| Attribute |
Description |
Default |
node['dovecot']['user'] |
Dovector system user. Should no be changed. |
"dovecot" |
node['dovecot']['group'] |
Dovector system group. Should no be changed. |
"dovecot" |
node['dovecot']['lib_path'] |
Dovector library path. Should no be changed. |
calculated |
node['dovecot']['conf_path'] |
Dovector configruration files path. Should no be changed. |
"/etc/dovecot" |
node['dovecot']['conf_files_user'] |
System user owner of configuration files. |
"root" |
node['dovecot']['conf_files_group'] |
System group owner of configuration files. |
node["dovecot"]["group"] |
node['dovecot']['conf_files_mode'] |
Configuration files system file mode bits. |
00644 |
node['dovecot']['conf_files']['core'] |
Dovecot core configuration files list. |
[
"conf.d/10-auth.conf",
"conf.d/10-director.conf",
"conf.d/10-logging.conf",
"conf.d/10-mail.conf",
"conf.d/10-master.conf",
"conf.d/10-ssl.conf",
"conf.d/10-tcpwrapper.conf",
"conf.d/15-lda.conf",
"conf.d/15-mailboxes.conf",
"conf.d/90-acl.conf",
"conf.d/90-plugin.conf",
"conf.d/90-quota.conf",
"conf.d/auth-checkpassword.conf.ext",
"conf.d/auth-deny.conf.ext",
"conf.d/auth-master.conf.ext",
"conf.d/auth-passwdfile.conf.ext",
"conf.d/auth-sql.conf.ext",
"conf.d/auth-static.conf.ext",
"conf.d/auth-system.conf.ext",
"conf.d/auth-vpopmail.conf.ext",
"dovecot.conf",
"dovecot-db.conf.ext",
"dovecot-dict-sql.conf.ext",
"dovecot-sql.conf.ext"
] |
node['dovecot']['conf_files']['imap'] |
Dovecot IMAP configuration files list. |
["conf.d/20-imap.conf"] |
node['dovecot']['conf_files']['pop3'] |
Dovecot POP3 configuration files list. |
["conf.d/20-pop3.conf"] |
node['dovecot']['conf_files']['lmtp'] |
Dovecot LMTP configuration files list. |
["conf.d/20-lmtp.conf"] |
node['dovecot']['conf_files']['sieve'] |
Dovecot Sieve configuration files list. |
[
"conf.d/20-managesieve.conf",
"conf.d/90-sieve.conf"
] |
node['dovecot']['conf_files']['ldap'] |
Dovecot LDAP configuration files list. |
[
"dovecot-ldap.conf.ext",
"conf.d/auth-ldap.conf.ext"
] |
node['dovecot']['auth'] |
Dovecot Authentication Databases as a hash of hashes (see the examples below). Supported authdbs: checkpassword, deny, ldap, master, passwdfile, sql, system and vpopmail. |
{} |
node['dovecot']['namespaces'] |
Dovecot Namespaces as an array of hashes (see the example below). |
[] |
node['dovecot']['plugins'] |
Dovecot Plugins configuration as a hash of hashes (see the examples below). Supported plugins: mail_log, acl and quota. |
{
"sieve" => {
"sieve" => "~/.dovecot.sieve",
"sieve_dir" => "~/sieve",
}
} |
node['dovecot']['protocolos'] |
Dovecot Protocols configuration as a hash of hashes (see the example below). Supported protocols: lda, imap, lmtp, sieve and pop3. |
{} |
node['dovecot']['services'] |
Dovecot Services configuration as a hash of hashes (see the examples below). Supported services: director, imap-login, pop3-login, lmtp, imap, pop3, auth, auth-worker, dict, tcpwrap, managesieve-login and managesieve. |
{} |
node['dovecot']['conf']['mail_plugins'] |
Dovecot default enabled mail_plugins. |
[] |
## Main configuration attributes
* Configuration file: `dovecot.conf`.
