diff --git a/data/settings.js b/data/settings.js index 1fff94cf7..a6b97a596 100644 --- a/data/settings.js +++ b/data/settings.js @@ -487,7 +487,7 @@ will generally not be useful.` managesieve_notify_capability: { tags: [ 'managesieve', 'sieve' ], - default: '', + default: '\\', values: setting_types.STRING, advanced: true, text: ` @@ -630,7 +630,7 @@ would be when no discard script is configured.` sieve_extensions: { tags: [ 'sieve' ], plugin: 'sieve', - default: '', + default: '\\', values: setting_types.STRING, text: ` The Sieve language extensions available to users. @@ -1830,9 +1830,8 @@ See the \`decode2text.sh\` script included in Dovecot for how to use this. Example: \`\`\` -plugin { - fts_decoder = decode2text -} +fts_decoder_driver = script +fts_decoder_script_socket_path = decode2text service decode2text { executable = script /usr/lib/dovecot/decode2text.sh @@ -2002,7 +2001,7 @@ fts_decoder_tika_url = http://tikahost:9998/tika/ textcat_config_path: { plugin: 'fts', - default: '', + default: '\\', values: setting_types.STRING, seealso: [ 'language' ], text: ` @@ -2025,7 +2024,7 @@ textcat_config_path = /usr/share/libexttextcat/fpdb.conf language: { plugin: 'fts', - default: '', + default: '\\', values: setting_types.NAMED_LIST_FILTER, dependencies: [ 'language_default' ], seealso: [ 'textcat_config_path', '[[link,fts_tokenization]]' ], @@ -2079,9 +2078,6 @@ Exactly one language must be marked with this flag.` text: ` The list of filters to apply. -Language specific filter chains can be specified with -\`language_filters_\` (e.g. \`language_filters_en\`). - See [[link,fts_filter_configuration]] for configuration information.` }, @@ -2096,9 +2092,6 @@ See [[link,fts_filter_configuration]] for configuration information.` text: ` The list of tokenizers to use. -This setting can be overridden for specific tokenizers by using -\`language_tokenizer_\` (e.g. \`language_tokenizer_generic\`). - See [[link,fts_tokenizer_configuration]] for configuration information.` }, @@ -2364,23 +2357,17 @@ fts_solr_batch_size = 1000 /* imap-acl plugin */ - acl_anyone: { + imap_acl_allow_anyone: { plugin: 'imap-acl', - values: setting_types.ENUM, - values_enum: [ 'allow' ], + values: setting_types.BOOLEAN, + default: 'no', text: ` -Users who have different set of keys cannot share mails when the mails are -encrypted, but sharing is possible within the scope of a key. - By default Dovecot doesn't allow using the IMAP \`anyone\` or \`authenticated\` identifier, because it would be an easy way to spam -other users in the system. If you wish to allow it, set: +other users in the system. -\`\`\` -plugin { - acl_anyone = allow -} -\`\`\`` +If [[plugin,mail-crypt]] is used, users who have different set of encryption +keys cannot share mails, but sharing is possible within the scope of a key.` }, /* last-login plugin */ @@ -2404,7 +2391,7 @@ last_login { }, last_login_key: { - default: 'last-login/%u', + default: 'last-login/%{user}', plugin: 'last-login', values: setting_types.STRING, text: ` @@ -2760,8 +2747,11 @@ The URI of the dictionary to use. This MUST be set for the plugin to be active. See [[link,dict]] for how to configure dictionaries. \`\`\` -plugin { - notify_status_dict = proxy:dict-async:notify_status +notify_status { + dict proxy { + name = notify_status + socket_path = dict-async + } } \`\`\`` }, @@ -4171,7 +4161,7 @@ This setting doesn't affect internal failures. See }, auth_gssapi_hostname: { - default: '', + default: '\\', values: setting_types.STRING, text: ` This supplies the hostname to use in Generic Security Services API @@ -4197,7 +4187,7 @@ immediate retries.` }, auth_krb5_keytab: { - default: '', + default: '\\', values: setting_types.STRING, text: ` This specifies the Kerberos keytab to use for the GSSAPI mechanism. @@ -4478,7 +4468,7 @@ If you want to allow all characters, leave the value empty.` }, auth_username_format: { - default: '%Lu', + default: '%{user | lower}', values: setting_types.STRING, text: ` Formatting applied to username before querying the auth database. @@ -4487,9 +4477,9 @@ You can use the standard variables here. Examples: -- \`%Lu\`: Lowercases the username -- \`%n\`: Drops the domain if one was supplied -- \`%n-AT-%d\`: Changes the "@" symbol into "-AT-" before lookup +- \`%{user | lower}\`: Lowercases the username +- \`%{user | username}\`: Drops the domain if one was supplied +- \`%{user | username}-AT-%{user | domain}\`: Changes the "@" symbol into "-AT-" before lookup This translation is done after the changes specified with the [[setting,auth_username_translation]] setting.` @@ -4641,31 +4631,31 @@ service-specific configuration.` }, deliver_log_format: { - default: 'msgid=%m: %$', + default: 'msgid=%{msgid}: %{message}', values: setting_types.STRING_NOVAR, text: ` The format to use for logging mail deliveries. Variables that can be used for this setting (see [[variable,global]]): -| Variable Name | Short Form | Description | -| ------------- | ---------- | ----------- | -| \`%$\` | | Delivery status message (e.g., saved to INBOX) | -| \`%{msgid}\` | \`%m\` | Message-ID | -| \`%{subject}\` | \`%s\` | Subject | -| \`%{from}\` | \`%f\` | From address | -| \`%{from_envelope}\` | \`%e\` | SMTP FROM envelope | -| \`%{size}\` | \`%p\` | Physical size | -| \`%{vsize}\` | \`%w\` | Virtual size | -| \`%{to_envelope}\` | | RCPT TO envelope | -| \`%{delivery_time}\` | | How many milliseconds to deliver the mail | -| \`%{session_time}\` | | LMTP session duration, not including \`%{delivery_time}\` | -| \`%{storage_id}\` | | Backend-specific ID for mail, e.g. Maildir filename | +| Variable Name | Description | +| ------------- | ----------- | +| \`%{message}\` | Delivery status message (e.g., saved to INBOX) | +| \`%{msgid}\` | | Message-ID | +| \`%{subject}\` | Subject | +| \`%{from}\` | From address | +| \`%{from_envelope}\` | SMTP FROM envelope | +| \`%{size}\` | Physical size | +| \`%{vsize}\` | Virtual size | +| \`%{to_envelope}\` | RCPT TO envelope | +| \`%{delivery_time}\` | How many milliseconds to deliver the mail | +| \`%{session_time}\` | LMTP session duration, not including \`%{delivery_time}\` | +| \`%{storage_id}\` | Backend-specific ID for mail, e.g. Maildir filename | Example: \`\`\` -deliver_log_format = stime=%{session_time} msgid=%m: %$ +deliver_log_format = stime=%{session_time} msgid=%{msgid}: %{message} \`\`\`` }, @@ -4700,7 +4690,7 @@ Name of the dict. The [[setting,dict_driver]] setting defaults to this.