diff --git a/docker/imap/rootfs/etc/cyrus-backend.conf b/docker/imap/rootfs/etc/cyrus-backend.conf index 36bcad4c..a808e442 100644 --- a/docker/imap/rootfs/etc/cyrus-backend.conf +++ b/docker/imap/rootfs/etc/cyrus-backend.conf @@ -1,42 +1,42 @@ START { # do not delete this entry! recover cmd="ctl_cyrusdb -r" mupdatepush cmd="ctl_mboxlist -m" } SERVICES { http cmd="httpd" listen="http" proto="tcp" prefork=5 imap cmd="imapd" listen="imap" proto="tcp" prefork=5 - https cmd="httpd -s" listen="https" proto="tcp" prefork=5 - imaps cmd="imapd -s" listen="imaps" proto="tcp" prefork=1 + # https cmd="httpd -s" listen="https" proto="tcp" prefork=5 + # imaps cmd="imapd -s" listen="imaps" proto="tcp" prefork=1 sieve cmd="timsieved" listen="sieve" proto="tcp" prefork=0 lmtp cmd="lmtpd" listen="lmtp" proto="tcp" prefork=1 - lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1 + # lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1 syncserver cmd="sync_server" listen="csync" } EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period="39" # Expire deleted folders older than 28 days. deleteprune cmd="cyr_expire -E 4 -D 28" at="0400" # Expire deleted messages older than 28 days. expungeprune cmd="cyr_expire -E 4 -X 28" at="0132" # this is only necessary if caching TLS sessions tlsprune cmd="tls_prune" at="0400" # this is only necessary if using duplicate delivery suppression delprune cmd="cyr_expire -E 3" at="0400" } DAEMON { # this is only necessary if using idled for IMAP IDLE idled cmd="idled" } diff --git a/docker/imap/rootfs/etc/cyrus-frontend.conf b/docker/imap/rootfs/etc/cyrus-frontend.conf index 16842d35..7b614e7d 100644 --- a/docker/imap/rootfs/etc/cyrus-frontend.conf +++ b/docker/imap/rootfs/etc/cyrus-frontend.conf @@ -1,26 +1,25 @@ START { # do not delete this entry! recover cmd="ctl_cyrusdb -r" } SERVICES { mupdate cmd="mupdate" listen=3905 prefork=1 imap cmd="proxyd" listen="imap" proto="tcp" prefork=1 maxchild=4096 - imaps cmd="proxyd -s" listen="imaps" proto="tcp" prefork=1 maxchild=4096 + # imaps cmd="proxyd -s" listen="imaps" proto="tcp" prefork=1 maxchild=4096 http cmd="httpd" listen="http" prefork=0 - https cmd="httpd -s" listen="https" prefork=0 + # https cmd="httpd -s" listen="https" prefork=0 sieve cmd="timsieved" listen="sieve" proto="tcp" prefork=1 lmtp cmd="lmtpproxyd -a" listen="lmtp" proto="tcp" prefork=2 } EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period="30" # this is only necessary if caching TLS sessions tlsprune cmd="tls_prune" at="0400" - } diff --git a/docker/imap/rootfs/etc/imapd-backend.conf b/docker/imap/rootfs/etc/imapd-backend.conf index e5bc7d63..d15c169b 100644 --- a/docker/imap/rootfs/etc/imapd-backend.conf +++ b/docker/imap/rootfs/etc/imapd-backend.conf @@ -1,106 +1,104 @@ servername: imap-backend configdirectory: /var/lib/imap defaultpartition: default metapartition_files: annotations cache expunge header index partition-default: /var/spool/imap/ sievedir: /var/lib/imap/sieve annotation_definitions: /etc/imapd.annotations.conf autocreate_quota: 5242880 autocreate_inbox_folders: Drafts | Trash | Sent autocreate_subscribe_folders: Drafts | Trash | Sent # Set specialuse flags xlist-drafts: Drafts xlist-sent: Sent xlist-trash: Trash idlesocket: /var/lib/imap/socket/idle disable_shared_namespace: 0 disable_user_namespace: 0 duplicate_db_path: /run/cyrus/db/deliver.db mboxname_lockpath: /run/cyrus/lock proc_path: /run/cyrus/proc # Apparently does not work ##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db statuscache_db_path: /run/cyrus/db/statuscache.db temp_path: /tmp tls_sessions_db_path: /run/cyrus/db/tls_sessions.db sendmail: /usr/sbin/sendmail admins: IMAP_ADMIN_LOGIN sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN allowplaintext: yes lmtp_over_quota_perm_failure: 1 -#tls_server_cert: /etc/pki/tls/private/aphy.app.pem -#tls_server_key: /etc/pki/tls/private/aphy.app.pem -#tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert +# tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem +# tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem +# tls_server_ca_file: /etc/pki/tls/certs/cyrus-imapd.ca.cert -tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem -tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem +# tls_client_certs: off -tls_client_certs: off +# tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES -tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES +# tls_prefer_server_ciphers: 1 +# tls_versions: tls1_3 -tls_prefer_server_ciphers: 1 -tls_versions: tls1_3 maxlogins_per_user: 50 proxyd_disable_mailbox_referrals: 0 httpmodules: caldav carddav domainkey freebusy ischedule rss webdav unixhierarchysep: 1 virtdomains: userid sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date allowallsubscribe: 0 anyoneuseracl: 0 allowusermoves: 1 altnamespace: 1 disconnect_on_vanished_mailbox: 1 hashimapspool: 1 anysievefolder: 1 fulldirhash: 0 sieve_maxscripts: 150 sieve_maxscriptsize: 128 sieveusehomedir: 0 sieve_allowreferrals: 0 sieve_utf8fileinto: 1 lmtp_downcase_rcpt: 1 lmtp_fuzzy_mailbox_match: 1 username_tolower: 1 deletedprefix: DELETED delete_mode: delayed expunge_mode: delayed postuser: shared tcp_keepalive: 1 syslog_prefix: cyrus-imapd calendar_default_displayname: test addressbook_default_displayname: test # mupdate is enabled mupdate_config: standard mupdate_server: imap-mupdate mupdate_port: 3905 mupdate_authname: IMAP_ADMIN_LOGIN mupdate_username: IMAP_ADMIN_LOGIN mupdate_password: IMAP_ADMIN_PASSWORD # proxy authentication for these users proxyservers: IMAP_ADMIN_LOGIN # sync is enabled #sync_try_imap: 0 #sync_log_chain: false #sync_authname: cyrus #sync_password: simple123 #sync_log: 1 #sync_repeat_interval: 10 #sync_shutdown_file: /var/lib/imap/sync_shutdown