| Attribute |
Description |
Default |
node['dovecot']['conf']['listen'] |
A comma separated list of IPs or hosts where to listen in for connections. |
nil |
node['dovecot']['conf']['base_dir'] |
Base directory where to store runtime data. |
nil |
node['dovecot']['conf']['instance_name'] |
Name of this instance. Used to prefix all Dovecot processes in ps output. |
nil |
node['dovecot']['conf']['login_greeting'] |
Greeting message for clients. |
nil |
node['dovecot']['conf']['login_trusted_networks'] |
Space separated list of trusted network ranges. |
nil |
node['dovecot']['conf']['login_access_sockets'] |
Space separated list of login access check sockets. |
nil |
node['dovecot']['conf']['verbose_proctitle'] |
Show more verbose process titles (in ps). |
nil |
node['dovecot']['conf']['shutdown_clients'] |
Should all processes be killed when Dovecot master process shuts down. |
nil |
node['dovecot']['conf']['doveadm_worker_count'] |
If non-zero, run mail commands via this many connections to doveadm server. |
nil |
node['dovecot']['conf']['doveadm_socket_path'] |
UNIX socket or host:port used for connecting to doveadm server. |
nil |
node['dovecot']['conf']['import_environment'] |
Space separated list of environment variables that are preserved on Dovecot startup and his childs. |
nil |
node['dovecot']['conf']['dict'] |
Dictionary server settings as a hash. |
nil |
## Authentication processes attributes
* Configuration file: `conf.d/10-auth.conf`.
| Attribute |
Description |
Default |
node['dovecot']['conf']['disable_plaintext_auth'] |
Disable LOGIN command and all other plaintext authentications unless SSL/TLS is used. |
nil |
node['dovecot']['conf']['auth_cache_size'] |
Authentication cache size (e.g. 10M). 0 means it's disabled. |
nil |
node['dovecot']['conf']['auth_cache_ttl'] |
Time to live for cached data. |
nil |
node['dovecot']['conf']['auth_cache_negative_ttl'] |
TTL for negative hits (user not found, password mismatch). |
nil |
node['dovecot']['conf']['auth_realms'] |
Space separated list (or array) of realms for SASL authentication mechanisms that need them. |
nil |
node['dovecot']['conf']['auth_default_realm'] |
Default realm/domain to use if none was specified. |
nil |
node['dovecot']['conf']['auth_username_chars'] |
List of allowed characters in username. |
nil |
node['dovecot']['conf']['auth_username_translation'] |
Username character translations before it's looked up from databases. |
nil |
node['dovecot']['conf']['auth_username_format'] |
Username formatting before it's looked up from databases. |
nil |
node['dovecot']['conf']['auth_master_user_separator'] |
If you want to allow master users to log in by specifying the master username within the normal username string, you can specify the separator character here (format: ). |
nil |
node['dovecot']['conf']['auth_anonymous_username'] |
Username to use for users logging in with ANONYMOUS SASL mechanism. |
nil |
node['dovecot']['conf']['auth_worker_max_count'] |
Maximum number of dovecot-auth worker processes. |
nil |
node['dovecot']['conf']['auth_gssapi_hostname'] |
Host name to use in GSSAPI principal names. |
nil |
node['dovecot']['conf']['auth_krb5_keytab'] |
Kerberos keytab to use for the GSSAPI mechanism. |
nil |
node['dovecot']['conf']['auth_use_winbind'] |
Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and ntlm_auth helper. |
nil |
node['dovecot']['conf']['auth_winbind_helper_path'] |
Path for Samba's ntlm_auth helper binary. |
nil |
node['dovecot']['conf']['auth_failure_delay'] |
Time to delay before replying to failed authentications. |
nil |
node['dovecot']['conf']['auth_ssl_require_client_cert'] |
Take the username from client's SSL certificate, using X509_NAME_get_text_by_NID() which returns the subject's DN's CommonName. |
nil |
node['dovecot']['conf']['auth_mechanisms'] |
Space separated list of wanted authentication mechanisms: plain, login, digest-md5, cram-md5, ntlm, rpa, apop, anonymous, gssapi, otp, skey, gss-spnego |
"plain" |
## Director-specific attributes
* Configuration file: `conf.d/10-director.conf`.
