xref: /dports/mail/cyrus-imapd32/cyrus-imapd-3.2.8/doc/examples/imapd_conf/imapd.conf.sample

## auto-generated by config2sample 1.6rst
#

## cyrusman:: imapd.conf(5)

## _imap-reference-manpages-configs-imapd.conf:

#==========
#imapd.conf
#==========









#IMAP configuration file
#
#DESCRIPTION
#===========

#    /etc/imapd.conf
#    is the configuration file for the Cyrus IMAP server.  It defines
#    local parameters for IMAP.
##
#    Each line of the /etc/imapd.conf file has the form
#        option: value
#    #
#    where option is the name of the configuration option being set
#    and value is the value that the configuration option is being
#    set to.
##
#    Although there is no limit to the length of a line, a ``\''
#    (backslash) character may be used as the last character on a line to
#    force it to continue on the next one.  No additional whitespace is
#    inserted before or after the ``\''.  Note that a line that is split
#    using ``\'' character(s) is still considered a single line.

#    For example
#        option:\
#         value1 value2 \
#          value3
#    #
#    is equivalent to
#        option: value1 value2   value3
#    #
#    Blank lines and lines beginning with ``#'' are ignored.
##
#    For boolean and enumerated options, the values ``yes'', ``on'', ``t'',
#    ``true'' and ``1'' turn the option on, the values ``no'', ``off'',
#    ``f'', ``false'' and ``0'' turn the option off.
##
#    Duration options take the form of a number followed by a unit, for example
#    32m (32 minutes).  Units are d (days), h (hours), m
#    (minutes) and s (seconds).  Multiple units can be combined and will
#    be summed together, for example 1h30m is equivalent to 90m.  If
#    no unit is specified, an option-specific backward-compatible default unit
#    is assumed (documented on an option-by-option basis).  These are simple time
#    units: 1d=24h, 1h=60m, 1m=60s (daylight savings, timezones, leap adjustments,
#    etc are not considered).
#
#FIELD DESCRIPTIONS
#==================

##
#    The sections below detail options that can be placed in the
#    /etc/imapd.conf file, and show each option's default value.
#    Some options have no default value, these are listed with
#    ``<no default>''.  Some options default to the empty string, these
#    are listed with ``<none>''.


#  Addressbookprefix
#  -----------------
#    The prefix for the addressbook mailboxes hierarchies.  The hierarchy
#    delimiter will be automatically appended.  The public addressbook
#    hierarchy will be at the toplevel of the shared namespace.  A
#    user's personal addressbook hierarchy will be a child of their Inbox.
#addressbookprefix: #addressbooks

#  Admins
#  ------
#    The list of userids with administrative rights.  Separate each userid
#    with a space.  Sites using Kerberos authentication may use
#    separate "admin" instances.
#    #
#    Note that accounts used by users should not be administrators.
#    Administrative accounts should not receive mail.  That is, if user
#    "jbRo" is a user reading mail, he should not also be in the admins line.
#    Some problems may occur otherwise, most notably the ability of
#    administrators to create top-level mailboxes visible to users,
#    but not writable by users.
#admins: <empty string>

#  Afspts_localrealms
#  ------------------
#    The list of realms which are to be treated as local, and thus stripped
#    during identifier canonicalization (for the AFSPTS ptloader module).
#    This is different from loginrealms in that it occurs later in the
#    authorization process (as the user id is canonified for PTS lookup)
#afspts_localrealms: <none>

#  Afspts_mycell
#  -------------
#    Cell to use for AFS PTS lookups.  Defaults to the local cell.
#afspts_mycell: <none>

#  Allowallsubscribe
#  -----------------
#    Allow subscription to nonexistent mailboxes.  This option is
#    typically used on backend servers in a Murder so that users can
#    subscribe to mailboxes that don't reside on their "home" server.
#    This option can also be used as a workaround for IMAP clients which
#    don't play well with nonexistent or unselectable mailboxes (e.g.,
#    Microsoft Outlook).
#allowallsubscribe: 0

#  Allowanonymouslogin
#  -------------------
#    Permit logins by the user "anonymous" using any password.  Also
#    allows use of the SASL ANONYMOUS mechanism.
#allowanonymouslogin: 0

#  Allowapop
#  ---------
#    Allow use of the POP3 APOP authentication command.
#    #
#    Note that this command requires that SASL is compiled with APOP
#    support, that the plaintext passwords are available in a SASL auxprop
#    backend (e.g., sasldb), and that the system can provide enough entropy
#    (e.g., from /dev/urandom) to create a challenge in the banner.
#allowapop: 1

#  Allowdeleted
#  ------------
#    Allow access to deleted and expunged data via vendor.cmu-* access
#allowdeleted: 0

#  Allownewnews
#  ------------
#    Allow use of the NNTP NEWNEWS command.
#    #
#    Note that this is a very expensive command and should only be
#    enabled when absolutely necessary.
#allownewnews: 0

#  Allowplaintext
#  --------------
#    If enabled, allows the use of cleartext passwords on the wire.
#    #
#    By default, the use of cleartext passwords requires a TLS/SSL
#    encryption layer to be negotiated prior to any cleartext
#    authentication mechanisms being advertised or allowed.  To require a
#    TLS/SSL encryption layer to be negotiated prior to ANY
#    authentication, see the tls_required option.
#allowplaintext: 0

#  Allowsetacl
#  -----------
#    Defaults to enabled.  If disabled, disallows the use of the SETACL
#    command at all via IMAP.
#allowsetacl: 1

#  Allowusermoves
#  --------------
#    Allow moving user accounts (with associated meta-data) via RENAME
#    or XFER.
#    #
#    Note that measures should be taken to make sure that the user being
#    moved is not logged in, and cannot login during the move.  Failure
#    to do so may result in the user's meta-data (seen state,
#    subscriptions, etc) being corrupted or out of date.
#allowusermoves: 0

#  Altnamespace
#  ------------
#    Use the alternate IMAP namespace, where personal folders reside at the
#    same level in the hierarchy as INBOX.
#    #
#    This option ONLY applies where interaction takes place with the
#    client/user.  Currently this is limited to the IMAP protocol (imapd)
#    and Sieve scripts (lmtpd).  This option does NOT apply to admin tools
#    such as cyradm (admins ONLY), reconstruct, quota, etc., NOR does it
#    affect LMTP delivery of messages directly to mailboxes via
#    plus-addressing.  The default changed in 3.0 from off to on.
#altnamespace: 1

#  Altprefix
#  ---------
#    Alternative INBOX spellings that can't be accessed in altnamespace
#    otherwise go under here
#altprefix: Alt Folders

#  Annotation_db
#  -------------
#    The cyrusdb backend to use for mailbox annotations.
#    Allowed values: skiplist, twoskip, zeroskip
#annotation_db: twoskip

#  Annotation_db_path
#  ------------------
#    The absolute path to the annotations db file.  If not specified,
#    will be configdirectory/annotations.db
#annotation_db_path: <none>

#  Anyoneuseracl
#  -------------
#    Should non-admin users be allowed to set ACLs for the 'anyone'
#    user on their mailboxes?  In a large organization this can cause
#    support problems, but it's enabled by default.
#anyoneuseracl: 1

#  Annotation_allow_undefined
#  --------------------------
#    Allow clients to store values for entries which are not
#    defined either by Cyrus or in the annotations_definitions
#    file.
#annotation_allow_undefined: 0

#  Annotation_definitions
#  ----------------------
#    File containing external (third-party) annotation definitions.
#    #
#    Each line of the file specifies the properties of an annotation and
#    has the following form:

#        name, scope, attrib-type, proxy-type,
#        attrib-names, acl
#    name
#        is the hierarchical name as in RFC 5257 or RFC 5464 (in the latter case,
#        without the leading /shared or /private).  For example,
#        /vendor/acme/blurdybloop.
#    scope
#        specifies whether the annotation is for the server, a
#        mailbox, or a message.
#    attrib-type
#            specifies the attribute data type, which is used only to check the
#            string value passed by clients when setting annotations.  The
#            attrib-type is one of:
#        string
#            any value is accepted.
#        content-type
#            this obsolete data type, which was useful for early drafts of the standard,
#            is accepted but silently translated to string.
#        boolean
#            only the strings "true" or "false" are accepted.  Checking is
#            case-insensitive but the value is forced to lowercase.
#        int
#            integers are accepted.
#        uint
#            non-negative integers are accepted.
#    proxy-type
#        specifies whether this attribute is for the backend or
#        proxy servers or both (proxy_and_backend)
#    attrib-names
#        is the space-separated list of available attributes for the
#        annotation. Possible attribute names are value.shared,
#        value.priv, and value (which permits both value.priv
#        and value.shared).  The attribute names size,
#        size.shared, and size.priv are accepted but ignored; these
#        attributes are automatically provided by the server if the corresponding
#        value attribute is specified.  Some obsolete attributes, which were
#        defined early drafts of the standard, are accepted and ignored with a
#        warning.
#    extra-permissions
#        is the extra ACL permission bits required for setting this annotation, in
#        standard IMAP ACL permission bit string format.  Note that this is
#        in addition to the permission bits specified in RFC 5257 and RFC 5464,
#        so leaving this field empty is harmless.  Note also that there is no way
#        to specify that an annotation can only be set by an admin user; in
#        particular the a permission bit does not achieve this.
#        #
#        Blank lines and lines beginning with ``#'' are ignored.

#annotation_definitions: <none>

#  Annotation_callout
#  ------------------
#    The pathname of a callout to be used to automatically add annotations
#    or flags to a message when it is appended to a mailbox.  The path can
#    be either an executable (including a script), or a UNIX domain
#    socket.
#annotation_callout: <none>

#  Annotation_callout_disable_append
#  ---------------------------------
#    Disables annotations on append with xrunannotator
#annotation_callout_disable_append: 0

#  Annotation_enable_legacy_commands
#  ---------------------------------
#    Whether to enable the legacy GETANNOTATION/SETANNOTATION commands.
#    These commands are deprecated and will be removed in the future,
#    but might be useful in the meantime for supporting old clients that
#    do not implement the RFC5464 IMAP METADATA extension.
#annotation_enable_legacy_commands: 0

#  Aps_topic
#  ---------
#    Topic for Apple Push Service registration.
#aps_topic: <none>

#  Aps_topic_caldav
#  ----------------
#    Topic for Apple Push Service registration for CalDAV.
#aps_topic_caldav: <none>

#  Aps_topic_carddav
#  -----------------
#    Topic for Apple Push Service registration for CardDAV.
#aps_topic_carddav: <none>

#  Archive_enabled
#  ---------------
#    Is archiving enabled for this server.  You also need to have an
#    archivepartition for the mailbox.  Archiving allows older email
#    to be stored on slower, cheaper disks - even within the same
#    mailbox, as distinct from partitions.
#archive_enabled: 0

#  Archive_days
#  ------------
#    Deprecated in favour of archive_after.
#archive_days: <none>

#  Archive_after
#  -------------
#    The duration after which to move messages to the archive partition
#    if archiving is enabled.
#    #
#    For backward compatibility, if no unit is specified, days is
#    assumed.
#archive_after: 7d

#  Archive_maxsize
#  ---------------
#    The size in kilobytes of the largest message that won't be archived
#    immediately.  Default is 1Mb
#archive_maxsize: 1024

#  Archive_keepflagged
#  -------------------
#    If set, messages with the \Flagged system flag won't be archived,
#    provided they are smaller than archive_maxsize.
#archive_keepflagged: 0

#  Archivepartition-name
#  ---------------------
#    The pathname of the archive partition name, corresponding to
#    spool partition partition-name.  For any mailbox residing in
#    a directory on partition-name, the archived messages will be
#    stored in a corresponding directory on archivepartition-name.
#    Note that not every partition-name option is strictly required
#    to have a corresponding archivepartition-name option, but that
#    without one there's no benefit to enabling archiving.
#archivepartition-name: <none>