` dict_driver: { tags: [ 'dict' ], values: setting_types.STRING, - default: '', + default: '\\', text: ` The dict driver to use. Defaults to [[setting,dict_name]].` }, @@ -5385,7 +5375,7 @@ for HAProxy are aborted immediately.` }, hostname: { - default: '', + default: '\\', tags: [ 'submission' ], values: setting_types.STRING, text: ` @@ -5989,20 +5979,6 @@ The following values are currently supported: to be grayed out.` }, - 'imap_compress__level': { - default: '', - tags: ['imap'], - values: setting_types.UINT, - text: ` -Defines the compression level for the given algorithm. - -Per [[rfc,4978]], only the deflate algorithm is currently supported. - -| Algorithm | Minimum | Default | Maximum | -| --------- | ------- | ------- | ------- | -| \`deflate\` | 0 (no compression) | 6 | 9 |` - }, - imap_fetch_failure: { default: 'disconnect-immediately', tags: [ 'imap' ], @@ -6095,26 +6071,26 @@ when the client is in IDLE operation.` }, imap_logout_format: { - default: 'in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}', + default: 'in=%{input} out=%{output} deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}', tags: [ 'imap' ], values: setting_types.STRING_NOVAR, text: ` This setting specifies the IMAP logout format string. Supported variables, in addition to [[variable,mail-user]] are: -| Variable Name | Short Form | Description | -| ------------- | ---------- | ----------- | -| \`%{input}\` | \`%i\` | Total number of bytes read from client | -| \`%{output}\` | \`%o\` | Total number of bytes sent to client | -| \`%{fetch_hdr_count}\` | | Number of mails with mail header data sent to client | -| \`%{fetch_hdr_bytes}\` | | Number of bytes with mail header data sent to client | -| \`%{fetch_body_count}\` | | Number of mails with mail body data sent to client | -| \`%{fetch_body_bytes}\` | | Number of bytes with mail body data sent to client | -| \`%{deleted}\` | | Number of mails where client added \Deleted flag | -| \`%{expunged}\` | | Number of mails that client expunged, which does not include automatically expunged mails | -| \`%{autoexpunged}\` | | Number of mails that were automatically expunged after client disconnected | -| \`%{trashed}\` | | Number of mails that client copied/moved to the special_use=\Trash mailbox. | -| \`%{appended}\` | | Number of mails saved during the session |` +| Variable Name | Description | +| ------------- | ----------- | +| \`%{input}\` | Total number of bytes read from client | +| \`%{output}\` | Total number of bytes sent to client | +| \`%{fetch_hdr_count}\` | Number of mails with mail header data sent to client | +| \`%{fetch_hdr_bytes}\` | Number of bytes with mail header data sent to client | +| \`%{fetch_body_count}\` | Number of mails with mail body data sent to client | +| \`%{fetch_body_bytes}\` | Number of bytes with mail body data sent to client | +| \`%{deleted}\` | Number of mails where client added \Deleted flag | +| \`%{expunged}\` | Number of mails that client expunged, which does not include automatically expunged mails | +| \`%{autoexpunged}\` | Number of mails that were automatically expunged after client disconnected | +| \`%{trashed}\` | Number of mails that client copied/moved to the special_use=\Trash mailbox. | +| \`%{appended}\` | Number of mails saved during the session |` }, imap_max_line_length: { @@ -6147,7 +6123,7 @@ Example: # Store METADATA information within user's Maildir directory mail_attribute { dict file { - path = %h/Maildir/dovecot-attributes + path = %{home}/Maildir/dovecot-attributes } } @@ -6180,7 +6156,7 @@ be active. }, imap_urlauth_logout_format: { - default: 'in=%i out=%o', + default: 'in=%{input} out=%{output}', seealso: [ 'imap_urlauth_host' ], tags: [ 'imap' ], values: setting_types.STRING_NOVAR, @@ -6196,8 +6172,8 @@ Variables allowed: | Name | Description | | ---- | ----------- | -| \`%i\` | Total number of bytes read from the client | -| \`%o\` | Total number of bytes sent to the client |` +| \`%{input}\` | Total number of bytes read from the client | +| \`%{output}\` | Total number of bytes sent to the client |` }, imap_urlauth_port: { @@ -6427,7 +6403,7 @@ following configuration should be employed, where the credentials are represented by masteruser and masteruser-secret: \`\`\` -imapc_user = %u +imapc_user = %{user} imapc_master_user = masteruser imapc_password = masteruser-secret \`\`\` @@ -6987,7 +6963,7 @@ Variables allowed: }, login_log_format: { - default: '%$: %s', + default: '%{message}: %{elements}', values: setting_types.STRING_NOVAR, text: ` The formatting of login log messages. @@ -6996,12 +6972,12 @@ Variables allowed (in addition to [[variable,global]]): | Variable Name | Description | | ------------- | ----------- | -| \`%s\` | A [[setting,login_log_format_elements]] string | -| \`%$\` | The log data |` +| \`%{elements}\` | A [[setting,login_log_format_elements]] string | +| \`%{message}\` | The log data |` }, login_log_format_elements: { - default: 'user=<%u> method=%m rip=%r lip=%l mpid=%e %c session=<%{session}>', + default: 'user=<%{user}> method=%{mechanism} rip=%{remote_ip} lip=%{local_ip} mpid=%{mail_pid} %{secured} session=<%{session}>', // TODO: Provide join example values: setting_types.STRING_NOVAR, text: ` @@ -7313,7 +7289,7 @@ Example: \`\`\` mail_attribute { dict file { - path = %h/dovecot-attributes + path = %{home}/dovecot-attributes } } \`\`\`` @@ -7423,7 +7399,7 @@ The following example is one option when home is in \`/var/vmail/domain/user/\` and mails are in \`/var/vmail/domain/user/mail/\`: \`\`\`[dovecot.conf] -mail_home = /var/vmail/%d/%n +mail_home = /var/vmail/%{user | domain}/%{user | username} mail_path = ~/mail \`\`\` @@ -7431,7 +7407,7 @@ mail_path = ~/mail }, mail_log_prefix: { - default: '%s(%u)\<%{process:pid}\>\<%{session}\>', + default: '%{service}(%{user})<%{process:pid}><%{session}>: ', values: setting_types.STRING, text: ` You can specify a log prefix for mail processes here. @@ -7724,7 +7700,7 @@ automatically.