| Attribute |
Description |
Default |
node['dovecot']['conf']['log_path'] |
Log file to use for error messages. "syslog" logs to syslog, /dev/stderr logs to stderr. |
nil |
node['dovecot']['conf']['info_log_path'] |
Log file to use for informational messages. Defaults to log_path. |
nil |
node['dovecot']['conf']['debug_log_path'] |
Log file to use for debug messages. Defaults to info_log_path. |
nil |
node['dovecot']['conf']['syslog_facility'] |
Syslog facility to use if you're logging to syslog. |
nil |
node['dovecot']['conf']['auth_verbose'] |
Log unsuccessful authentication attempts and the reasons why they failed. |
nil |
node['dovecot']['conf']['auth_verbose_passwords'] |
In case of password mismatches, log the attempted password. |
nil |
node['dovecot']['conf']['auth_debug'] |
Even more verbose logging for debugging purposes. |
nil |
node['dovecot']['conf']['auth_debug_passwords'] |
In case of password mismatches, log the passwords and used scheme so the problem can be debugged. |
nil |
node['dovecot']['conf']['mail_debug'] |
Enable mail process debugging. |
nil |
node['dovecot']['conf']['verbose_ssl'] |
Show protocol level SSL errors. |
nil |
node['dovecot']['conf']['log_timestamp'] |
Prefix for each line written to log file. |
nil |
node['dovecot']['conf']['login_log_format_elements'] |
Space-separated list (or array) of elements we want to log. |
nil |
node['dovecot']['conf']['login_log_format'] |
Login log format. |
nil |
node['dovecot']['conf']['mail_log_prefix'] |
Log prefix for mail processes. |
nil |
node['dovecot']['conf']['deliver_log_format'] |
Format to use for logging mail deliveries. |
nil |
## Mailbox locations and namespaces attributes
* Configuration file: `conf.d/10-mail.conf`.
| Attribute |
Description |
Default |
node['dovecot']['conf']['mail_location'] |
Location for user's mailboxes. |
nil |
node['dovecot']['conf']['mail_uid'] |
System user used to access mails. |
nil |
node['dovecot']['conf']['mail_gid'] |
System group used to access mails. |
nil |
node['dovecot']['conf']['mail_privileged_group'] |
Group to enable temporarily for privileged operations. |
nil |
node['dovecot']['conf']['mail_access_groups'] |
Grant access to these supplementary groups for mail processes. |
nil |
node['dovecot']['conf']['mail_full_filesystem_access'] |
Allow full filesystem access to clients. |
nil |
node['dovecot']['conf']['mmap_disable'] |
Don't use mmap() at all. |
nil |
node['dovecot']['conf']['dotlock_use_excl'] |
Rely on O_EXCL to work when creating dotlock files. |
nil |
node['dovecot']['conf']['mail_fsync'] |
When to use fsync() or fdatasync() calls: optimized, always or never |
nil |
node['dovecot']['conf']['mail_nfs_storage'] |
Mail storage exists in NFS. |
nil |
node['dovecot']['conf']['mail_nfs_index'] |
Mail index files also exist in NFS. |
nil |
node['dovecot']['conf']['lock_method'] |
Locking method for index files: fcntl, flock or dotlock. |
nil |
node['dovecot']['conf']['mail_temp_dir'] |
Directory in which LDA/LMTP temporarily stores incoming mails >128 kB. |
nil |
node['dovecot']['conf']['first_valid_uid'] |
Valid UID range for users, defaults to 500 and above. |
nil |
node['dovecot']['conf']['last_valid_uid'] |
Valid UID range for users, defaults to 500 and above. |
nil |
node['dovecot']['conf']['first_valid_gid'] |
Valid GID range for users, defaults to non-root/wheel. |
nil |
node['dovecot']['conf']['last_valid_gid'] |