#  Auditlog
#  --------
#    Should cyrus output log entries for every action taken on a message
#    file or mailboxes list entry?  It's noisy so disabled by default, but
#    can be very useful for tracking down what happened if things look strange
#auditlog: 0

#  Auth_mech
#  ---------
#    The authorization mechanism to use.
#    Allowed values: unix, pts, krb, krb5
#auth_mech: unix

#  Autocreateinboxfolders
#  ----------------------
#    Deprecated in favor of autocreate_inbox_folders.
#autocreateinboxfolders: <none>

#  Autocreatequota
#  ---------------
#    Deprecated in favor of autocreate_quota.
#autocreatequota: 0

#  Autocreatequotamsg
#  ------------------
#    Deprecated in favor of autocreate_quota_messages.
#autocreatequotamsg: -1

#  Autosievefolders
#  ----------------
#    Deprecated in favor of autocreate_sieve_folders.
#autosievefolders: <none>

#  Generate_compiled_sieve_script
#  ------------------------------
#    Deprecated in favor of autocreate_sieve_script_compile.
#generate_compiled_sieve_script: 0

#  Autocreate_sieve_compiled_script
#  --------------------------------
#    Deprecated in favor of autocreate_sieve_script_compiled.
#autocreate_sieve_compiled_script: <none>

#  Autosubscribeinboxfolders
#  -------------------------
#    Deprecated in favor of autocreate_subscribe_folders.
#autosubscribeinboxfolders: <none>

#  Autosubscribesharedfolders
#  --------------------------
#    Deprecated in favor of autocreate_subscribe_sharedfolders.
#autosubscribesharedfolders: <none>

#  Autosubscribe_all_sharedfolders
#  -------------------------------
#    Deprecated in favor of autocreate_subscribe_sharedfolders_all.
#autosubscribe_all_sharedfolders: 0

#  Autocreate_acl
#  --------------
#    If folders are to be created by autocreate_inbox_folders, this
#    setting can be used to apply additional ACLs to the autocreated
#    folders.  The syntax is "autocreate_acl folder identifier rights",
#    where folder must match one of the autocreate_inbox_folders
#    folders, identifier must be a valid cyrus identifier, and
#    rights must be a valid cyrus rights string.  Multiple
#    identifier|rights pairs can be assigned to a single folder by providing
#    this setting multiple times.
#    #
#    For example, "autocreate_acl Plus anyone p" would allow lmtp delivery
#    to a folder named "Plus".

#autocreate_acl: <none>

#  Autocreate_inbox_folders
#  ------------------------
#    If a user does not have an INBOX already, and the INBOX is to be
#    created, create the list of folders in this setting as well.
#    autocreate_inbox_folders is a list of INBOX's subfolders
#    separated by a "|", that are automatically created by the server
#    under the following two scenarios. Leading and trailing whitespace is
#    stripped, so "Junk | Trash" results in two folders: "Junk" and
#    "Trash".  See also the xlist-flag option, for setting
#    special-use flags on autocreated folders.
#    #
#    INBOX folders are created under both the following conditions:
#    1.
#        The user logins via the IMAP or the POP3 protocol.
#        autocreate_quota option must have a value of zero or greater.
#    2.
#        A message arrives for the user through the lmtpd(8).
#        autocreate_post option must be enabled.
#        #

#autocreate_inbox_folders: <none>

#  Autocreate_post
#  ---------------
#    If enabled, when lmtpd(8) receives an incoming mail for an
#    INBOX that does not exist, then the INBOX is automatically created
#    by lmtpd(8) and delivery of the message continues.
#autocreate_post: 0

#  Autocreate_quota
#  ----------------
#    If set to a value of zero or higher, users have their INBOX folders
#    created upon a successful login event or upon lmtpd(8)
#    message delivery if autocreate_post is enabled, provided their
#    INBOX did not yet already exist.
#    #
#    The user's quota is set to the value if it is greater than zero,
#    otherwise the user has unlimited quota.
#    #
#    Note that quota is specified in kilobytes.
#autocreate_quota: -1

#  Autocreate_quota_messages
#  -------------------------
#    If set to a value of zero or higher, users who have their INBOX
#    folders created upon a successful login event (see
#    autocreate_quota), or upon lmtpd(8) message delivery if
#    autocreate_post is enabled, receive the message quota
#    configured in this option.
#    #
#    The default of -1 disables assigning message quota.
#    #
#    For consistency with autocreate_quota, a value of zero is treated
#    as unlimited message quota, rather than a message quota of zero.
#autocreate_quota_messages: -1

#  Autocreate_sieve_folders
#  ------------------------
#    A "|" separated list of subfolders of INBOX that will be
#    automatically created, if requested by a sieve filter, through the
#    "fileinto" action. The default is to create no folders
#    automatically.
#    #
#    Leading and trailing whitespace is stripped from each folder, so a
#    setting of "Junk | Trash" will create two folders: "Junk" and
#    "Trash".
#autocreate_sieve_folders: <none>

#  Autocreate_sieve_script
#  -----------------------
#    The full path of a file that contains a sieve script. This script
#    automatically becomes a user's initial default sieve filter script.
#    #
#    When this option is not defined, no default sieve filter is created.
#    The file must be readable by the Cyrus daemon.
#autocreate_sieve_script: <none>

#  Autocreate_sieve_script_compile
#  -------------------------------
#    If set to yes and no compiled sieve script file exists, the sieve script which is
#    compiled on the fly will be saved in the file name that autocreate_sieve_compiledscript
#    option points to. In order a compiled script to be generated, autocreate_sieve_script and
#    autocreate_sieve_compiledscript must have valid values
#autocreate_sieve_script_compile: 0

#  Autocreate_sieve_script_compiled
#  --------------------------------
#    The full path of a file that contains a compiled in bytecode sieve script. This script
#    automatically becomes a user's initial default sieve filter script.  If this option is
#    not specified, or the filename doesn't exist then the script defined by
#    autocreate_sieve_script is compiled on the fly and installed as the user's default
#    sieve script
#autocreate_sieve_script_compiled: <none>

#  Autocreate_subscribe_folders
#  ----------------------------
#    A list of folder names, separated by "|", that the users get automatically subscribed to,
#    when their INBOX is created. These folder names must have been included in the
#    autocreateinboxfolders option of the imapd.conf.
#autocreate_subscribe_folders: <none>

#  Autocreate_subscribe_sharedfolders
#  ----------------------------------
#    A list of shared folders (bulletin boards), separated by "|", that the users get
#    automatically subscribed to, after their INBOX is created. The shared folder must
#    have been created and the user must have the required permissions to get subscribed
#    to it. Otherwise, subscribing to the shared folder fails.
#autocreate_subscribe_sharedfolders: <none>

#  Autocreate_subscribe_sharedfolders_all
#  --------------------------------------
#    If set to yes, the user is automatically subscribed to all shared folders, one has permission
#    to subscribe to.
#autocreate_subscribe_sharedfolders_all: 0

#  Autocreate_users
#  ----------------
#    A space separated list of users and/or groups that are allowed their INBOX to be
#    automatically created.
#autocreate_users: anyone

#  Autoexpunge
#  -----------
#    If set to yes, then all \Deleted messages will be automatically expunged whenever
#    an index is closed, whether CLOSE, UNSELECT, SELECT or on disconnect
#autoexpunge: 0

#  Backuppartition-name
#  --------------------
#    The pathname of the backup partition name.  At least one backup
#    partition pathname MUST be specified if backups are in use.  Note that
#    there is no relationship between spool partitions and backup partitions.
#backuppartition-name: <none>

#  Backup_compact_minsize
#  ----------------------
#    The minimum size in kilobytes of chunks in each backup.  The compact tool
#    will try to combine adjacent chunks that are smaller than this.
#    #
#    Setting this value to zero or negative disables combining of chunks.
#backup_compact_minsize: 0

#  Backup_compact_maxsize
#  ----------------------
#    The maximum size in kilobytes of chunks in each backup.  The compact tool
#    will try to split chunks larger than this into smaller chunks.
#    #
#    Setting this value to zero or negative disables splitting of chunks.
#backup_compact_maxsize: 0

#  Backup_compact_work_threshold
#  -----------------------------
#    The number of chunks that must obviously need compaction before the compact
#    tool will go ahead with the compaction.  If set to less than one, the value
#    is treated as being one.
#backup_compact_work_threshold: 1

#  Backup_staging_path
#  -------------------
#    The absolute path of the backup staging area.  If not specified,
#    will be temp_path/backup
#backup_staging_path: <none>

#  Backup_retention_days
#  ---------------------
#    Deprecated in favor of backup_retention.
#backup_retention_days: <none>

#  Backup_retention
#  ----------------
#    How long to keep content in backup after it has been deleted
#    from the source.  If set to a negative value or zero, deleted content
#    will be kept indefinitely.
#    #
#    For backward compatibility, if no unit is specified, days is
#    assumed.
#backup_retention: 7d

#  Backup_db
#  ---------
#    The cyrusdb backend to use for the backup locations database.
#    Allowed values: skiplist, sql, twoskip, zeroskip
#backup_db: twoskip

#  Backup_db_path
#  --------------
#    The absolute path to the backup db file.  If not specified,
#    will be configdirectory/backups.db
#backup_db_path: <none>

#  Backup_keep_previous
#  --------------------
#    Whether the ctl_backups compact and ctl_backups reindex
#    commands should preserve the original file.  The original file will
#    be named with a timestamped suffix.  This is mostly useful for
#    debugging.
#    #
#    Note that with this enabled, compacting a backup will actually
#    increase the disk used by it (because there will now be an extra
#    copy: the original version, and the compacted version).
#backup_keep_previous: 0

#  Boundary_limit
#  --------------
#    messages are parsed recursively and a deep enough MIME structure
#    can cause a stack overflow.  Do not parse deeper than this many
#    layers of MIME structure.  The default of 1000 is much higher
#    than any sane message should have.
#boundary_limit: 1000

#  Caldav_allowattach
#  ------------------
#    Enable managed attachments support on the CalDAV server.
#caldav_allowattach: 1

#  Caldav_allowcalendaradmin
#  -------------------------
#    Enable per-user calendar administration web UI on the CalDAV server.
#caldav_allowcalendaradmin: 0

#  Caldav_allowscheduling
#  ----------------------
#    Enable calendar scheduling operations. If set to "apple", the
#    server will emulate Apple CalendarServer behavior as closely as
#    possible.
#    Allowed values: off, on, apple
#caldav_allowscheduling: on

#  Caldav_create_attach
#  --------------------
#    Create the 'Attachments' collection if it doesn't already exist
#caldav_create_attach: 1

#  Caldav_create_default
#  ---------------------
#    Create the 'Default' calendar if it doesn't already exist
#caldav_create_default: 1

#  Caldav_create_sched
#  -------------------
#    Create the 'Inbox' and 'Outbox' calendars if they don't already exist
#caldav_create_sched: 1

#  Caldav_historical_age
#  ---------------------
#    How long after an occurrence of event or task has concluded
#    that it is considered 'historical'.  Changes to historical
#    occurrences of events or tasks WILL NOT have invite or reply
#    messages sent for them.  A negative value means that events
#    and tasks are NEVER considered historical.
#    #
#    For backward compatibility, if no unit is specified, days is
#    assumed.
#caldav_historical_age: 7d

#  Caldav_maxdatetime
#  ------------------
#    The latest date and time accepted by the server (ISO format).  This
#    value is also used for expanding non-terminating recurrence rules.
#    #
#    Note that increasing this value will require the DAV databases for
#    calendars to be reconstructed with the dav_reconstruct
#    utility in order to see its effect on serer-side time-based
#    queries.
#caldav_maxdatetime: 20380119T031407Z