` mail_path: { tags: [ 'mail-location' ], values: setting_types.STRING, - default: '', + default: '\\', seealso: [ '[[link,settings_variables_mail_user_variables]]', '[[link,home_directories_for_virtual_users]]', @@ -7764,7 +7740,7 @@ This can also be used to specify a different INBOX path with Maildir: mail_index_path: { tags: [ 'mail-location' ], values: setting_types.STRING, - default: '', + default: '\\', seealso: [ '[[link,design_indexes_index_format]]', '[[link,mail_location_index_files]]', @@ -7785,7 +7761,7 @@ The private index files are used with shared mailboxes to provide private mail_cache_path: { tags: [ 'mail-location' ], values: setting_types.STRING, - default: '', text: ` Place \`dovecot.index.cache\` files to this directory instead of among the other index files. This may be used as an optimization to split most index @@ -7860,7 +7836,7 @@ Specifies the filename used for storing mailbox subscriptions.` mailbox_directory_name: { tags: [ 'mail-location' ], values: setting_types.STRING, - default: '', seealso: [ 'mail_driver', 'mailbox_directory_name_legacy' ], text: ` Specifies the directory name used for mailbox, index, and control directory @@ -8235,7 +8211,7 @@ The maximum time to wait for all locks to be released before aborting.` advanced: true, text: ` The mail-header selection algorithm to use for MD5 POP3 UIDLs when the -setting [[setting,pop3_uidl_format,%m]] is applied.` +setting [[setting,pop3_uidl_format,%{md5}]] is applied.` }, mbox_min_index_size: { @@ -8972,7 +8948,7 @@ Username attribute in response.` oauth2_username_validation_format: { tags: [ 'oauth2' ], values: setting_types.STRING, - default: '%u', + default: '%{user}', seealso: [ 'oauth2_username_attribute' ], text: ` Normalization for oauth2 provided username, this setting is normally not @@ -9460,7 +9436,7 @@ If enabled, only one POP3 session may exist for any single user.` }, pop3_logout_format: { - default: 'top=%t/%p retr=%r/%b del=%d/%m size=%s', + default: 'top=%{top_count}/%{top_bytes}, retr=%{retr_count}/%{retr_bytes}, del=%{deleted_count}/%{deleted_bytes}, size=%{message_bytes}', tags: [ 'pop3' ], values: setting_types.STRING_NOVAR, text: ` @@ -9468,19 +9444,19 @@ The string to display to the client on POP3 logout (informational only). Variables available (in addition to [[variable,mail-user]]): -| Variable Name | Short Form | Description | -| ------------- | ---------- | ----------- | -| \`%{input}\` | \`%i\` | Bytes read from the client | -| \`%{output}\` | \`%o\` | Bytes sent to the client | -| \`%{top_count}\` | \`%t\` | Number of TOP commands run | -| \`%{top_bytes}\` | \`%p\` | Bytes sent to the client because of TOP commands | -| \`%{retr_count}\` | \`%r\` | Number of RETR commands run | -| \`%{retr_bytes}\` | \`%b\` | Bytes sent to the client because of RETR commands | -| \`%{deleted_count}\` | \`%d\` | Number of deleted messages | -| \`%{deleted_bytes}\` | | Number of bytes in deleted messages | -| \`%{message_count}\` | \`%m\` | Number of messages before deletion | -| \`%{message_bytes}\` | \`%s\` | Mailbox size, in bytes, before deletion | -| \`%{uidl_change}\` | \`%u\` | The old and the new UIDL hash (which can be useful for identifying unexpected changes in UIDLs) |` +| Variable Name | Description | +| ------------- | ----------- | +| \`%{input}\` | Bytes read from the client | +| \`%{output}\` | Bytes sent to the client | +| \`%{top_count}\` | Number of TOP commands run | +| \`%{top_bytes}\` | Bytes sent to the client because of TOP commands | +| \`%{retr_count}\` | Number of RETR commands run | +| \`%{retr_bytes}\` | Bytes sent to the client because of RETR commands | +| \`%{deleted_count}\` | Number of deleted messages | +| \`%{deleted_bytes}\` | Number of bytes in deleted messages | +| \`%{message_count}\` | Number of messages before deletion | +| \`%{message_bytes}\` | Mailbox size, in bytes, before deletion | +| \`%{uidl_change}\` | The old and the new UIDL hash (which can be useful for identifying unexpected changes in UIDLs) |` }, pop3_no_flag_updates: { @@ -9529,23 +9505,23 @@ Options: }, pop3_uidl_format: { - default: '%08Xu%08Xv', + default: '%{uid | hex(8)}%{uidvalidity | hex(8)}', tags: [ 'pop3' ], values: setting_types.STRING_NOVAR, text: ` The POP3 unique mail identifier (UIDL) format to use. The following variables can be used in combination with the -standard variable modifiers (e.g., \`%Uf\` supplies the filename in uppercase) -and with [[variable,global]]: +standard variable filters (e.g., \`%{filename | upper}\` supplies the filename +in uppercase) and with [[variable,global]]: -| Variable Name | Short Form | Description | -| ------------- | ---------- | ----------- | -| \`%{uidvalidity}\` | \`%v\` | Mailbox's IMAP UIDVALIDITY value | -| \`%{uid}\` | \`%u\` | IMAP UID associated with the message | -| \`%{md5}\` | \`%m\` | MD5 sum of the mailbox headers in hex ([[link,mbox]] only) | -| \`%{filename}\` | \`%f\` | Filename ([[link,maildir]] only) | -| \`%{guid}\` | \`%g\`| Dovecot GUID for the message |` +| Variable Name | Description | +| ------------- | ----------- | +| \`%{uidvalidity}\` | Mailbox's IMAP UIDVALIDITY value | +| \`%{uid}\` | IMAP UID associated with the message | +| \`%{md5}\` | MD5 sum of the mailbox headers in hex ([[link,mbox]] only) | +| \`%{filename}\` | Filename ([[link,maildir]] only) | +| \`%{guid}\` | Dovecot GUID for the message |` }, pop3c_features: { @@ -9578,7 +9554,7 @@ following configuration should be employed, where the credentials are represented by masteruser and masteruser-secret: \`\`\` -pop3c_user = %u +pop3c_user = %{user} pop3c_master_user = masteruser pop3c_password = masteruser-secret \`\`\` @@ -9649,7 +9625,7 @@ Only used if [[setting,pop3c_ssl]] is enabled.