Valid GID range for users, defaults to non-root/wheel. |
nil |
node['dovecot']['conf']['mail_max_keyword_length'] |
Maximum allowed length for mail keyword name. |
nil |
node['dovecot']['conf']['valid_chroot_dirs'] |
':' separated list of directories under which chrooting is allowed for mail processes. |
nil |
node['dovecot']['conf']['mail_chroot'] |
Default chroot directory for mail processes. |
nil |
node['dovecot']['conf']['auth_socket_path'] |
UNIX socket path to master authentication server to find users. |
nil |
node['dovecot']['conf']['mail_plugin_dir'] |
Directory where to look up mail plugins. |
nil |
node['dovecot']['conf']['mail_cache_min_mail_count'] |
The minimum number of mails in a mailbox before updates are done to cache file. |
nil |
node['dovecot']['conf']['mailbox_idle_check_interval'] |
When IDLE command is running, mailbox is checked once in a while to see if there are any new mails or other changes. |
nil |
node['dovecot']['conf']['mail_save_crlf'] |
Save mails with CR+LF instead of plain LF. |
nil |
node['dovecot']['conf']['maildir_stat_dirs'] |
By default LIST command returns all entries in maildir beginning with a dot. |
nil |
node['dovecot']['conf']['maildir_copy_with_hardlinks'] |
When copying a message, do it with hard links whenever possible. |
nil |
node['dovecot']['conf']['maildir_very_dirty_syncs'] |
Assume Dovecot is the only MUA accessing Maildir. |
nil |
node['dovecot']['conf']['mbox_read_locks'] |
Which read locking methods to use for locking mbox: dotlock, dotlock_try, fcntl, flock or lockfyy |
nil |
node['dovecot']['conf']['mbox_write_locks'] |
Which write locking methods to use for locking mbox: dotlock, dotlock_try, fcntl, flock or lockfyy |
nil |
node['dovecot']['conf']['mbox_lock_timeout'] |
Maximum time to wait for lock (all of them) before aborting. |
nil |
node['dovecot']['conf']['mbox_dotlock_change_timeout'] |
If dotlock exists but the mailbox isn't modified in any way, override the lock file after this much time. |
nil |
node['dovecot']['conf']['mbox_dirty_syncs'] |
When mbox changes unexpectedly simply read the new mails but still safely fallbacks to re-reading the whole mbox file whenever something in mbox isn't how it's expected to be. |
nil |
node['dovecot']['conf']['mbox_very_dirty_syncs'] |
Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE, EXPUNGE or CHECK commands. |
nil |
node['dovecot']['conf']['mbox_lazy_writes'] |
Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK commands and when closing the mailbox). |
nil |
node['dovecot']['conf']['mbox_min_index_size'] |
If mbox size is smaller than this (e.g. 100k), don't write index files. |
nil |
node['dovecot']['conf']['mdbox_rotate_size'] |
Maximum dbox file size until it's rotated. |
nil |
node['dovecot']['conf']['mdbox_rotate_interval'] |
Maximum dbox file age until it's rotated. |
nil |
node['dovecot']['conf']['mdbox_preallocate_space'] |
When creating new mdbox files, immediately preallocate their size to mdbox_rotate_size. |
nil |
node['dovecot']['conf']['mail_attachment_min_size'] |
Attachments smaller than this aren't saved externally. |
nil |
node['dovecot']['conf']['mail_attachment_fs'] |
Filesystem backend to use for saving attachments: posix, sis posix or sis-queue posix. |
nil |
node['dovecot']['conf']['mail_attachment_hash'] |
Hash format to use in attachment filenames. |
nil |
## Master configuration file attributes
* Configuration file: `conf.d/10-master.conf`.