#  Caldav_mindatetime
#  ------------------
#    The earliest date and time accepted by the server (ISO format).
#caldav_mindatetime: 19011213T204552Z

#  Caldav_realm
#  ------------
#    The realm to present for HTTP authentication of CalDAV resources.
#    If not set (the default), the value of the "servername" option will
#    be used.
#caldav_realm: <none>

#  Calendarprefix
#  --------------
#    The prefix for the calendar mailboxes hierarchies.  The hierarchy
#    delimiter will be automatically appended.  The public calendar
#    hierarchy will be at the toplevel of the shared namespace.  A
#    user's personal calendar hierarchy will be a child of their Inbox.
#calendarprefix: #calendars

#  Calendar_user_address_set
#  -------------------------
#    Space-separated list of domains corresponding to calendar user
#    addresses for which the server is responsible.  If not set (the
#    default), the value of the "servername" option will be used.
#calendar_user_address_set: <none>

#  Calendar_component_set
#  ----------------------
#    Space-separated list of iCalendar component types that calendar
#    object resources may contain in a calendar collection.
#    This restriction is only set at calendar creation time and only
#    if the CalDAV client hasn't specified a restriction in the creation
#    request.
#    Allowed values: VEVENT, VTODO, VJOURNAL, VFREEBUSY, VAVAILABILITY, VPOLL
#calendar_component_set: VEVENT VTODO VJOURNAL VFREEBUSY VAVAILABILITY VPOLL

#  Carddav_allowaddmember
#  ----------------------
#    Enable support for POST add-member on the CardDAV server.
#carddav_allowaddmember: 0

#  Carddav_allowaddressbookadmin
#  -----------------------------
#    Enable per-user addressbook administration web UI on the CardDAV server.
#carddav_allowaddressbookadmin: 0

#  Carddav_realm
#  -------------
#    The realm to present for HTTP authentication of CardDAV resources.
#    If not set (the default), the value of the "servername" option will
#    be used.
#carddav_realm: <none>

#  Carddav_repair_vcard
#  --------------------
#    If enabled, VCARDs with invalid content are attempted to be repaired
#    during creation.
#carddav_repair_vcard: 0

#  Chatty
#  ------
#    If yes, syslog tags and commands for every IMAP command, mailboxes
#    for every lmtp connection, every POP3 command, etc
#chatty: 0

#  Client_bind
#  -----------
#    If enabled, a specific IP will be bound when performing a client
#    connection.  client_bind_name is used if it is set, otherwise
#    servername is used.  This is useful on multi-homed servers where
#    Cyrus should not use other services' interfaces.
#    #
#    If not enabled (the default), no bind will be performed.  Client
#    connections will use an IP chosen by the operating system.
#client_bind: 0

#  Client_bind_name
#  ----------------
#    IPv4, IPv6 address or hostname to bind for client connections when
#    client_bind is enabled.  If not set (the default),
#    servername will be used.
#client_bind_name: <none>

#  Client_timeout
#  --------------
#    Time to wait before returning a timeout failure when performing a
#    client connection (e.g. in a murder environment).
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#client_timeout: 10s

#  Commandmintimer
#  ---------------
#    Time in seconds. Any imap command that takes longer than this
#    time is logged.
#commandmintimer: <none>

#  Configdirectory
#  ---------------
#    The pathname of the IMAP configuration directory.  This field is
#    required.
#configdirectory: <none>

#  Createonpost
#  ------------
#    Deprecated in favor of autocreate_post.
#createonpost: 0

#  Conversations
#  -------------
#    Enable the XCONVERSATIONS extensions.  Extract conversation
#    tracking information from incoming messages and track them
#    in per-user databases.
#conversations: 0

#  Conversations_counted_flags
#  ---------------------------
#    space-separated list of flags for which per-conversation counts
#    will be kept.  Note that you need to reconstruct the conversations
#    database with ctl_conversationsdb if you change this option on a
#    running server, or the counts will be wrong.
#conversations_counted_flags: <none>

#  Conversations_db
#  ----------------
#    The cyrusdb backend to use for the per-user conversations database.
#    Allowed values: skiplist, sql, twoskip, zeroskip
#conversations_db: skiplist

#  Conversations_expire_days
#  -------------------------
#    Deprecated in favor of conversations_expire_after.
#conversations_expire_days: <none>

#  Conversations_expire_after
#  --------------------------
#    How long the conversations database keeps the message tracking
#    information needed for receiving new messages in existing
#    conversations.
#    #
#    For backward compatibility, if no unit is specified, days is
#    assumed.
#conversations_expire_after: 90d

#  Conversations_max_thread
#  ------------------------
#    maximum size for a single thread.  Threads will split if they have this many
#    * messages in them and another message arrives
#conversations_max_thread: 100

#  Crossdomains
#  ------------
#    Enable cross domain sharing.  This works best with alt namespace and
#    unix hierarchy separators on, so you get Other Users/foo@example.com/...
#crossdomains: 0

#  Crossdomains_onlyother
#  ----------------------
#    only show the domain for users in other domains than your own (for
#    backwards compatibility if you're already sharing
#crossdomains_onlyother: 0

#  Cyrus_group
#  -----------
#    The name of the group Cyrus services will run as.  If not configured, the
#    primary group of cyrus_user will be used. Can be further overridden by
#    setting the $CYRUS_GROUP environment variable.
#cyrus_group: <none>

#  Cyrus_user
#  ----------
#    The username to use as the 'cyrus' user.  If not configured, the compile
#    time default will be used. Can be further overridden by setting the
#    $CYRUS_USER environment variable.
#cyrus_user: <none>

#  Davdriveprefix
#  --------------
#    The prefix for the DAV storage mailboxes hierarchies.  The hierarchy
#    delimiter will be automatically appended.  The public storage
#    hierarchy will be at the toplevel of the shared namespace.  A
#    user's personal storage hierarchy will be a child of their Inbox.
#davdriveprefix: #drive

#  Davnotificationsprefix
#  ----------------------
#    The prefix for the DAV notifications hierarchy.  The hierarchy
#    delimiter will be automatically appended.  The public notifications
#    hierarchy will be at the toplevel of the shared namespace.  A
#    user's personal notifications hierarchy will be a child of their Inbox.
#davnotificationsprefix: #notifications

#  Dav_realm
#  ---------
#    The realm to present for HTTP authentication of generic DAV
#    resources (principals).  If not set (the default), the value of the
#    "servername" option will be used.
#dav_realm: <none>

#  Dav_lock_timeout
#  ----------------
#    The maximum time to wait for a write lock on the per-user DAV database
#    before timeout. For HTTP requests, the HTTP status code 503 is returned
#    if the lock can not be obtained within this time.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#dav_lock_timeout: 20s

#  Debug_command
#  -------------
#    Debug command to be used by processes started with -D option.  The string
#    is a C format string that gets 3 options: the first is the name of the
#    executable (as specified in the cmd parameter in cyrus.conf). The second
#    is the pid (integer) and the third is the service ID.
#    Example: /usr/local/bin/gdb /usr/cyrus/bin/%s %d
#debug_command: <none>

#  Defaultacl
#  ----------
#    The Access Control List (ACL) placed on a newly-created (non-user)
#    mailbox that does not have a parent mailbox.
#defaultacl: anyone lrs

#  Defaultdomain
#  -------------
#    The default domain for virtual domain support
#defaultdomain: internal

#  Defaultpartition
#  ----------------
#    The partition name used by default for new mailboxes.  If not
#    specified, the partition with the most free space will be used for
#    new mailboxes.
#    #
#    Note that the partition specified by this option must also be
#    specified as partition-name, where you substitute 'name'
#    for the alphanumeric string you set defaultpartition to.
#defaultpartition: <none>

#  Defaultsearchtier
#  -----------------
#    Name of the default tier that messages will be indexed to. Search
#    indexes can be organized in tiers to allow index storage in different
#    directories and physical media. See the man page of squatter for
#    details. The default search tier also requires the definition
#    of an according searchtierpartition-name entry.
#    #
#    This option MUST be specified for xapian search.
#defaultsearchtier: <empty string>

#  Defaultserver
#  -------------
#    The backend server name used by default for new mailboxes.  If not
#    specified, the server with the most free space will be used for new
#    mailboxes.
#defaultserver: <none>

#  Deletedprefix
#  -------------
#    With delete_mode set to delayed, the
#    deletedprefix setting defines the prefix for the hierarchy of
#    deleted mailboxes.
#    #
#    The hierarchy delimiter will be automatically appended.

#deletedprefix: DELETED

#  Delete_mode
#  -----------
#    The manner in which mailboxes are deleted. In the default
#    delayed mode, mailboxes that are being deleted are renamed to
#    a special mailbox hierarchy under the deletedprefix, to be
#    removed later by cyr_expire(8).
#    #
#    In immediate mode, the mailbox is removed from the filesystem
#    immediately.

#    Allowed values: immediate, delayed
#delete_mode: delayed

#  Delete_unsubscribe
#  ------------------
#    Whether to also unsubscribe from mailboxes when they are deleted.
#    Note that this behaviour contravenes RFC 3501 section 6.3.9, but
#    may be useful for avoiding user/client software confusion.
#    The default is 'no'.
#delete_unsubscribe: 0

#  Deleteright
#  -----------
#    Deprecated - only used for backwards compatibility with existing
#    installations.  Lists the old RFC 2086 right which was used to
#    grant the user the ability to delete a mailbox.  If a user has this
#    right, they will automatically be given the new 'x' right.
#deleteright: c

#  Disable_user_namespace
#  ----------------------
#    Preclude list command on user namespace.  If set to 'yes', the
#    LIST response will never include any other user's mailbox.  Admin
#    users will always see all mailboxes.  The default is 'no'
#disable_user_namespace: 0

#  Disable_shared_namespace
#  ------------------------
#    Preclude list command on shared namespace.  If set to 'yes', the
#    LIST response will never include any non-user mailboxes.  Admin
#    users will always see all mailboxes.  The default is 'no'
#disable_shared_namespace: 0

#  Disconnect_on_vanished_mailbox
#  ------------------------------
#    If enabled, IMAP/POP3/NNTP clients will be disconnected by the
#    server if the currently selected mailbox is (re)moved by another
#    session.  Otherwise, the missing mailbox is treated as empty while
#    in use by the client.
#disconnect_on_vanished_mailbox: 0

#  Ischedule_dkim_domain
#  ---------------------
#    The domain to be reported as doing iSchedule DKIM signing.
#ischedule_dkim_domain: <none>

#  Ischedule_dkim_key_file
#  -----------------------
#    File containing the private key for iSchedule DKIM signing.
#ischedule_dkim_key_file: <none>

#  Ischedule_dkim_required
#  -----------------------
#    A DKIM signature is required on received iSchedule requests.
#ischedule_dkim_required: 1

#  Ischedule_dkim_selector
#  -----------------------
#    Name of the selector subdividing the domain namespace.  This
#    specifies the actual key used for iSchedule DKIM signing within the
#    domain.
#ischedule_dkim_selector: <none>

#  Duplicate_db
#  ------------
#    The cyrusdb backend to use for the duplicate delivery suppression
#    and sieve.
#    Allowed values: skiplist, sql, twoskip, zeroskip
#duplicate_db: twoskip

#  Duplicate_db_path
#  -----------------
#    The absolute path to the duplicate db file.  If not specified,
#    will be configdirectory/deliver.db
#duplicate_db_path: <none>

#  Duplicatesuppression
#  --------------------
#    If enabled, lmtpd will suppress delivery of a message to a mailbox if
#    a message with the same message-id (or resent-message-id) is recorded
#    as having already been delivered to the mailbox.  Records the mailbox
#    and message-id/resent-message-id of all successful deliveries.
#duplicatesuppression: 1

