs a
+ # shared mailbox dictionary. For example:
+ #acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
+
# Convert plugin. If set, specifies the source storage path which is
# converted to destination storage (mail_location) when the user logs in.
# The existing mail directory is renamed to -converted.
@@ -1148,11 +1200,11 @@
# and they're not deleted automatically (use a cronjob or something).
#lazy_expunge = .EXPUNGED/ .DELETED/ .DELETED/.EXPUNGED/

- # Events to log. Default is all.
+ # Events to log. Also available: flag_change append
#mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
# Group events within a transaction to one line.
- #mail_log_group_events =
- # Available fields: uid, box, msgid, size, vsize
+ #mail_log_group_events = no
+ # Available fields: uid, box, msgid, from, subject, size, vsize, flags
# size and vsize are available only for expunge and copy events.
#mail_log_fields = uid box msgid size
}


Upgrading/1.2


Upgrading Dovecot v1.1 to v1.2

* SQL dictionary (quota, expire plugin) configuration file is
different than in v1.1.
See doc/dovecot-dict-sql-example.conf or Quota/Dict for the new format.
* When creating files or directories to mailboxes, Dovecot now uses
the mailbox directory's permissions and GID for them.
Previous versions simply used 0600 mode always, so you should check
the directories' permissions to make sure they're strict enough.
For backwards compatibility dovecot-shared file's permissions
still override these with Maildir.

Authentication:

* system_user userdb extra field was renamed to system_groups_user
to better describe its functionality.

Settings:

* Renamed ssl_disable=yes to ssl=no.
* Renamed auth_ntlm_use_winbind to auth_use_winbind, which also determines
if GSS-SPNEGO is handled by GSSAPI or winbind.
* Removed login_greeting_capability. The capabilities are now always sent
(Lemonade requires this and it's not that much extra traffic).
* Removed auth_worker_max_request_count. It was useful only with PAM,
so it can now be specified in passdb pam { args = max_requests=n } .
The default is 100.
* Removed umask. It wasn't really used anywhere anymore.


投票数:51 平均点:4.31
前
2009-07-06 sambaのupdate
カテゴリートップ
Linux09歩
次
2009-07-10 postfixのupgrade