` }, pop3c_user: { - default: '%u', + default: '%{user}', tags: [ 'pop3c' ], seealso: [ 'pop3c_master_user', 'pop3c_password' ], values: setting_types.STRING, @@ -9661,13 +9637,13 @@ POP3 server. }, postmaster_address: { - default: 'postmaster@%{if;%d;ne;;%d;%{hostname}}', + default: 'postmaster@%{user|domain|default(hostname)}', tags: [ 'lda', 'lmtp' ], values: setting_types.STRING, text: ` The From address from which email rejection messages (bounces) are sent. -As used here, the variable \`%d\` expands to the domain of the local user. +As used here, \`%{user | domain}\` expands to the domain of the local user. Other [[variable,mail-user]] can be used as well.` }, @@ -9733,9 +9709,9 @@ Example: \`\`\` protocol imap { - rawlog_dir = /tmp/rawlog/%u + rawlog_dir = /tmp/rawlog/%{user} # if you want to put files into user's homedir, use this, do not use ~ - #rawlog_dir = %h/rawlog + #rawlog_dir = %{home}/rawlog } \`\`\`` }, @@ -9748,7 +9724,7 @@ protocol imap { }, rejection_reason: { - default: 'Your message to \<%t\> was automatically rejected:%n%r', + default: 'Your message to <%{to}> was automatically rejected:%{literal(\'\\r\\n\')}%{reason}', tags: [ 'lda', 'lmtp' ], values: setting_types.STRING_NOVAR, text: ` @@ -9756,19 +9732,18 @@ A human-readable message for the recipients of bounce messages. The following variables are allowed, including [[variable,global]]: -| Variable Name | Short Form | Description | -| ------------- | ---------- | ----------- | -| \`%{crlf}\` | \`%n\` | Newline (CRLF) | -| \`%{reason}\` | \`%r\` | Reason for rejection | -| \`%{subject}\` | \`%s\` | Original subject line | -| \`%{to}\` | \`%t\` | Recipient address | +| Variable Name | Description | +| ------------- | ----------- | +| \`%{reason}\` | Reason for rejection | +| \`%{subject}\` | Original subject line | +| \`%{to}\` | Recipient address | The variable values are obtained from the mail being delivered or the delivery protocol.` }, rejection_subject: { - default: 'Rejected: %s', + default: 'Rejected: %{subject}', seealso: [ 'rejection_reason' ], tags: [ 'lda', 'lmtp' ], values: setting_types.STRING_NOVAR, @@ -10134,7 +10109,7 @@ This setting is used for both incoming and outgoing SSL connections.` }, ssl_cipher_suites: { - default: '', + default: '\\', seealso: [ 'ssl', 'ssl_cipher_list', '[[link,ssl_configuration]]' ], values: setting_types.STRING, text: ` @@ -10234,7 +10209,7 @@ Which SSL crypto device to use.` }, ssl_curve_list: { - default: '', + default: '\\', seealso: [ 'ssl', '[[link,ssl_configuration]]' ], values: setting_types.STRING, text: ` @@ -10473,7 +10448,7 @@ Overrides [[setting,sendmail_path]] value, if set.` }, submission_logout_format: { - default: 'in=%i out=%o', + default: 'in=%{input} out=%{output}', tags: [ 'submission' ], values: setting_types.STRING_NOVAR, text: ` @@ -10481,13 +10456,13 @@ The SMTP Submission logout format string. Variables supported, including [[variable,mail-user]]: -| Variable Name | Short Form | Description | -| ------------- | ---------- | ----------- | -| \`%{input}\` | \`%i\` | Bytes read from client | -| \`%{output}\` | \`%o\` | Bytes sent to client | -| \`%{command_count}\` | | Number of commands received from client | -| \`%{reply_count}\` | | Number of replies sent to client | -| \`%{transaction_id}\` | | ID of the current transaction, if any |` +| Variable Name | Description | +| ------------- | ----------- | +| \`%{input}\` | Bytes read from client | +| \`%{output}\` | Bytes sent to client | +| \`%{command_count}\` | Number of commands received from client | +| \`%{reply_count}\` | Number of replies sent to client | +| \`%{transaction_id}\` | ID of the current transaction, if any |` }, submission_max_mail_size: { @@ -10946,7 +10921,7 @@ If enabled, ignore version mismatches between different Dovecot versions.` }, ldap_auth_dn: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], values: setting_types.STRING, text: ` Specify the Distinguished Name (the username used to login to the LDAP server). @@ -10957,14 +10932,14 @@ Example: \`ldap_auth_dn = uid=dov-read,dc=example,dc=com,dc=.\`` }, ldap_auth_dn_password: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], values: setting_types.STRING, text: ` Password for LDAP server. Used if [[setting,ldap_auth_dn]] is specified.` }, ldap_auth_sasl_authz_id: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], values: setting_types.STRING, text: ` SASL authorization ID, ie. the [[setting,ldap_auth_dn_password]] is for this "master user", but the @@ -10972,21 +10947,21 @@ SASL authorization ID, ie. the [[setting,ldap_auth_dn_password]] is for this "ma }, ldap_auth_sasl_mechanisms: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], values: setting_types.BOOLLIST, text: ` List of SASL mechanism names to use.` }, ldap_auth_sasl_realm: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], values: setting_types.STRING, text: ` SASL realm to use.` }, ldap_base: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], values: setting_types.STRING, text: ` LDAP base. @@ -10997,7 +10972,7 @@ Example: \`ldap_base = dc=mail, dc=example, dc=org\`` }, ldap_connection_group: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], values: setting_types.STRING, text: ` Only databases with the same connection group share the ldap connections. @@ -11006,7 +10981,7 @@ and as such share the connections.` }, ldap_debug_level: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], default: '0', values: setting_types.UINT, text: ` @@ -11018,7 +10993,7 @@ You may need to recompile OpenLDAP with debugging enabled to get enough output.` }, ldap_deref: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], default: 'never', values: setting_types.ENUM, values_enum: [ 'never', 'searching', 'finding', 'always' ], @@ -11026,59 +11001,8 @@ You may need to recompile OpenLDAP with debugging enabled to get enough output.` Specify dereference which is set as an LDAP option.