#  Event_content_inclusion_mode
#  ----------------------------
#    The mode in which message content may be included with MessageAppend and
#    MessageNew. "standard" mode is the default behavior in which message is
#    included up to a size with the notification. In "message" mode, the message
#    is included and may be truncated to a size. In "header" mode, it includes
#    headers truncated to a size. In "body" mode, it includes body truncated
#    to a size. In "headerbody" mode, it includes full headers and body truncated
#    to a size
#    Allowed values: standard, message, header, body, headerbody
#event_content_inclusion_mode: standard

#  Event_content_size
#  ------------------
#    Truncate the message content that may be included with MessageAppend and
#    MessageNew. Set 0 to include the entire message itself
#event_content_size: 0

#  Event_exclude_flags
#  -------------------
#    Don't send event notification for given IMAP flag(s)
#event_exclude_flags: <none>

#  Event_exclude_specialuse
#  ------------------------
#    Don't send event notification for folder with given special-use attributes.
#    Set ALL for any folder
#event_exclude_specialuse: \\Junk

#  Event_extra_params
#  ------------------
#    Space-separated list of extra parameters to add to any appropriated event.
#    Allowed values: bodyStructure, clientAddress, diskUsed, flagNames, messageContent, messageSize, messages, modseq, service, timestamp, uidnext, vnd.cmu.midset, vnd.cmu.unseenMessages, vnd.cmu.envelope, vnd.cmu.sessionId, vnd.cmu.mailboxACL, vnd.cmu.mbtype, vnd.cmu.davFilename, vnd.cmu.davUid, vnd.fastmail.clientId, vnd.fastmail.sessionId, vnd.fastmail.convExists, vnd.fastmail.convUnseen, vnd.fastmail.cid, vnd.fastmail.counters, vnd.cmu.emailid, vnd.cmu.threadid
#event_extra_params: timestamp

#  Event_groups
#  ------------
#    Space-separated list of groups of related events to turn on notification
#    Allowed values: message, quota, flags, access, mailbox, subscription, calendar, applepushservice
#event_groups: message mailbox

#  Event_notifier
#  --------------
#    Notifyd(8) method to use for "EVENT" notifications which are based on
#    the RFC 5423.  If not set, "EVENT" notifications are disabled.
#event_notifier: <none>

#  Expunge_mode
#  ------------
#    The mode in which messages (and their corresponding cache entries)
#    are expunged.  "semidelayed" mode is the old behavior in which the
#    message files are purged at the time of the EXPUNGE, but index
#    and cache records are retained to facilitate QRESYNC.
#    In "delayed" mode, which is the default since Cyrus 2.5.0,
#    the message files are also retained, allowing unexpunge to
#    rescue them.  In "immediate" mode, both the message files and the
#    index records are removed as soon as possible.  In all cases,
#    nothing will be finally purged until all other processes have
#    closed the mailbox to ensure they never see data disappear under
#    them.  In "semidelayed" or "delayed" mode, a later run of "cyr_expire"
#    will clean out the retained records (and possibly message files).
#    This reduces the amount of I/O that takes place at the time of
#    EXPUNGE and should result in greater responsiveness for the client,
#    especially when expunging a large number of messages.
#    Allowed values: immediate, semidelayed, delayed
#expunge_mode: delayed

#  Failedloginpause
#  ----------------
#    Time to pause after a failed login.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#failedloginpause: 3s

#  Flushseenstate
#  --------------
#    Deprecated. No longer used
#flushseenstate: 1

#  Foolstupidclients
#  -----------------
#    If enabled, only list the personal namespace when a LIST "*" is performed
#    (it changes the request to a LIST "INBOX*").
#foolstupidclients: 0

#  Force_sasl_client_mech
#  ----------------------
#    Force preference of a given SASL mechanism for client side operations
#    (e.g., murder environments).  This is separate from (and overridden by)
#    the ability to use the <host shortname>_mechs option to set preferred
#    mechanisms for a specific host
#force_sasl_client_mech: <none>

#  Fulldirhash
#  -----------
#    If enabled, uses an improved directory hashing scheme which hashes
#    on the entire username instead of using just the first letter as
#    the hash.  This changes hash algorithm used for quota and user
#    directories and if hashimapspool is enabled, the entire mail
#    spool.
#    #
#    Note that this option CANNOT be changed on a live system.  The
#    server must be quiesced and then the directories moved with the
#    rehash utility.
#fulldirhash: 0

#  Hashimapspool
#  -------------
#    If enabled, the partitions will also be hashed, in addition to the
#    hashing done on configuration directories.  This is recommended if
#    one partition has a very bushy mailbox tree.
#hashimapspool: 0

#  Debug
#  -----
#    If enabled, allow syslog() to pass LOG_DEBUG messages.
#debug: 0

#  Hostname_mechs
#  --------------
#    Force a particular list of SASL mechanisms to be used when authenticating
#    to the backend server hostname (where hostname is the short hostname of
#    the server in question). If it is not specified it will query the server
#    for available mechanisms and pick one to use. - Cyrus Murder
#hostname_mechs: <none>

#  Hostname_password
#  -----------------
#    The password to use for authentication to the backend server hostname
#    (where hostname is the short hostname of the server) - Cyrus Murder
#hostname_password: <none>

#  Httpallowcompress
#  -----------------
#    If enabled, the server will compress response payloads if the client
#    indicates that it can accept them.  Note that the compressed data
#    will appear in telemetry logs, leaving only the response headers as
#    human-readable.
#httpallowcompress: 1

#  Httpallowcors
#  -------------
#    A wildmat pattern specifying a list of origin URIs ( scheme "://"
#    host [ ":" port ] ) that are allowed to make Cross-Origin Resource
#    Sharing (CORS) requests on the server.  By default, CORS requests
#    are disabled.
#    #
#    Note that the scheme and host should both be lowercase, the port
#    should be omitted if using the default for the scheme (80 for http,
#    443 for https), and there should be no trailing '/' (e.g.:
#    "http://www.example.com:8080", "https://example.org").
#httpallowcors: <none>

#  Httpallowtrace
#  --------------
#    Allow use of the TRACE method.
#    #
#    Note that sensitive data might be disclosed by the response.
#httpallowtrace: 0

#  Httpallowedurls
#  ---------------
#    Space-separated list of relative URLs (paths) rooted at
#    "httpdocroot" (see below) to be served by httpd.  If set, this
#    option will limit served static content to only those paths specified
#    (returning "404 Not Found" to any other client requested URLs).
#    Otherwise, httpd will serve any content found in "httpdocroot".
#    #
#    Note that any path specified by "rss_feedlist_template" is an
#    exception to this rule.
#httpallowedurls: <none>

#  Httpcontentmd5
#  --------------
#    If enabled, HTTP responses will include a Content-MD5 header for
#    the purpose of providing an end-to-end message integrity check
#    (MIC) of the payload body.  Note that enabling this option will
#    use additional CPU to generate the MD5 digest, which may be ignored
#    by clients anyways.
#httpcontentmd5: 0

#  Httpdocroot
#  -----------
#    If set, http will serve the static content (html/text/jpeg/gif
#    files, etc) rooted at this directory.  Otherwise, httpd will not
#    serve any static content.
#httpdocroot: <none>

#  Httpkeepalive
#  -------------
#    Set the length of the HTTP server's keepalive heartbeat.  The
#    default is 20 seconds.  The minimum value is 0, which will disable
#    the keepalive heartbeat.  When enabled, if a request takes longer
#    than httpkeepalive to process, the server will send the client
#    provisional responses every httpkeepalive until the final
#    response can be sent.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#httpkeepalive: 20s

#  Httpmodules
#  -----------
#    Space-separated list of HTTP modules that will be enabled in
#    httpd(8).  This option has no effect on modules that are disabled
#    at compile time due to missing dependencies (e.g. libical).
#    #
#    Note that "domainkey" depends on "ischedule" being enabled, and
#    that both "freebusy" and "ischedule" depend on "caldav" being
#    enabled.
#    Allowed values: admin, caldav, carddav, cgi, domainkey, freebusy, ischedule, jmap, prometheus, rss, tzdist, webdav
#httpmodules: <empty string>

#  Httpprettytelemetry
#  -------------------
#    If enabled, HTTP response payloads including server-generated
#    markup languages (HTML, XML) will utilize line breaks and
#    indentation to promote better human-readability in telemetry logs.
#    Note that enabling this option will increase the amount of data
#    sent across the wire.
#httpprettytelemetry: 0

#  Httptimeout
#  -----------
#    Set the length of the HTTP server's inactivity autologout timer.
#    The default is 5 minutes.  The minimum value is 0, which will
#    disable persistent connections.
#    #
#    For backwards compatibility, if no unit is specified, minutes
#    is assumed.
#httptimeout: 5m

#  Idlesocket
#  ----------
#    Unix domain socket that idled listens on.
#idlesocket: {configdirectory}/socket/idle

#  Ignorereference
#  ---------------
#    For backwards compatibility with Cyrus 1.5.10 and earlier -- ignore
#    the reference argument in LIST or LSUB commands.
#ignorereference: 0

#  Imapidlepoll
#  ------------
#    The interval for polling for mailbox changes and ALERTs while running
#    the IDLE command.  This option is used when idled is not enabled or
#    cannot be contacted.  The minimum value is 1 second.  A value of 0
#    will disable IDLE.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#imapidlepoll: 60s

#  Imapidresponse
#  --------------
#    If enabled, the server responds to an ID command with a parameter
#    list containing: version, vendor, support-url, os, os-version,
#    command, arguments, environment.  Otherwise the server returns NIL.
#imapidresponse: 1

#  Imapmagicplus
#  -------------
#    Only list a restricted set of mailboxes via IMAP by using
#    userid+namespace syntax as the authentication/authorization id.
#    Using userid+ (with an empty namespace) will list only subscribed
#    mailboxes.
#imapmagicplus: 0

#  Imipnotifier
#  ------------
#    Notifyd(8) method to use for "IMIP" notifications which are based on
#    the RFC 6047.  If not set, "IMIP" notifications are disabled.
#imipnotifier: <none>

#  Implicit_owner_rights
#  ---------------------
#    The implicit Access Control List (ACL) for the owner of a mailbox.
#implicit_owner_rights: lkxan

#  @include
#  --------
#    Directive which includes the specified file as part of the
#    configuration.  If the path to the file is not absolute, CYRUS_PATH
#    is prepended.
#@include: <none>

#  Improved_mboxlist_sort
#  ----------------------
#    If enabled, a special comparator will be used which will correctly
#    sort mailbox names that contain characters such as ' ' and '-'.
#    #
#    Note that this option SHOULD NOT be changed on a live system.  The
#    mailboxes database should be dumped (ctl_mboxlist) before the
#    option is changed, removed, and then undumped after changing the
#    option.  When not using flat files for the subscriptions databases
#    the same has to be done (cyr_dbtool) for each subscription database
#    See improved_mboxlist_sort.html.
#improved_mboxlist_sort: 0

#  Jmap_emailsearch_db_path
#  ------------------------
#    The absolute path to the JMAP email search cache file.  If not
#    specified, JMAP Email/query and Email/queryChanges will not
#    cache email search results.
#jmap_emailsearch_db_path: <none>

#  Jmap_preview_annot
#  ------------------
#    The name of the per-message annotation, if any, to store message
#    previews.
#jmap_preview_annot: <none>

#  Jmap_imagesize_annot
#  --------------------
#    The name of the per-message annotation, if any, that stores a
#    JSON object, mapping message part numbers of MIME image types
#    to an array of their image dimensions. The array must have at
#    least two entries, where the first entry denotes the width
#    and the second entry the height of the image. Any additional
#    values are ignored.