| Attribute |
Description |
Default |
node['dovecot']['conf']['postmaster_address'] |
Address to use when sending rejection mails. |
nil |
node['dovecot']['conf']['hostname'] |
Hostname to use in various parts of sent mails, eg. in Message-Id. |
nil |
node['dovecot']['conf']['quota_full_tempfail'] |
If user is over quota, return with temporary failure instead of bouncing the mail. |
nil |
node['dovecot']['conf']['sendmail_path'] |
Binary to use for sending mails. |
nil |
node['dovecot']['conf']['submission_host'] |
If non-empty, send mails via this SMTP host[:port] instead of sendmail. |
nil |
node['dovecot']['conf']['rejection_subject'] |
Subject: header to use for rejection mails. |
nil |
node['dovecot']['conf']['rejection_reason'] |
Human readable error message for rejection mails. |
nil |
node['dovecot']['conf']['recipient_delimiter'] |
Delimiter character between local-part and detail in email address. |
nil |
node['dovecot']['conf']['lda_original_recipient_header'] |
Header where the original recipient address (SMTP's RCPT TO: address) is taken from if not available elsewhere. |
nil |
node['dovecot']['conf']['lda_mailbox_autocreate'] |
Should saving a mail to a nonexistent mailbox automatically create it? |
nil |
node['dovecot']['conf']['lda_mailbox_autosubscribe'] |
Should automatically created mailboxes be also automatically subscribed? |
nil |
## LMTP specific attributes
* Configuration file: `conf.d/20-lmtp.conf`
| Attribute |
Description |
Default |
node['dovecot']['conf']['ldap']['hosts'] |
Space separated list or array of LDAP hosts to use. |
nil |
node['dovecot']['conf']['ldap']['uris'] |
LDAP URIs to use. |
nil |
node['dovecot']['conf']['ldap']['dn'] |
Distinguished Name, the username used to login to the LDAP server. |
nil |
node['dovecot']['conf']['ldap']['dnpass'] |
Password for LDAP server, if dn is specified. |
nil |
node['dovecot']['conf']['ldap']['sasl_bind'] |
Use SASL binding instead of the simple binding. |
nil |
node['dovecot']['conf']['ldap']['sasl_mech'] |
SASL mechanism name to use. |
nil |
node['dovecot']['conf']['ldap']['sasl_realm'] |
SASL realm to use. |
nil |
node['dovecot']['conf']['ldap']['sasl_authz_id'] |
SASL authorization ID, ie. the dnpass is for this "master user", but the dn is still the logged in user. |
nil |
node['dovecot']['conf']['ldap']['tls'] |
Use TLS to connect to the LDAP server. |
nil |
node['dovecot']['conf']['ldap']['tls_ca_cert_file'] |
TLS options, currently supported only with OpenLDAP. |
nil |
node['dovecot']['conf']['ldap']['tls_ca_cert_dir'] |
TLS options, currently supported only with OpenLDAP. |
nil |
node['dovecot']['conf']['ldap']['tls_cipher_suite'] |
TLS options, currently supported only with OpenLDAP. |
nil |
node['dovecot']['conf']['ldap']['tls_cert_file'] |
TLS cert/key is used only if LDAP server requires a client certificate. |
nil |
node['dovecot']['conf']['ldap']['tls_key_file'] |
TLS cert/key is used only if LDAP server requires a client certificate. |
nil |
node['dovecot']['conf']['ldap']['tls_require_cert'] |
Valid values: never, hard, demand, allow, try |
nil |
node['dovecot']['conf']['ldap']['ldaprc_path'] |
Use the given ldaprc path. |
nil |
node['dovecot']['conf']['ldap']['debug_level'] |
LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. |
nil |
node['dovecot']['conf']['ldap']['auth_bind'] |
Use authentication binding for verifying password's validity. |
nil |
node['dovecot']['conf']['ldap']['auth_bind_userdn'] |
If authentication binding is used, you can save one LDAP request per login if user's DN can be specified with a common template. |
nil |
node['dovecot']['conf']['ldap']['ldap_version'] |
LDAP protocol version to use. Likely 2 or 3. |
nil |
node['dovecot']['conf']['ldap']['base'] |
LDAP base. %variables can be used here. |
nil |
node['dovecot']['conf']['ldap']['deref'] |
Dereference: never, searching, finding or always. |
nil |
node['dovecot']['conf']['ldap']['scope'] |
Search scope: base, onelevel or subtree. |
nil |
node['dovecot']['conf']['ldap']['user_attrs'] |
User attributes are given in LDAP-name=dovecot-internal-name list. |
nil |
node['dovecot']['conf']['ldap']['user_filter'] |
Filter for user lookup. |
nil |
node['dovecot']['conf']['ldap']['pass_attrs'] |
Password checking attributes. |
nil |
node['dovecot']['conf']['ldap']['pass_filter'] |
Filter for password lookups. |
nil |
node['dovecot']['conf']['ldap']['iterate_attrs'] |
Attributes to get a list of all users |
nil |
node['dovecot']['conf']['ldap']['iterate_filter'] |
Filter to get a list of all users |
nil |
node['dovecot']['conf']['ldap']['default_pass_scheme'] |
Default password scheme. "{scheme}" before password overrides this. |
nil |
## SQL authentication attributes
* Configuration file: `dovecot-sql.conf.ext`.