` }, - ldap_filter: { - tags: [ 'ldap' ], - values: setting_types.STRING, - text: ` -::: info - LDAP Authentication Only -::: - -Filter for password and user lookups (passdb/userdb lookup). - -Variables that can be used (see [[variable]] for full list). - -Example: - -\`\`\` -ldap_filter = (&(objectClass=posixAccount)(uid=%u)) -\`\`\`` - }, - - ldap_iterate_fields: { - tags: [ 'ldap' ], - values: setting_types.STRLIST, - text: ` -::: info - LDAP Authentication Only -::: - -Attributes to get a list of all users. Currently only the attribute -\`user\` is supported. - -Example: -\`\`\` - iterate_attrs { - user = %{ldap:mailRoutingAddress} - } -\`\`\`` - }, - - ldap_iterate_filter: { - tags: [ 'ldap' ], - values: setting_types.STRING, - text: ` -::: info - LDAP Authentication Only -::: - -Filter to get a list of all users. - -Example: \`ldap_iterate_filter = (objectClass=smiMessageRecipient)\`` - }, - ldap_scope: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], default: 'subtree', values: setting_types.ENUM, values_enum: [ 'base', 'onelevel', 'subtree' ], @@ -11088,7 +11012,7 @@ This specifies the search scope.` ldap_starttls: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], default: 'no', values: setting_types.BOOLEAN, text: ` @@ -11096,7 +11020,7 @@ Set to \`yes\` to use TLS to connect to the LDAP server.` }, ldap_uris: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], values: setting_types.STRING, text: ` LDAP URIs to use. @@ -11110,7 +11034,7 @@ Example: \`ldap_uris = ldaps://secure.domain.org\`` }, ldap_version: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], default: '3', values: setting_types.UINT, text: ` @@ -11118,19 +11042,15 @@ LDAP protocol version to use. Likely \`2\` or \`3\`.` }, passdb_ldap_bind: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], default: 'no', values: setting_types.BOOLEAN, text: ` -::: info - LDAP Authentication Only -::: - Set \`yes\` to use authentication binding for verifying password's validity. This works by logging into LDAP server using the username and password given by client. -The [[setting,ldap_filter]] is used to find the DN for the user. +The [[setting,passdb_ldap_filter]] is used to find the DN for the user. Note that the [[setting,passdb_fields]] are still used, only the password field is ignored in it. @@ -11143,20 +11063,86 @@ Otherwise the binding is changed to the default DN before each user lookup.` }, passdb_ldap_bind_userdn: { - tags: [ 'ldap' ], + tags: [ 'auth-ldap' ], values: setting_types.STRING, text: ` -::: info - LDAP Authentication Only -::: - If authentication binding is used, you can save one LDAP request per login if users' DN can be specified with a common template. The template can use the standard [[variable]]. Note that you can't use any [[setting,passdb_fields]] declaration if you use this setting. -Example: \`passdb_ldap_bind_userdn = cn=%u,ou=people,o=org\`` - } +Example: \`passdb_ldap_bind_userdn = cn=%{user},ou=people,o=org\`` + }, + + passdb_ldap_filter: { + tags: [ 'auth-ldap' ], + values: setting_types.STRING, + text: ` +Filter for passdb lookup. + +Variables that can be used (see [[variable]] for full list). + +Example: + +\`\`\` +passdb ldap { + filter = (&(objectClass=posixAccount)(uid=%{user})) + #... +} +\`\`\`` + }, + + userdb_ldap_filter: { + tags: [ 'auth-ldap' ], + values: setting_types.STRING, + text: ` +Filter for userdb lookup. + +Variables that can be used (see [[variable]] for full list). + +Example: + +\`\`\` +userdb ldap { + filter = (&(objectClass=posixAccount)(uid=%{user})) + #... +} +\`\`\`` + }, + + userdb_ldap_iterate_fields: { + tags: [ 'auth-ldap' ], + values: setting_types.STRLIST, + text: ` +Attributes to get a list of all users. Currently only the attribute +\`user\` is supported. + +Example: +\`\`\` +userdb ldap { + iterate_filter = (objectClass=smiMessageRecipient) + iterate_attrs { + user = %{ldap:mailRoutingAddress} + } +} +\`\`\`` + }, + + userdb_ldap_iterate_filter: { + tags: [ 'auth-ldap' ], + values: setting_types.STRING, + text: ` +Filter to get a list of all users. + +\`\`\` +userdb ldap { + iterate_filter = (objectClass=smiMessageRecipient) + iterate_attrs { + user = %{ldap:mailRoutingAddress} + } +} +\`\`\`` + }, } diff --git a/docs/core/config/auth/databases/ldap.md b/docs/core/config/auth/databases/ldap.md index fa225380c..b5f0cb3ef 100644 --- a/docs/core/config/auth/databases/ldap.md +++ b/docs/core/config/auth/databases/ldap.md @@ -82,7 +82,7 @@ $ ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f doveauth_access.ldif The two important settings in password lookups are: -- [[setting,ldap_filter]] specifies the LDAP filter how user is found from the +- [[setting,passdb_ldap_filter]] specifies the LDAP filter how user is found from the LDAP. You can use all the normal [[variable]] like `%{user}` in the filter. - [[setting,passdb_fields]] specifies a list of attributes that are returned and @@ -97,10 +97,12 @@ expression can include ldap specific variables and other variables too. For example: ::: code-group ```[dovecot.conf] +passdb ldap { fields { user = %{ldap:uid} password = %{ldap:userPassword} } +} ``` ::: @@ -187,8 +189,8 @@ to configure this: lookup or template. ### DN Lookup -DN is looked up by sending a [[setting,ldap_filter]] LDAP request and getting -the DN from the reply. This is very similar to doing a +DN is looked up by sending a [[setting,passdb_ldap_filter]] LDAP request and +getting the DN from the reply. This is very similar to doing a [password lookup](#password-lookups). The only difference is that `userPassword` attribute isn't returned. @@ -221,7 +223,8 @@ of two LDAP requests per login in both cases). If you're also using Dovecot for SMTP AUTH, it doesn't do a userdb lookup so the prefetch optimization doesn't help. -If you're using DN template, [[setting,passdb_fields]] and [[setting,ldap_filter]] settings +If you're using DN template, [[setting,passdb_fields]] and +[[setting,passdb_ldap_filter]] settings are completely ignored. That means you can't make passdb return any [[link,passdb_extra_fields]]. You should also set [[setting,auth_username_format,%{user | lower}]] in `dovecot.conf` to normalize the @@ -355,8 +358,10 @@ The most important settings are: ::: code-group ```[dovecot.conf] - passdb_ldap_bind_userdn = %{user} - passdb_ldap_bind = yes +passdb ldap { + bind_userdn = %{user} + bind = yes +} ``` ::: @@ -372,16 +377,18 @@ concurrent LDAP connections. Otherwise only a single LDAP connection is used. ::: - Normalize the username to exactly the `mailRoutingAddress` field's