#    For example, if message part 1.2 contains an image of width 300
#    and height 200, then the value of this annotation would be:

#    { "1.2" : [ 300, 200 ] }

#jmap_imagesize_annot: <none>

#  Jmap_inlinedcids_annot
#  ----------------------
#    The name of the per-message annotation, if any, that stores a
#    JSON object, mapping RFC2392 Content-IDs referenced in HTML bodies
#    to the respective HTML body part number.

#    For example, if message part 1.2 contains HTML and references an
#    inlined image at "cid:foo", then the value of this annotation
#    would be:

#    { "<foo>" : "1.2" }

#    Note that the Content-ID key must be URL-unescaped and enclosed in
#    angular brackets, as defined in RFC2392.
#jmap_inlinedcids_annot: <none>

#  Jmap_preview_length
#  -------------------
#    The maximum byte length of dynamically generated message previews. Previews
#    stored in jmap_preview_annot take precedence.
#jmap_preview_length: 64

#  Jmap_max_size_upload
#  --------------------
#    The maximum size (in kilobytes) that the JMAP API accepts
#    for blob uploads. Returned as the maxSizeUpload property
#    value of the JMAP \"urn:ietf:params:jmap:core\" capabilities object.
#    Default is 1Gb.
#jmap_max_size_upload: 1048576

#  Jmap_max_concurrent_upload
#  --------------------------
#    The value to return for the maxConcurrentUpload property of
#    the JMAP \"urn:ietf:params:jmap:core\" capabilities object. The Cyrus JMAP
#    implementation does not enforce this rate-limit.
#jmap_max_concurrent_upload: 5

#  Jmap_max_size_request
#  ---------------------
#    The maximum size (in kilobytes) that the JMAP API accepts
#    for requests at the API endpoint. Returned as the
#    maxSizeRequest property value of the JMAP \"urn:ietf:params:jmap:core\"
#    capabilities object. Default is 10Mb.
#jmap_max_size_request: 10240

#  Jmap_max_concurrent_requests
#  ----------------------------
#    The value to return for the maxConcurrentRequests property of
#    the JMAP \"urn:ietf:params:jmap:core\" capabilities object. The Cyrus JMAP
#    implementation does not enforce this rate-limit.
#jmap_max_concurrent_requests: 5

#  Jmap_max_calls_in_request
#  -------------------------
#    The maximum number of calls per JMAP request object.
#    Returned as the maxCallsInRequest property value of the
#    JMAP \"urn:ietf:params:jmap:core\" capabilities object.
#jmap_max_calls_in_request: 50

#  Jmap_max_delayed_send
#  ---------------------
#    The value to return for the maxDelayedSend property of
#    the JMAP \"urn:ietf:params:jmap:emailsubmission\" capabilities object.
#    The Cyrus JMAP implementation does not enforce this limit.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#jmap_max_delayed_send: 512d

#  Jmap_max_objects_in_get
#  -----------------------
#    The maximum number of ids that a JMAP client may request in
#    a single \"/get\" type method call. The actual number
#    of returned objects in the response may exceed this number
#    if the JMAP object type supports unbounded \"/get\" calls.
#    Returned as the maxObjectsInGet property value of the
#    JMAP \"urn:ietf:params:jmap:core\" capabilities object.
#jmap_max_objects_in_get: 4096

#  Jmap_max_objects_in_set
#  -----------------------
#    The maximum number of objects a JMAP client may send to create,
#    update or destroy in a single /set type method call.
#    Returned as the maxObjectsInSet property value of the
#    JMAP \"urn:ietf:params:jmap:core\" capabilities object.
#jmap_max_objects_in_set: 4096

#  Jmap_mail_max_size_attachments_per_email
#  ----------------------------------------
#    The value (in kilobytes) to return for the maxSizeAttachmentsPerEmail
#    property of the JMAP \"urn:ietf:params:jmap:mail\" capabilities object. The Cyrus
#    JMAP implementation does not enforce this size limit. Default is 10 Mb.
#jmap_mail_max_size_attachments_per_email: 10240

#  Jmap_nonstandard_extensions
#  ---------------------------
#    If enabled, support non-standard JMAP extensions.  If not enabled,
#    only IETF standard JMAP functionality is supported.
#jmap_nonstandard_extensions: 0

#  Jmap_set_has_attachment
#  -----------------------
#    If enabled, the $hasAttachment flag is determined and set for new messages
#    created with the JMAP Email/set or Email/import methods. This option should
#    typically be enabled, but installations using Cyrus-external message
#    annatotors to determine the $hasAttachment flag might want to disable it.
#jmap_set_has_attachment: 1

#  Jmap_vacation
#  -------------
#    If enabled, support the JMAP vacation extension
#jmap_vacation: 1

#  Jmapuploadfolder
#  ----------------
#    the name of the folder for JMAP uploads (#jmap)
#jmapuploadfolder: #jmap

#  Jmapsubmission_deleteonsend
#  ---------------------------
#    If enabled (the default) then delete the EmailSubmission as soon as the email
#    * has been sent
#jmapsubmission_deleteonsend: 1

#  Jmapsubmissionfolder
#  --------------------
#    the name of the folder for JMAP Submissions (#jmapsubmission)
#jmapsubmissionfolder: #jmapsubmission

#  Jmappushsubscriptionfolder
#  --------------------------
#    the name of the folder for JMAP Push Subscriptions (#jmappushsubscription)
#jmappushsubscriptionfolder: #jmappushsubscription

#  Iolog
#  -----
#    Should cyrus output I/O log entries
#iolog: 0

#  Ldap_authz
#  ----------
#    SASL authorization ID for the LDAP server
#ldap_authz: <none>

#  Ldap_base
#  ---------
#    Contains the LDAP base dn for the LDAP ptloader module
#ldap_base: <empty string>

#  Ldap_bind_dn
#  ------------
#    Bind DN for the connection to the LDAP server (simple bind).
#    Do not use for anonymous simple binds
#ldap_bind_dn: <none>

#  Ldap_deref
#  ----------
#    Specify how aliases dereferencing is handled during search.
#    Allowed values: search, find, always, never
#ldap_deref: never

#  Ldap_domain_base_dn
#  -------------------
#    Base DN to search for domain name spaces.
#ldap_domain_base_dn: <empty string>

#  Ldap_domain_filter
#  ------------------
#    Filter to use searching for domains
#ldap_domain_filter: (&(objectclass=domainrelatedobject)(associateddomain=%s))

#  Ldap_domain_name_attribute
#  --------------------------
#    The attribute name for domains.
#ldap_domain_name_attribute: associateddomain

#  Ldap_domain_scope
#  -----------------
#    Search scope
#    Allowed values: sub, one, base
#ldap_domain_scope: sub

#  Ldap_domain_result_attribute
#  ----------------------------
#    Result attribute
#ldap_domain_result_attribute: inetdomainbasedn

#  Ldap_filter
#  -----------
#    Specify a filter that searches user identifiers.  The following tokens can be
#    used in the filter string:

#    %%   = %
#    %u   = user
#    %U   = user portion of %u (%U = test when %u = test@domain.tld)
#    %d   = domain portion of %u if available (%d = domain.tld when %u =
#    test@domain.tld), otherwise same as %R
#    %R   = domain portion of %u starting with @ (%R = @domain.tld
#    when %u = test@domain.tld)
#    %D   = user dn.  (use when ldap_member_method: filter)
#    %1-9 = domain tokens (%1 = tld, %2 = domain when %d = domain.tld)

#    ldap_filter is not used when ldap_sasl is enabled.
#ldap_filter: (uid=%u)

#  Ldap_group_base
#  ---------------
#    LDAP base dn for ldap_group_filter.
#ldap_group_base: <empty string>

#  Ldap_group_filter
#  -----------------
#    Specify a filter that searches for group identifiers.
#    See ldap_filter for more options.
#ldap_group_filter: (cn=%u)

#  Ldap_group_scope
#  ----------------
#    Specify search scope for ldap_group_filter.
#    Allowed values: sub, one, base
#ldap_group_scope: sub

#  Ldap_id
#  -------
#    SASL authentication ID for the LDAP server
#ldap_id: <none>

#  Ldap_mech
#  ---------
#    SASL mechanism for LDAP authentication
#ldap_mech: <none>

#  Ldap_user_attribute
#  -------------------
#    Specify LDAP attribute to use as canonical user id
#ldap_user_attribute: <none>

#  Ldap_member_attribute
#  ---------------------
#    See ldap_member_method.
#ldap_member_attribute: <none>

#  Ldap_member_base
#  ----------------
#    LDAP base dn for ldap_member_filter.
#ldap_member_base: <empty string>

#  Ldap_member_filter
#  ------------------
#    Specify a filter for "ldap_member_method: filter".
#    See ldap_filter for more options.
#ldap_member_filter: (member=%D)

#  Ldap_member_method
#  ------------------
#    Specify a group method.  The "attribute" method retrieves groups from
#    a multi-valued attribute specified in ldap_member_attribute.

#    The "filter" method uses a filter, specified by ldap_member_filter, to find
#    groups; ldap_member_attribute is a single-value attribute group name.
#    Allowed values: attribute, filter
#ldap_member_method: attribute

#  Ldap_member_scope
#  -----------------
#    Specify search scope for ldap_member_filter.
#    Allowed values: sub, one, base
#ldap_member_scope: sub

#  Ldap_password
#  -------------
#    Password for the connection to the LDAP server (SASL and simple bind).
#    Do not use for anonymous simple binds
#ldap_password: <none>

#  Ldap_realm
#  ----------
#    SASL realm for LDAP authentication
#ldap_realm: <none>

#  Ldap_referrals
#  --------------
#    Specify whether or not the client should follow referrals.
#ldap_referrals: 0

#  Ldap_restart
#  ------------
#    Specify whether or not LDAP I/O operations are automatically restarted
#    if they abort prematurely.
#ldap_restart: 1

#  Ldap_sasl
#  ---------
#    Use SASL for LDAP binds in the LDAP PTS module.
#ldap_sasl: 1

#  Ldap_sasl_authc
#  ---------------
#    Deprecated.  Use ldap_id
#ldap_sasl_authc: <none>

#  Ldap_sasl_authz
#  ---------------
#    Deprecated.  Use ldap_authz
#ldap_sasl_authz: <none>

#  Ldap_sasl_mech
#  --------------
#    Deprecated.  Use ldap_mech
#ldap_sasl_mech: <none>

#  Ldap_sasl_password
#  ------------------
#    Deprecated.  User ldap_password
#ldap_sasl_password: <none>

#  Ldap_sasl_realm
#  ---------------
#    Deprecated.  Use ldap_realm
#ldap_sasl_realm: <none>

#  Ldap_scope
#  ----------
#    Specify search scope.
#    Allowed values: sub, one, base
#ldap_scope: sub

#  Ldap_servers
#  ------------
#    Deprecated.  Use ldap_uri
#ldap_servers: ldap://localhost/

#  Ldap_size_limit
#  ---------------
#    Specify a number of entries for a search request to return.
#ldap_size_limit: 1

#  Ldap_start_tls
#  --------------
#    Use transport layer security for ldap:// using STARTTLS. Do not use
#    ldaps:// in 'ldap_uri' with this option enabled.
#ldap_start_tls: 0

#  Ldap_time_limit
#  ---------------
#    How long to wait for a search request to complete.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#ldap_time_limit: 5s

#  Ldap_timeout
#  ------------
#    How long a search can take before timing out.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#ldap_timeout: 5s

#  Ldap_ca_dir
#  -----------
#    Path to a directory with CA (Certificate Authority) certificates.
#ldap_ca_dir: <none>

#  Ldap_ca_file
#  ------------
#    Path to a file containing CA (Certificate Authority) certificate(s).
#ldap_ca_file: <none>

#  Ldap_ciphers
#  ------------
#    List of SSL/TLS ciphers to allow.  The format of the string is
#    described in ciphers(1).
#ldap_ciphers: <none>

