# --------------------------------------------------------------------
# *** Please read this section before modifying this file ***
#
# Several of the keys and values within this file are modified by
# Apple's Server Admin application. Each key that is automatically
# modified by the Server Admin app is identified with a comment
# preceding the key with this note:
#
# Note: This key is managed by Server Admin. See above before making changes
#
# --------------------------------------------------------------------
#default_process_limit = 100
#default_client_limit = 1000
# Default VSZ (virtual memory size) limit for service processes. This is mainly
# intended to catch and kill processes that leak memory before they eat up
# everything.
#default_vsz_limit = 256M
# Login user is internally used by login processes. This is the most untrusted
# user in Dovecot system. It shouldn't have access to anything at all.
default_login_user = _dovenull
# Internal user is used by unprivileged processes. It should be separate from
# login user, so that login processes can't disturb other processes.
default_internal_user = _dovecot
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
# Number of connections to handle before starting a new process. Typically
# the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
# is faster. <doc/wiki/LoginProcess.txt>
service_count = 0
# Number of processes to always keep waiting for more connections.
#process_min_avail = 0
# If you set service_count=0, you probably need to grow this.
#vsz_limit = 64M
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
mode = 0600
}
# Create inet listener only if you can't use the above UNIX socket
#inet_listener lmtp {
# Avoid making LMTP visible for the entire internet
#address =
#port =
#}
}
service imap {
# Most of the memory goes to mmap()ing files. You may need to increase this
# limit if you have huge mailboxes.
#vsz_limit = 256M
# Max. number of IMAP processes (connections)
process_limit = 200
client_limit = 5
service_count = 0
}
service pop3 {
# Max. number of POP3 processes (connections)
process_limit = 200
client_limit = 5
service_count = 0
}
service auth {
# auth_socket_path points to this userdb socket by default. It's typically
# used by dovecot-lda, doveadm, possibly imap process, etc. Its default
# permissions make it readable only by root, but you may need to relax these
# permissions. Users that have access to this socket are able to get a list
# of all usernames and get results of everyone's userdb lookups.
unix_listener auth-userdb {
#mode = 0600
#user =
#group =
}
# Postfix smtp-auth
#unix_listener /Library/Server/Mail/Data/spool/private/auth {
# mode = 0666
#}
# Auth process is run as this user.
#user = $default_internal_user
# APPLE - keep auth alive for a while for the cache
idle_kill = 15m
# Allow access to keytab
extra_groups = _keytabusers
}
service auth-worker {
# Auth worker process is run as root by default, so that it can access
# /etc/shadow. If this isn't necessary, the user should be changed to
# $default_internal_user.
#user = root
}
service dict {
# If dict proxy is used, mail processes should have access to its socket.
# For example: mode=0660, group=vmail and global mail_access_groups=vmail
unix_listener dict {
#mode = 0600
#user =
#group =
}
}
service dns_client {
unix_listener dns-client {
mode = 0600
}
}