value -regardless of how the [[setting,ldap_filter]] found the user: +regardless of how the [[setting,passdb_ldap_filter]] found the user: ::: code-group ```[dovecot.conf] +passdb ldap { fields { user = %{ldap:mailRoutingAddress} password = %{ldap:userPassword} proxy = y proxy_timeout = 10 } +} ``` ::: @@ -391,10 +398,12 @@ other means: ::: code-group ```[dovecot.conf] +passdb ldap { fields { user = %{ldap:mailRoutingAddress} quota_storage_size = %{ldap:messageQuotaHard}B } +} ``` ::: @@ -403,7 +412,9 @@ distinct values inside each [[setting,passdb]] / [[setting,userdb]] section): ::: code-group ```[dovecot.conf] -ldap_filter = (mailRoutingAddress=%{user}) +passdb ldap { + filter = (mailRoutingAddress=%{user}) +} ``` ::: @@ -411,11 +422,13 @@ ldap_filter = (mailRoutingAddress=%{user}) ::: code-group ```[dovecot.conf] - ldap_filter = (mailRoutingAddress=%{user}) - ldap_iterate_filter = (objectClass=messageStoreRecipient) +userdb ldap { + filter = (mailRoutingAddress=%{user}) + iterate_filter = (objectClass=messageStoreRecipient) iterate_fields { user = %{ldap:mailRoutingAddress} } +} ``` ::: @@ -508,7 +521,7 @@ returning the userdb information already in the passdb lookup. ## LDAP Settings - + ## LDAP userdb @@ -526,25 +539,31 @@ without knowing the user's password). The userdb lookups are configured in very much the same way as [password lookups](#password-lookups). [[setting,userdb_fields]] and -[[setting,ldap_filter]], are used in the same way in passdb. +[[setting,userdb_ldap_filter]], are used in the same way in passdb. If you're using a single UID and GID for all the users, you can specify them globally with [[setting,mail_uid]] and [[setting,mail_gid]] settings instead of returning them from LDAP. ``` -ldap_filter = (&(objectClass=posixAccount)(uid=%{user})) -ldap_iterate_filter = (objectClass=posixAccount) -fields { +userdb ldap { + filter = (&(objectClass=posixAccount)(uid=%{user})) + fields { home = %{ldap:homeDirectory} uid = %{ldap:uidNumber} gid = %{ldap:gidNumber} + } } ``` -``` # For using doveadm -A: -fields=user=%{ldap:uid} +``` +userdb ldap { + iterate_filter = (objectClass=posixAccount) + iterate_fields { + user = %{ldap:uid} + } +} ``` ### Attribute Templates @@ -558,8 +577,10 @@ Create a `quota_storage_size` field with value `B` where `` comes from "quotaBytes" LDAP attribute: ``` -fields { - quota_storage_size = %{ldap:quotaBytes}B +userdb ldap { + fields { + quota_storage_size = %{ldap:quotaBytes}B + } } ``` @@ -567,8 +588,10 @@ Create a `mail_path` field with value `/var/mail//Maildir` where `` comes from "sAMAccountName" LDAP attribute: ``` -fields { - mail_path = /var/spool/vmail/%{ldap:sAMAccountName}/Maildir +userdb ldap { + fields { + mail_path = /var/spool/vmail/%{ldap:sAMAccountName}/Maildir + } } ``` @@ -576,9 +599,11 @@ You can add static fields that aren't looked up from LDAP. For example create a "mail_path" field with value `/var/vmail/%{user | domain}/%{user | username}/Maildir`: ``` -fields { +userdb ldap { + fields { quota_storage_size = %{ldap:quotaBytes}B mail_path = /var/vmail/%{user | domain}/%{user | username}/Maildir + } } ``` @@ -603,9 +628,11 @@ User names and domains may be distinguished using the [[variable]] The userdb may set a new username, too, using ``` +userdb ldap { fields { user = ... } +} ``` This will be used for: diff --git a/docs/core/config/auth/databases/pam.md b/docs/core/config/auth/databases/pam.md index 27dbb0883..fd4233239 100644 --- a/docs/core/config/auth/databases/pam.md +++ b/docs/core/config/auth/databases/pam.md @@ -160,7 +160,7 @@ account required pam_unix.so For Solaris you will have to edit `/etc/pam.conf`. -Here is a working Solaris example (using [[setting,service_name,%L{service}]] +Here is a working Solaris example (using [[setting,service_name,%{service}]] instead of the default `dovecot` service): ``` diff --git a/docs/core/config/auth/master_users.md b/docs/core/config/auth/master_users.md index 35e9d48c3..ea30cacf5 100644 --- a/docs/core/config/auth/master_users.md +++ b/docs/core/config/auth/master_users.md @@ -71,10 +71,10 @@ The options for handling this are: You can create a `default ACL`, that applies to all mailboxes. See example below. -2. Set `plugin { acl_user=%{user} }`. This preserves the master_user for other +2. Set [[setting,acl_user,%{user}]]. This preserves the master_user for other purposes (e.g. `%{master_user}` variable). -3. Set `plugin { master_user=%{user} }`. This fully hides that master user login is +3. Change userdb to return `userdb_fields { master_user=%{user} }`. This fully hides that master user login is being used. Example configuration: diff --git a/docs/core/config/auth/proxies.md b/docs/core/config/auth/proxies.md index 886142c6e..9a2dbaa2d 100644 --- a/docs/core/config/auth/proxies.md +++ b/docs/core/config/auth/proxies.md @@ -275,7 +275,7 @@ See [[link,auth_master_users]] for more information how to configure this. ## OAuth2 Forwarding If you want to forward [[link,auth_oauth2]] tokens, return field -`proxy_mech=%m` as extra field. +`proxy_mech=%{mechanism}` as extra field. ## Examples diff --git a/docs/core/config/auth/userdb.md b/docs/core/config/auth/userdb.md index 727c54a8e..6c8348d23 100644 --- a/docs/core/config/auth/userdb.md +++ b/docs/core/config/auth/userdb.md @@ -203,8 +203,7 @@ helpful to know how Dovecot internally passes them: 1. First all actual settings are first read into memory. 2. Next all the extra fields returned by `userdb` lookup are used to override - the settings. Any unknown setting is placed into the plugin {} section - (e.g. `foo=bar` will be parsed as if it were `plugin { foo=bar }`). + the settings. 