#  Ldap_client_cert
#  ----------------
#    File containing the client certificate.
#ldap_client_cert: <none>

#  Ldap_client_key
#  ---------------
#    File containing the private client key.
#ldap_client_key: <none>

#  Ldap_verify_peer
#  ----------------
#    Require and verify server certificate.  If this option is yes,
#    you must specify ldap_ca_file or ldap_ca_dir.
#ldap_verify_peer: 0

#  Ldap_tls_cacert_dir
#  -------------------
#    Deprecated in favor of ldap_ca_dir.
#ldap_tls_cacert_dir: <none>

#  Ldap_tls_cacert_file
#  --------------------
#    Deprecated in favor of ldap_ca_file.
#ldap_tls_cacert_file: <none>

#  Ldap_tls_cert
#  -------------
#    Deprecated in favor of ldap_client_cert.
#ldap_tls_cert: <none>

#  Ldap_tls_key
#  ------------
#    Deprecated in favor of ldap_client_key.
#ldap_tls_key: <none>

#  Ldap_tls_check_peer
#  -------------------
#    Deprecated in favor of ldap_verify_peer.
#ldap_tls_check_peer: 0

#  Ldap_tls_ciphers
#  ----------------
#    Deprecated in favor of ldap_ciphers.
#ldap_tls_ciphers: <none>

#  Ldap_uri
#  --------
#    Contains a list of the URLs of all the LDAP servers when using the
#    LDAP PTS module.
#ldap_uri: <none>

#  Ldap_version
#  ------------
#    Specify the LDAP protocol version.  If ldap_start_tls and/or
#    ldap_use_sasl are enabled, ldap_version will be automatically
#    set to 3.
#ldap_version: 3

#  Literalminus
#  ------------
#    if enabled, CAPABILITIES will reply with LITERAL- rather than
#    LITERAL+ (RFC 7888).  Doesn't actually size-restrict uploads though
#literalminus: 0

#  Lmtp_downcase_rcpt
#  ------------------
#    If enabled, lmtpd will convert the recipient addresses to lowercase
#    (up to a '+' character, if present).
#lmtp_downcase_rcpt: 1

#  Lmtp_exclude_specialuse
#  -----------------------
#    Don't allow delivery to folders with given special-use attributes.
#    #
#    Note that "snoozing" of emails can currently only be done via the
#    JMAP protocol, so delivery directly to the \Snoozed mailbox is
#    prohibited by default as it will not be moved back into INBOX
#    automatically.
#lmtp_exclude_specialuse: \\Snoozed

#  Lmtp_fuzzy_mailbox_match
#  ------------------------
#    If enabled, and the mailbox specified in the detail part of the
#    recipient (everything after the '+') does not exist, lmtpd will try
#    to find the closest match (ignoring case, ignoring whitespace,
#    falling back to parent) to the specified mailbox name.
#lmtp_fuzzy_mailbox_match: 0

#  Lmtp_over_quota_perm_failure
#  ----------------------------
#    If enabled, lmtpd returns a permanent failure code when a user's
#    mailbox is over quota.  By default, the failure is temporary,
#    causing the MTA to queue the message and retry later.
#lmtp_over_quota_perm_failure: 0

#  Lmtp_strict_quota
#  -----------------
#    If enabled, lmtpd returns a failure code when the incoming message
#    will cause the user's mailbox to exceed its quota.  By default, the
#    failure won't occur until the mailbox is already over quota.
#lmtp_strict_quota: 0

#  Lmtp_strict_rfc2821
#  -------------------
#    By default, lmtpd will be strict (per RFC 2821) with regards to which
#    envelope addresses are allowed.  If this option is set to false, 8bit
#    characters in the local-part of envelope addresses are changed to 'X'
#    instead.  This is useful to avoid generating backscatter with
#    certain MTAs like Postfix or Exim which accept such messages.
#lmtp_strict_rfc2821: 1

#  Lmtpsocket
#  ----------
#    Unix domain socket that lmtpd listens on, used by deliver(8). This should
#    match the path specified in cyrus.conf(5).
#lmtpsocket: {configdirectory}/socket/lmtp

#  Lmtptxn_timeout
#  ---------------
#    Timeout used during a lmtp transaction to a remote backend (e.g. in a
#    murder environment).  Can be used to prevent hung lmtpds on proxy hosts
#    when a backend server becomes unresponsive during a lmtp transaction.
#    The default is 5 minutes - change to zero for infinite.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#lmtptxn_timeout: 5m

#  Lock_debugtime
#  --------------
#    A floating point number of seconds.  If set, time how long we wait for
#    any lock, and syslog the filename and time if it's longer than this
#    value.  The default of NULL means not to time locks.
#lock_debugtime: <none>

#  Loginrealms
#  -----------
#    The list of remote realms whose users may authenticate using cross-realm
#    authentication identifiers.  Separate each realm name by a space.  (A
#    cross-realm identity is considered any identity returned by SASL
#    with an "@" in it.).
#loginrealms: <empty string>

#  Loginuseacl
#  -----------
#    If enabled, any authentication identity which has a rights on a
#    user's INBOX may log in as that user.
#loginuseacl: 0

#  Logtimestamps
#  -------------
#    Include notations in the protocol telemetry logs indicating the number of
#    seconds since the last command or response.
#logtimestamps: 0

#  Mailbox_default_options
#  -----------------------
#    Default "options" field for the mailbox on create.  You'll want to know
#    what you're doing before setting this, but it can apply some default
#    annotations like duplicate suppression
#mailbox_default_options: 0

#  Mailbox_initial_flags
#  ---------------------
#    space-separated list of permanent flags which will be pre-set in every
#    newly created mailbox.  If you know you will require particular
#    flag names then this avoids a possible race condition against a client
#    that fills the entire 128 available slots.  Default is NULL, which is
#    no flags.  Example: $Label1 $Label2 $Label3 NotSpam Spam
#mailbox_initial_flags: <none>

#  Mailnotifier
#  ------------
#    Notifyd(8) method to use for "MAIL" notifications.  If not set, "MAIL"
#    notifications are disabled.
#mailnotifier: <none>

#  Master_bind_errors_fatal
#  ------------------------
#    If enabled, failure to bind a port during startup is treated as a fatal
#    error, causing master to shut down immediately.  The default is to keep
#    running, with the affected service disabled until the next SIGHUP causes
#    it to retry.
#    #
#    Note that this only applies during startup.  New services that fail to
#    come up in response to a reconfig+SIGHUP will just be logged and disabled
#    like the default behaviour, without causing master to exit.
#master_bind_errors_fatal: 0

#  Maxheaderlines
#  --------------
#    Maximum number of lines of header that will be processed into cache
#    records.  Default 1000.  If set to zero, it is unlimited.
#    If a message hits the limit, an error will be logged and the rest of
#    the lines in the header will be skipped.  This is to avoid malformed
#    messages causing giant cache records
#maxheaderlines: 1000

#  Maxlogins_per_host
#  ------------------
#    Maximum number of logged in sessions allowed per host,
#    zero means no limit
#maxlogins_per_host: 0

#  Maxlogins_per_user
#  ------------------
#    Maximum number of logged in sessions allowed per user,
#    zero means no limit
#maxlogins_per_user: 0

#  Maxmessagesize
#  --------------
#    Maximum incoming LMTP message size.  If non-zero, lmtpd will reject
#    messages larger than maxmessagesize bytes.  If set to 0, this
#    will allow messages of any size (the default).
#maxmessagesize: 0

#  Maxquoted
#  ---------
#    Maximum size of a single quoted string for the parser.  Default 128k
#maxquoted: 131072

#  Maxword
#  -------
#    Maximum size of a single word for the parser.  Default 128k
#maxword: 131072

#  Mboxkey_db
#  ----------
#    The cyrusdb backend to use for mailbox keys.
#    Allowed values: skiplist, twoskip, zeroskip
#mboxkey_db: twoskip

#  Mboxlist_db
#  -----------
#    The cyrusdb backend to use for the mailbox list.
#    Allowed values: flat, skiplist, sql, twoskip, zeroskip
#mboxlist_db: twoskip

#  Mboxlist_db_path
#  ----------------
#    The absolute path to the mailboxes db file.  If not specified
#    will be configdirectory/mailboxes.db
#mboxlist_db_path: <none>

#  Mboxname_lockpath
#  -----------------
#    Path to mailbox name lock files (default $conf/lock)
#mboxname_lockpath: <none>

#  Metapartition_files
#  -------------------
#    Space-separated list of metadata files to be stored on a
#    metapartition rather than in the mailbox directory on a spool
#    partition.
#    Allowed values: header, index, cache, expunge, squat, annotations, lock, dav, archivecache
#metapartition_files: <empty string>

#  Metapartition-name
#  ------------------
#    The pathname of the metadata partition name, corresponding to
#    spool partition partition-name.  For any mailbox residing in
#    a directory on partition-name, the metadata files listed in
#    metapartition_files will be stored in a corresponding directory on
#    metapartition-name.   Note that not every
#    partition-name option is required to have a corresponding
#    metapartition-name option, so that you can selectively choose
#    which spool partitions will have separate metadata partitions.
#metapartition-name: <none>

#  Mupdate_authname
#  ----------------
#    The SASL username (Authentication Name) to use when authenticating to the
#    mupdate server (if needed).
#mupdate_authname: <none>

#  Mupdate_config
#  --------------
#    The configuration of the mupdate servers in the Cyrus Murder.
#    The "standard" config is one in which there are discreet frontend
#    (proxy) and backend servers.  The "unified" config is one in which
#    a server can be both a frontend and backend.  The "replicated"
#    config is one in which multiple backend servers all share the same
#    mailspool, but each have their own "replicated" copy of
#    mailboxes.db.
#    Allowed values: standard, unified, replicated
#mupdate_config: standard

#  Munge8bit
#  ---------
#    If enabled, lmtpd munges messages with 8-bit characters in the
#    headers.  The 8-bit characters are changed to `X'.  If
#    reject8bit is enabled, setting munge8bit has no effect.
#    (A proper solution to non-ASCII characters in headers is offered by
#    RFC 2047 and its predecessors.)
#munge8bit: 1

#  Mupdate_connections_max
#  -----------------------
#    The max number of connections that a mupdate process will allow, this
#    is related to the number of file descriptors in the mupdate process.
#    Beyond this number connections will be immediately issued a BYE response.
#mupdate_connections_max: 128

#  Mupdate_password
#  ----------------
#    The SASL password (if needed) to use when authenticating to the
#    mupdate server.
#mupdate_password: <none>

#  Mupdate_port
#  ------------
#    The port of the mupdate server for the Cyrus Murder
#mupdate_port: 3905

#  Mupdate_realm
#  -------------
#    The SASL realm (if needed) to use when authenticating to the mupdate
#    server.
#mupdate_realm: <none>

#  Mupdate_retry_delay
#  -------------------
#    The base time to wait between connection retries to the mupdate server.
#mupdate_retry_delay: 20

#  Mupdate_server
#  --------------
#    The mupdate server for the Cyrus Murder
#mupdate_server: <none>

#  Mupdate_username
#  ----------------
#    The SASL username (Authorization Name) to use when authenticating to
#    the mupdate server
#mupdate_username: <empty string>

#  Mupdate_workers_max
#  -------------------
#    The maximum number of mupdate worker threads (overall)
#mupdate_workers_max: 50

#  Mupdate_workers_maxspare
#  ------------------------
#    The maximum number of idle mupdate worker threads
#mupdate_workers_maxspare: 10

#  Mupdate_workers_minspare
#  ------------------------
#    The minimum number of idle mupdate worker threads
#mupdate_workers_minspare: 2

#  Mupdate_workers_start
#  ---------------------
#    The number of mupdate worker threads to start
#mupdate_workers_start: 5

