|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
diff -up dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf.default-settings dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
--- dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf.default-settings 2018-02-28 15:28:57.000000000 +0100
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
+++ dovecot-2.3.0.1/doc/example-config/conf.d/10-mail.conf 2018-03-01 10:29:38.208368555 +0100
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
@@ -322,6 +322,7 @@ protocol !indexer-worker {
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
# them simultaneously.
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
#mbox_read_locks = fcntl
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
#mbox_write_locks = dotlock fcntl
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
+mbox_write_locks = fcntl
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
# Maximum time to wait for lock (all of them) before aborting.
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
08701bf |
#mbox_lock_timeout = 5 mins
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
diff -up dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf.default-settings dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
--- dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf.default-settings 2018-02-28 15:28:57.000000000 +0100
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
+++ dovecot-2.3.0.1/doc/example-config/conf.d/10-ssl.conf 2018-03-01 10:33:54.779499044 +0100
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
@@ -3,7 +3,9 @@
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
##
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
-#ssl = yes
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
+# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
+# plain imap and pop3 are still allowed for local connections
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
+ssl = required
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
31231a5 |
# dropping root privileges, so keep the key file unreadable by anyone but
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
@@ -57,6 +59,7 @@ ssl_key =
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
#ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
# To disable non-EC DH, use:
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
#ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
f874d6b |
+ssl_cipher_list = PROFILE=SYSTEM
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
e8c10d3 |
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
# Colon separated list of elliptic curves to use. Empty value (the default)
|
|
![](https://seccdn.libravatar.org/avatar/61a12734645841e91723eabc6bd107c284a53a31f5e482f6ca304be5cbc5209c?s=16&d=retro) |
88a20bf |
# means use the defaults from the SSL library. P-521:P-384:P-256 would be an
|