3. Last, if [[link,post_login_scripting]] is used, it may modify the settings. diff --git a/docs/core/config/pop3.md b/docs/core/config/pop3.md index 3a1ec7359..f5f4d6be9 100644 --- a/docs/core/config/pop3.md +++ b/docs/core/config/pop3.md @@ -108,13 +108,13 @@ For new POP3 servers, the easiest way to set up UIDLs is to use IMAP's UIDVALIDITY and UID values. The default is: ``` -pop3_uidl_format = %08Xu%08Xv +pop3_uidl_format = %{uid | hex(8)}%{uidvalidity | hex(8)} ``` Another good default is to use the message's global UID: ``` -pop3_uidl_format = %g +pop3_uidl_format = %{guid} ``` However, note that GUIDs may not be unique, as the GUID does not change when a @@ -124,7 +124,7 @@ done using IMAP, Sieve, or doveadm.) ### MD5 UIDL format (mbox-only) ``` -pop3_uidl_format = %m +pop3_uidl_format = %{md5} ``` This works by getting the MD5 sum of a couple of message headers that uniquely @@ -162,7 +162,7 @@ calculation: * X-Delivery-ID: header -If you use [[link,lda]] or IMAP APPEND and [[setting,pop3_uidl_format,%m]] +If you use [[link,lda]] or IMAP APPEND and [[setting,pop3_uidl_format,%{md5}]] it always appends the X-Delivery-ID: header to saved mailbox. Any existing X-Delivery-ID: headers in the saved mails are dropped. diff --git a/docs/core/config/shared_mailboxes.md b/docs/core/config/shared_mailboxes.md index ef5204e1b..b5e0f7b0a 100644 --- a/docs/core/config/shared_mailboxes.md +++ b/docs/core/config/shared_mailboxes.md @@ -6,9 +6,6 @@ dovecotlinks: shared_mailboxes_listing: hash: shared-mailbox-listing text: shared mailbox listing - shared_mailboxes_percent: - hash: vs - text: \% vs. \%\% shared_mailboxes_permissions: hash: filesystem-permissions text: shared mailboxes filesystem permissions @@ -468,7 +465,7 @@ See [[plugin,acl]] for list of ``. ### Sharing Mailboxes to Everyone -See [[setting,acl_anyone]]. +See [[setting,imap_acl_allow_anyone]]. Note that you can also do this only for some users by using the second table "`anyone_shares`". Every user listed in this table shares his diff --git a/docs/core/config/statistics.md b/docs/core/config/statistics.md index 67578d5e7..a7618fb01 100644 --- a/docs/core/config/statistics.md +++ b/docs/core/config/statistics.md @@ -85,7 +85,11 @@ metric imap_command { metric login_domains { filter = event=auth_request_finished fields = user - group_by = discrete:%L{domain} + group_by user { + method discrete { + modifier = %{value | domain | lower} + } + } } ``` diff --git a/docs/core/config/users/virtual.md b/docs/core/config/users/virtual.md index a7ab42244..b81768012 100644 --- a/docs/core/config/users/virtual.md +++ b/docs/core/config/users/virtual.md @@ -224,12 +224,10 @@ mail_driver = maildir mail_path = /home/%{user | domain}/%{user | username}/Maildir passdb passwd-file { - auth_username_format = %Ln passwd_file_path = /home/%{user | domain}/etc/shadow } userdb passwd-file { - auth_username_format = %Ln passwd_file_path = /home/%{user | domain}/etc/passwd } ``` diff --git a/docs/core/design/auth_process.md b/docs/core/design/auth_process.md index ca2d3ccde..8f359ede6 100644 --- a/docs/core/design/auth_process.md +++ b/docs/core/design/auth_process.md @@ -305,7 +305,7 @@ when the passdb lookup validity depends only on the username. With more complex databases such as SQL and LDAP this is created dynamically based on the password query in the configuration file. If there are multiple variables, they should be separated so that their -contents don't get mixed, for example `%{user}%r%l`. +contents don't get mixed, for example `%{user}%{rmote_ip}%{local_ip}`. `auth_cache_parse_key()` can be used to easily create a cache key from a query string. diff --git a/docs/core/design/mail_user.md b/docs/core/design/mail_user.md index 9c51f8318..a2497f85a 100644 --- a/docs/core/design/mail_user.md +++ b/docs/core/design/mail_user.md @@ -22,9 +22,6 @@ directly. Some of the most useful things you can do with a user are: - `mail_user_home_expand()` expands `~/` at the beginning of given path to user's actual home directory. -- `mail_user_plugin_getenv()` returns value for a setting defined in - `plugin {}` section. - Typically each new IMAP/POP3/etc. connection creates a single mail user. If the same process handles multiple connections for the same user, they don't share the same mail_user (especially since each mail_user has a diff --git a/docs/core/man/include/option-A.inc b/docs/core/man/include/option-A.inc index 305be5db0..c1e591791 100644 --- a/docs/core/man/include/option-A.inc +++ b/docs/core/man/include/option-A.inc @@ -9,5 +9,5 @@ [[setting,userdb_sql_iterate_query]] setting matches your database layout. When using the LDAP userdb module, make sure that the [[setting,userdb_fields]] - and [[setting,ldap_iterate_fields]] settings match your LDAP schema. + and [[setting,userdb_ldap_iterate_fields]] settings match your LDAP schema. Otherwise [[man,doveadm]] will be unable to iterate over all users. diff --git a/docs/core/plugins/fts.md b/docs/core/plugins/fts.md index f8762c9a3..3474fd600 100644 --- a/docs/core/plugins/fts.md +++ b/docs/core/plugins/fts.md @@ -287,9 +287,9 @@ They are configured through [[setting,language_filters]]. Example: ``` -plugin { - language_filters = normalizer-icu snowball stopwords - language_filters_en = lowercase snowball english-possessive stopwords +language_filters = normalizer-icu snowball stopwords +language en { + language_filters = lowercase snowball english-possessive stopwords } ``` diff --git a/docs/core/plugins/lazy_expunge.md b/docs/core/plugins/lazy_expunge.md index d9fe5f562..d58f96245 100644 --- a/docs/core/plugins/lazy_expunge.md +++ b/docs/core/plugins/lazy_expunge.md @@ -73,10 +73,6 @@ acl_driver = vfile # Move messages to an .EXPUNGED mailbox lazy_expunge_mailbox = .EXPUNGED -plugin { - # Define ACL so that user cannot list the .EXPUNGED mailbox - acl = vfile:/etc/dovecot/dovecot.acl -} mailbox .EXPUNGED { # Expunged messages most likely don't want to be included in quota: quota_ignore = yes diff --git a/docs/core/plugins/push_notification_lua.md b/docs/core/plugins/push_notification_lua.md index 2c271a696..63dcecdb9 100644 --- a/docs/core/plugins/push_notification_lua.md +++ b/docs/core/plugins/push_notification_lua.md @@ -195,9 +195,11 @@ end ```lua:line-numbers -- To use: -- --- plugin { --- push_notification_driver = lua:file=/home/example/empty.lua --- push_lua_url = http://push.notification.server/handler +-- push_notification lua { +-- lua_file = /home/example/empty.lua +-- lua_settings { +-- push_lua_url = http://push.notification.server/handler +-- } -- } -- -- server is sent a POST message to given