#  Netscapeurl
#  -----------
#    If enabled at compile time, this specifies a URL to reply when
#    Netscape asks the server where the mail administration HTTP server
#    is.  Administrators should set this to a local resource.
#netscapeurl: <none>

#  Newsaddheaders
#  --------------
#    Space-separated list of headers to be added to incoming usenet
#    articles.  Added To: headers will contain email
#    delivery addresses corresponding to each newsgroup in the
#    Newsgroups: header.  Added Reply-To: headers will
#    contain email delivery addresses corresponding to each newsgroup in
#    the Followup-To: or Newsgroups: header.  If the
#    specified header(s) already exist in an article, the email
#    delivery addresses will be appended to the original header body(s).
#    This option applies if and only if the newspostuser option is
#    set.
#    Allowed values: to, replyto
#newsaddheaders: to

#  Newsgroups
#  ----------
#    A wildmat pattern specifying which mailbox hierarchies should be
#    treated as newsgroups.  Only mailboxes matching the wildmat will
#    accept and/or serve articles via NNTP.  If not set, a default
#    wildmat of "*" (ALL shared mailboxes) will be used.  If the
#    newsprefix option is also set, the default wildmat will be
#    translated to "<newsprefix>.*"
#newsgroups: *

#  Newsmaster
#  ----------
#    Userid that is used for checking access controls when executing
#    Usenet control messages.  For instance, to allow articles to be
#    automatically deleted by cancel messages, give the "news" user
#    the 'd' right on the desired mailboxes.  To allow newsgroups to be
#    automatically created, deleted and renamed by the corresponding
#    control messages, give the "news" user the 'c' right on the desired
#    mailbox hierarchies.
#newsmaster: news

#  Newspeer
#  --------
#    A list of whitespace-separated news server specifications to which
#    articles should be fed.  Each server specification is a string of
#    the form [user[:pass]@]host[:port][/wildmat] where 'host' is the fully
#    qualified hostname of the server, 'port' is the port on which the
#    server is listening, 'user' and 'pass' are the authentication
#    credentials and 'wildmat' is a pattern that specifies which groups
#    should be fed.  If no 'port' is specified, port 119 is used.  If
#    no 'wildmat' is specified, all groups are fed.  If 'user' is specified
#    (even if empty), then the NNTP POST command will be used to feed
#    the article to the server, otherwise the IHAVE command will be
#    used.
#    A '@' may be used in place of '!' in the wildmat to prevent feeding
#    articles cross-posted to the given group, otherwise cross-posted
#    articles are fed if any part of the wildmat matches.  For example,
#    the string "peer.example.com:*,!control.*,@local.*" would feed all
#    groups except control messages and local groups to
#    peer.example.com.  In the case of cross-posting to local groups,
#    these articles would not be fed.
#newspeer: <none>

#  Newspostuser
#  ------------
#    Userid used to deliver usenet articles to newsgroup folders
#    (usually via lmtp2nntp).  For example, if set to "post", email sent
#    to "post+comp.mail.imap" would be delivered to the "comp.mail.imap"
#    folder.
#    When set, the Cyrus NNTP server will add the header(s) specified in
#    the newsaddheaders option to each incoming usenet article.
#    The added header(s) will contain email delivery addresses
#    corresponding to each relevant newsgroup.  If not set, no headers
#    are added to usenet articles.
#newspostuser: <none>

#  Newsprefix
#  ----------
#    Prefix to be prepended to newsgroup names to make the corresponding
#    IMAP mailbox names.
#newsprefix: <none>

#  Newsrc_db_path
#  --------------
#    The absolute path to the newsrc db file.  If not specified,
#    will be configdirectory/fetchnews.db
#newsrc_db_path: <none>

#  Nntptimeout
#  -----------
#    Set the length of the NNTP server's inactivity autologout timer.
#    The minimum value is 3 minutes, also the default.
#    #
#    For backward compatibility, if no unit is specified, minutes is
#    assumed.
#nntptimeout: 3m

#  Notesmailbox
#  ------------
#    The top level mailbox in each user's account which is used to store
#    * Apple-style Notes.  Default is blank (disabled)
#notesmailbox: <none>

#  Notifysocket
#  ------------
#    Unix domain socket that the mail notification daemon listens on.
#notifysocket: {configdirectory}/socket/notify

#  Notify_external
#  ---------------
#    Path to the external program that notifyd(8) will call to send mail
#    notifications.
#    #
#    The external program will be called with the following
#    command line options:

#        .. option:: -c    class
#        .. option:: -p    priority
#        .. option:: -u    user
#        .. option:: -m    mailbox
#        #
#        And the notification message will be available on stdin.

#notify_external: <none>

#  Partition-name
#  --------------
#    The pathname of the partition name.  At least one partition
#    pathname MUST be specified.  If the defaultpartition option is
#    used, then its pathname MUST be specified.  For example, if the
#    value of the defaultpartion option is part1, then the
#    partition-part1 field is required.
#partition-name: <none>

#  Partition_select_mode
#  ---------------------
#    Partition selection mode.
#    #
#    random
#        (pseudo-)random selection
#    freespace-most
#        partition with the most free space (KiB)
#    freespace-percent-most
#        partition with the most free space (%)
#    freespace-percent-weighted
#        each partition is weighted according to its free space (%); the more free space
#        the partition has, the more chances it has to be selected
#    freespace-percent-weighted-delta
#        each partition is weighted according to its difference of free space (%)
#        compared to the most used partition; the more the partition is lagging behind
#        the most used partition, the more chances it has to be selected
#        #
#        Note that actually even the most used partition has a few chances to be
#        selected, and those chances increase when other partitions get closer

#        Allowed values: random, freespace-most, freespace-percent-most, freespace-percent-weighted, freespace-percent-weighted-delta
#partition_select_mode: freespace-most

#  Partition_select_exclude
#  ------------------------
#    List of partitions to exclude from selection mode.
#partition_select_exclude: <none>

#  Partition_select_usage_reinit
#  -----------------------------
#    For a given session, number of operations (e.g. partition selection)
#    for which partitions usage data are cached.
#partition_select_usage_reinit: 0

#  Partition_select_soft_usage_limit
#  ---------------------------------
#    Limit of partition usage (%): if a partition is over that limit, it is
#    automatically excluded from selection mode.
#    #
#    If all partitions are over that limit, this feature is not used anymore.

#partition_select_soft_usage_limit: 0

#  Plaintextloginpause
#  -------------------
#    Time to pause after a successful plaintext login.  For systems that
#    support strong authentication, this permits users to perceive a cost
#    of using plaintext passwords.  (This does not affect the use of PLAIN
#    in SASL authentications.)
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#plaintextloginpause: <none>

#  Plaintextloginalert
#  -------------------
#    Message to send to client after a successful plaintext login.
#plaintextloginalert: <none>

#  Popexpiretime
#  -------------
#    The duration advertised as being the minimum a message may be
#    left on the POP server before it is deleted (via the CAPA command,
#    defined in the POP3 Extension Mechanism, which some clients may
#    support).  This duration has a granularity of whole days, with partial
#    days truncated (so e.g. "45m" is effectively "0d").  "NEVER", the
#    default, may be specified with a negative number.
#    #
#    The Cyrus POP3 server never deletes mail, no matter what the value of
#    this parameter is.  However, if a site implements a less liberal policy,
#    it needs to change this parameter accordingly.
#    #
#    For backward compatibility, if no unit is specified, days is
#    assumed.
#popexpiretime: -1

#  Popminpoll
#  ----------
#    Set the minimum amount of time the server forces users to wait
#    between successive POP logins.
#    #
#    For backward compatibility, if no unit is specified, minutes is
#    assumed.
#popminpoll: <none>

#  Popsubfolders
#  -------------
#    Allow access to subfolders of INBOX via POP3 by using
#    userid+subfolder syntax as the authentication/authorization id.
#popsubfolders: 0

#  Poppollpadding
#  --------------
#    Create a softer minimum poll restriction.  Allows poppollpadding
#    connections before the minpoll restriction is triggered.  Additionally,
#    one padding entry is recovered every popminpoll minutes.
#    This allows for the occasional polling rate faster than popminpoll,
#    (i.e., for clients that require a send/receive to send mail) but still
#    enforces the rate long-term.  Default is 1 (disabled).
#    The easiest way to think of it is a queue of past connections, with one
#    slot being filled for every connection, and one slot being cleared
#    every popminpoll minutes. When the queue is full, the user
#    will not be able to check mail again until a slot is cleared.  If the
#    user waits a sufficient amount of time, they will get back many or all
#    of the slots.
#poppollpadding: 1

#  Poptimeout
#  ----------
#    Set the length of the POP server's inactivity autologout timer.
#    The minimum value is 10 minutes, the default.
#    #
#    For backward compatibility, if no unit is specified, minutes is
#    assumed.
#poptimeout: 10m

#  Popuseacl
#  ---------
#    Enforce IMAP ACLs in the pop server.  Due to the nature of the POP3
#    protocol, the only rights which are used by the pop server are 'r',
#    't', and 's' for the owner of the mailbox.  The 'r' right allows the
#    user to open the mailbox and list/retrieve messages.  The 't' right
#    allows the user to delete messages.  The 's' right allows messages
#    retrieved by the user to have the \Seen flag set (only if
#    popuseimapflags is also enabled).
#popuseacl: 0

#  Popuseimapflags
#  ---------------
#    If enabled, the pop server will set and obey IMAP flags.  Messages
#    having the \Deleted flag are ignored as if they do not exist.
#    Messages that are retrieved by the client will have the \Seen flag
#    set.  All messages will have the \Recent flag unset.
#popuseimapflags: 0

#  Postmaster
#  ----------
#    Username that is used as the 'From' address in rejection MDNs produced
#    by sieve.
#postmaster: postmaster

#  Postspec
#  --------
#  Postuser
#  --------
#Userid used to deliver messages to shared folders.  For example, if
#set to "bb", email sent to "bb+shared.blah" would be delivered to
#the "shared.blah" folder.  By default, an email address of
#"+shared.blah" would be used.
#postspec: <none>
#postuser: <empty string>

#  Proc_path
#  ---------
#    Path to proc directory.  Default is NULL - must be an absolute path
#    if specified.  If not specified, the path $configdirectory/proc/ will be
#    used.
#proc_path: <none>

#  Prometheus_enabled
#  ------------------
#    Whether tracking of service metrics for Prometheus is enabled.
#prometheus_enabled: 0

#  Prometheus_need_auth
#  --------------------
#    Authentication level required to fetch Prometheus metrics.
#    Allowed values: none, user, admin
#prometheus_need_auth: admin

#  Prometheus_update_freq
#  ----------------------
#    Frequency in at which promstatsd should re-collate its statistics
#    report.  The minimum value is 1 second, the default is 10 seconds.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#prometheus_update_freq: 10s

#  Prometheus_stats_dir
#  --------------------
#    Directory to use for gathering prometheus statistics.  If specified,
#    must be an absolute path.  If not specified, the default path
#    $configdirectory/stats/ will be used.  It may be advantageous to locate this
#    directory on ephemeral storage.
#prometheus_stats_dir: <none>

#  Proxy_authname
#  --------------
#    The authentication name to use when authenticating to a backend server
#    in the Cyrus Murder.
#proxy_authname: proxy

#  Proxy_compress
#  --------------
#    Try to enable protocol-specific compression when performing a client
#    connection to a backend server in the Cyrus Murder.
#    #
#    Note that this should only be necessary over slow network
#    connections.  Also note that currently only IMAP and MUPDATE support
#    compression.
#proxy_compress: 0

#  Proxy_password
#  --------------
#    The default password to use when authenticating to a backend server
#    in the Cyrus Murder.  May be overridden on a host-specific basis using
#    the hostname_password option.
#proxy_password: <none>

#  Proxy_realm
#  -----------
#    The authentication realm to use when authenticating to a backend server
#    in the Cyrus Murder
#proxy_realm: <none>