url with parameters diff --git a/docs/core/plugins/quota.md b/docs/core/plugins/quota.md index eadf5974a..94705f912 100644 --- a/docs/core/plugins/quota.md +++ b/docs/core/plugins/quota.md @@ -277,9 +277,7 @@ See [[setting,quota_exceeded_message]]. Example: ```[dovecot.conf] -plugin { - quota_exceeded_message = Quota exceeded, please go to http://www.example.com/over_quota_help for instructions on how to fix this. -} +quota_exceeded_message = Quota exceeded, please go to http://www.example.com/over_quota_help for instructions on how to fix this. ``` ## Quota Drivers diff --git a/docs/core/plugins/virtual.md b/docs/core/plugins/virtual.md index 8af25617a..6ebe4b706 100644 --- a/docs/core/plugins/virtual.md +++ b/docs/core/plugins/virtual.md @@ -196,19 +196,19 @@ namespace real { list = no hidden = yes } -``` -```[mysql.ext] # Note: none of the namespaces have inbox=yes. This is because for IMAP users # you want the inbox namespace to have 'inbox=yes', but for POP3 users you want # the virtual namespace to have 'inbox=yes'. This requires setting the # 'inbox=yes' in userdb extra fields. For example with MySQL you can do # this like: -ser_query = SELECT ..., \ - CASE '%s' WHEN 'pop3' THEN NULL ELSE 'yes' END AS 'namespace/inbox/inbox', \ - CASE '%s' WHEN 'pop3' THEN 'yes' ELSE NULL END AS 'namespace/virtual/inbox' \ - WHERE ... +userdb sql { + query = SELECT ..., \ + CASE '%{protocol}' WHEN 'pop3' THEN NULL ELSE 'yes' END AS 'namespace/inbox/inbox', \ + CASE '%{protocol}' WHEN 'pop3' THEN 'yes' ELSE NULL END AS 'namespace/virtual/inbox' \ + WHERE ... +} ``` ```[/etc/dovecot/virtual/INBOX/dovecot-virtual] @@ -229,7 +229,7 @@ Also to avoid accidental POP3 UIDL changes, you shouldn't base the UIDLs on IMAP UIDs. Instead use GUIDs (with Maildir the same as base filename): ``` -pop3_uidl_format = %g +pop3_uidl_format = %{guid} ``` ## Configuration Examples diff --git a/docs/core/settings/types.md b/docs/core/settings/types.md index 4bf65b3e8..a38d9eb24 100644 --- a/docs/core/settings/types.md +++ b/docs/core/settings/types.md @@ -65,10 +65,10 @@ Certain settings require specific variables and thus don't use the default [[variable]]. For example: ```[dovecot.conf] -imap_logout_format = in=%i out=%o +imap_logout_format = in=%{input} out=%{output} ``` -Here the `%i` and `%o` refer to variables specific to the +Here the `%{input}` and `%{output}` refer to variables specific to the [[setting,imap_logout_format]] setting. ## Unsigned Integer diff --git a/docs/howto/convert_password_schemes.md b/docs/howto/convert_password_schemes.md index 1bffe4480..d0b443908 100644 --- a/docs/howto/convert_password_schemes.md +++ b/docs/howto/convert_password_schemes.md @@ -36,9 +36,9 @@ https://kaworu.ch/blog/2016/04/20/strong-crypt-scheme-with-dovecot-postfixadmin- # default_pass_scheme = CRYPT # update your sql query so it will look at the new field - # AND add a %w field in the query so we have the plain password in our - # Enviroment ($PLAIN_PASS) - query = SELECT id as user, newpassword as password, home as userdb_home, uid as userdb_uid, gid as userdb_gid, '%w' as userdb_plain_pass \ + # AND add a %{password} field in the query so we have the plain password in + # our Enviroment ($PLAIN_PASS) + query = SELECT id as user, newpassword as password, home as userdb_home, uid as userdb_uid, gid as userdb_gid, '%{password}' as userdb_plain_pass \ FROM users \ WHERE id = '%{user}' @@ -48,7 +48,7 @@ https://kaworu.ch/blog/2016/04/20/strong-crypt-scheme-with-dovecot-postfixadmin- # driver = mysql # connect = host=127.0.0.1 user=mailauth password=secret dbname=postfixadmin # default_pass_scheme = SHA512-CRYPT - # query = SELECT username AS user, password, CONCAT('/var/mail/vdomains/', maildir) as userdb_home, 'vmail' as userdb_uid, 'vmail' as userdb_gid, '%w' as userdb_plain_pass \ + # query = SELECT username AS user, password, CONCAT('/var/mail/vdomains/', maildir) as userdb_home, 'vmail' as userdb_uid, 'vmail' as userdb_gid, '%{password}' as userdb_plain_pass \ # FROM mailbox \ # WHERE username = '%{user}' } @@ -273,7 +273,7 @@ passdb passwd-file { userdb passwd-file { passwd_file_path = /var/vmail/auth.d/%{user | domain}/passwd fields { - plain_pass = %w + plain_pass = %{password} } } ``` diff --git a/docs/howto/imapc_proxy.md b/docs/howto/imapc_proxy.md index c1863a194..07d7445fc 100644 --- a/docs/howto/imapc_proxy.md +++ b/docs/howto/imapc_proxy.md @@ -56,7 +56,7 @@ This is based on already having Dovecot already compiled and installed. args = host=10.1.2.3 fields { userdb_imapc_user = %{user} - userdb_imapc_password = %w + userdb_imapc_password = %{password} } } diff --git a/docs/howto/lmtp/exim.md b/docs/howto/lmtp/exim.md index b420d0f36..8fc81c7f3 100644 --- a/docs/howto/lmtp/exim.md +++ b/docs/howto/lmtp/exim.md @@ -118,7 +118,7 @@ this problem by extending the *protocol lmtp* section: ```[dovecot.conf] protocol lmtp { ... - # use %Ln to strip away the domain part + # strip away the domain part auth_username_format = %{user|lower} } ``` diff --git a/docs/howto/restrict_access.md b/docs/howto/restrict_access.md index 7ed5da210..23be3cfa7 100644 --- a/docs/howto/restrict_access.md +++ b/docs/howto/restrict_access.md @@ -44,10 +44,10 @@ passdb sql { ## LDAP -Just like with SQL, you can use `%{protocol}` in [[setting,ldap_filter]]: +Just like with SQL, you can use `%{protocol}` in [[setting,passdb_ldap_filter]]: ``` -pass_filter = (&(objectClass=posixAccount)(uid=%{user})(protocol=%{protocol})) +passdb_ldap__filter = (&(objectClass=posixAccount)(uid=%{user})(protocol=%{protocol})) ``` That would require setting both protocol=pop3 and protocol=imap attributes diff --git a/docs/howto/virtual/simple_install.md b/docs/howto/virtual/simple_install.md index 0d69ce697..1fba54e1f 100644 --- a/docs/howto/virtual/simple_install.md +++ b/docs/howto/virtual/simple_install.md @@ -55,7 +55,7 @@ mail_driver = maildir mail_path = ~/Maildir # If you're using POP3, you'll need this: -pop3_uidl_format = %g +pop3_uidl_format = %{guid} # Authentication configuration: auth_verbose = yes @@ -174,8 +174,7 @@ protocol imap { } } -plugin { - quota = maildir +quota User { } ```