#  Proxyd_allow_status_referral
#  ----------------------------
#    Set to true to allow proxyd to issue referrals to clients that support it
#    when answering the STATUS command.  This is disabled by default since
#    some clients issue many STATUS commands in a row, and do not cache the
#    connections that these referrals would cause, thus resulting in a higher
#    authentication load on the respective backend server.
#proxyd_allow_status_referral: 0

#  Proxyd_disable_mailbox_referrals
#  --------------------------------
#    Set to true to disable the use of mailbox-referrals on the
#    proxy servers.
#proxyd_disable_mailbox_referrals: 0

#  Proxyservers
#  ------------
#    A list of users and groups that are allowed to proxy for other
#    users, separated by spaces.  Any user listed in this will be
#    allowed to login for any other user: use with caution.
#    In a standard murder this option should ONLY be set on backends.
#    DO NOT SET on frontends or things won't work properly.
#proxyservers: <none>

#  Pts_module
#  ----------
#    The PTS module to use.
#    Allowed values: afskrb, ldap
#pts_module: afskrb

#  Ptloader_sock
#  -------------
#    Unix domain socket that ptloader listens on.
#    (defaults to configdirectory/ptclient/ptsock)
#ptloader_sock: <none>

#  Ptscache_db
#  -----------
#    The cyrusdb backend to use for the pts cache.
#    Allowed values: skiplist, twoskip, zeroskip
#ptscache_db: twoskip

#  Ptscache_db_path
#  ----------------
#    The absolute path to the ptscache db file.  If not specified,
#    will be configdirectory/ptscache.db
#ptscache_db_path: <none>

#  Ptscache_timeout
#  ----------------
#    The timeout for the PTS cache database when using the auth_krb_pts
#    authorization method (default: 3 hours).
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#ptscache_timeout: 3h

#  Ptskrb5_convert524
#  ------------------
#    When using the AFSKRB ptloader module with Kerberos 5 canonicalization,
#    do the final 524 conversion to get a n AFS style name (using '.' instead
#    of '/', and using short names
#ptskrb5_convert524: 1

#  Ptskrb5_strip_default_realm
#  ---------------------------
#    When using the AFSKRB ptloader module with Kerberos 5 canonicalization,
#    strip the default realm from the userid (this does not affect the stripping
#    of realms specified by the afspts_localrealms option)
#ptskrb5_strip_default_realm: 1

#  Qosmarking
#  ----------
#    This specifies the Class Selector or Differentiated Services Code Point
#    designation on IP headers (in the ToS field).
#    Allowed values: cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, ef
#qosmarking: cs0

#  Quota_db
#  --------
#    The cyrusdb backend to use for quotas.
#    Allowed values: flat, skiplist, sql, quotalegacy, twoskip, zeroskip
#quota_db: quotalegacy

#  Quota_db_path
#  -------------
#    The absolute path for the quota database (if you choose a single-file
#    quota DB type - or the base path if you choose quotalegacy).  If
#    not specified will be configdirectory/quotas.db or configdirectory/quota/
#quota_db_path: <none>

#  Quotawarn
#  ---------
#    The percent of quota utilization over which the server generates
#    warnings.
#quotawarn: 90

#  Quotawarnkb
#  -----------
#    The maximum amount of free space (in kB) at which to give a quota
#    warning (if this value is 0, or if the quota is smaller than this
#    amount, then warnings are always given).
#quotawarnkb: 0

#  Quotawarnmsg
#  ------------
#    The maximum amount of messages at which to give a quota warning
#    (if this value is 0, or if the quota is smaller than this
#    amount, then warnings are always given).
#quotawarnmsg: 0

#  Reject8bit
#  ----------
#    If enabled, lmtpd rejects messages with 8-bit characters in the
#    headers.
#reject8bit: 0

#  Restore_authname
#  ----------------
#    The authentication used by the restore tool when authenticating
#    to an IMAP/sync server.
#restore_authname: <none>

#  Restore_password
#  ----------------
#    The password used by the restore tool when authenticating to an
#    IMAP/sync server.
#restore_password: <none>

#  Restore_realm
#  -------------
#    The authentication realm used by the restore tool when
#    authenticating to an IMAP/sync server.
#restore_realm: <none>

#  Reverseacls
#  -----------
#    At startup time, ctl_cyrusdb -r will check this value and it
#    will either add or remove reverse ACL pointers from mailboxes.db
#reverseacls: 0

#  Rfc2046_strict
#  --------------
#    If enabled, imapd will be strict (per RFC 2046) when matching MIME
#    boundary strings.  This means that boundaries containing other
#    boundaries as substrings will be treated as identical.  Since
#    enabling this option will break some messages created by Eudora 5.1
#    (and earlier), it is recommended that it be left disabled unless
#    there is good reason to do otherwise.
#rfc2046_strict: 0

#  Rfc2047_utf8
#  ------------
#    If enabled, imapd will parse any non-encoded character sequence in
#    MIME header values as UTF8. This is useful for installations that
#    either advertise the UTF8SMTP (RFC 5335) extension or receive mails
#    with improperly escaped UTF-8 byte sequences. It is recommended that
#    this option is left disabled unless there is good reason to do
#    otherwise.
#rfc2047_utf8: 0

#  Rfc3028_strict
#  --------------
#    If enabled, Sieve will be strict (per RFC 3028) with regards to
#    which headers are allowed to be used in address and envelope tests.
#    This means that only those headers which are defined to contain addresses
#    will be allowed in address tests and only "to" and "from" will be
#    allowed in envelope tests.  When disabled, ANY grammatically correct header
#    will be allowed.
#rfc3028_strict: 1

#  Rss_feedlist_template
#  ---------------------
#    File containing HTML that will be used as a template for displaying
#    the list of available RSS feeds.  A single instance of the variable
#    %RSS_FEEDLIST% should appear in the file, which will be replaced by
#    a nested unordered list of feeds.  The toplevel unordered list will
#    be tagged with an id of "feed" (<ul id='feed'>) which can be used
#    by stylesheet(s) in your template.  The dynamically created list of
#    feeds based on the HTML template will be accessible at the "/rss"
#    URL on the server.
#rss_feedlist_template: <none>

#  Rss_feeds
#  ---------
#    A wildmat pattern specifying which mailbox hierarchies should be
#    treated as RSS feeds.  Only mailboxes matching the wildmat will
#    have their messages available via RSS.  If not set, a default
#    wildmat of "*" (ALL mailboxes) will be used.
#rss_feeds: *

#  Rss_maxage
#  ----------
#    Maximum age of items to display in an RSS channel.  If non-zero,
#    httpd will only display items received within this time period.
#    If set to 0, all available items will be displayed (the default).
#    #
#    For backward compatibility, if no unit is specified, days is
#    assumed.
#rss_maxage: <none>

#  Rss_maxitems
#  ------------
#    Maximum number of items to display in an RSS channel.  If non-zero,
#    httpd will display no more than the rss_maxitems most recent
#    items.  If set to 0, all available items will be displayed (the
#    default).
#rss_maxitems: 0

#  Rss_maxsynopsis
#  ---------------
#    Maximum RSS item synopsis length.  If non-zero, httpd will display
#    no more than the first rss_maxsynopsis characters of an
#    item's synopsis.  If set to 0, the entire synopsis will be
#    displayed (the default).
#rss_maxsynopsis: 0

#  Rss_realm
#  ---------
#    The realm to present for HTTP authentication of RSS feeds.  If not
#    set (the default), the value of the "servername" option will be
#    used.
#rss_realm: <none>

#  Sasl_auto_transition
#  --------------------
#    If enabled, the SASL library will automatically create authentication
#    secrets when given a plaintext password.  See the SASL documentation.
#sasl_auto_transition: 0

#  Sasl_maximum_layer
#  ------------------
#    Maximum SSF (security strength factor) that the server will allow a
#    client to negotiate.
#sasl_maximum_layer: 256

#  Sasl_minimum_layer
#  ------------------
#    The minimum SSF that the server will allow a client to negotiate.
#    A value of 1 requires integrity protection; any higher value
#    requires some amount of encryption.
#sasl_minimum_layer: 0

#  Sasl_option
#  -----------
#    Any SASL option can be set by preceding it with sasl_.  This
#    file overrides the SASL configuration file.
#sasl_option: 0

#  Sasl_pwcheck_method
#  -------------------
#    The mechanism used by the server to verify plaintext passwords.
#    Possible values include "auxprop", "saslauthd", and "pwcheck".
#sasl_pwcheck_method: <none>

#  Search_batchsize
#  ----------------
#    The number of messages to be indexed in one batch (default 20).
#    Note that long batches may delay user commands or mail delivery.
#search_batchsize: 20

#  Search_attachment_extractor_url
#  -------------------------------

#    Reserved for future use.

#search_attachment_extractor_url: <none>

#  Search_index_language
#  ---------------------

#    Reserved for future use.

#search_index_language: 0

#  Search_index_parts
#  ------------------

#    Deprecated. No longer used.

#search_index_parts: 0

#  Search_query_language
#  ---------------------

#    Reserved for future use.

#search_query_language: 0

#  Search_normalisation_max
#  ------------------------
#    A resource bound for the combinatorial explosion of search expression
#    tree complexity caused by normalising expressions with many OR nodes.
#    These can use more CPU time to optimise than they save IO time in scanning
#    folders.
#search_normalisation_max: 1000

#  Search_engine
#  -------------
#    The indexing engine used to speed up searching.
#    Allowed values: none, squat, xapian
#search_engine: none

#  Search_fuzzy_always
#  -------------------
#    Whether to enable RFC 6203 FUZZY search for all IMAP SEARCH. If turned
#    on, search attributes will be searched using FUZZY search by default.
#    If turned off, clients have to explicitly use the FUZZY search key to
#    enable fuzzy search for regular SEARCH commands.
#search_fuzzy_always: 0

#  Search_index_headers
#  --------------------
#    Whether to index headers other than From, To, Cc, Bcc, and Subject.
#    Experiment shows that some headers such as Received and DKIM-Signature
#    can contribute up to 2/3rds of the index size but almost nothing to
#    the utility of searching.  Note that if header indexing is disabled,
#    headers can still be searched, the searches will just be slower.

#search_index_headers: 1

#  Search_indexed_db
#  -----------------
#    The cyrusdb backend to use for the search latest indexed uid state.  Xapian only.
#    Allowed values: flat, skiplist, twoskip, zeroskip
#search_indexed_db: twoskip

#  Search_maxtime
#  --------------
#    The maximum number of seconds to run a search for before aborting.  Default
#    of no value means search "forever" until other timeouts.
#search_maxtime: <none>

#  Search_queryscan
#  ----------------
#    The minimum number of records require to do a direct scan of all G keys
#    * rather than indexed lookups.  A value of 0 means always do indexed lookups.

#search_queryscan: 5000

#  Search_skipdiacrit
#  ------------------
#    When searching, should diacriticals be stripped from the search
#    terms.  The default is "true", a search for "hav" will match
#    "Håvard".  This is not RFC5051 compliant, but it backwards
#    compatible, and may be preferred by some sites.
#search_skipdiacrit: 1

#  Search_skiphtml
#  ---------------
#    If enabled, HTML parts of messages are skipped, i.e. not indexed and
#    not searchable.  Otherwise, they're indexed.
#search_skiphtml: 0

#  Search_whitespace
#  -----------------
#    When searching, how whitespace should be handled.  Options are:
#    "skip" (default in 2.3 and earlier series) - where a search for
#    "equi" would match "the quick brown fox".  "merge" - the default,
#    where "he  qu" would match "the quick   brownfox", and "keep",
#    where whitespace must match exactly.  The default of "merge" is
#    recommended for most cases - it's a good compromise which
#    keeps words separate.
#    Allowed values: skip, merge, keep
#search_whitespace: merge

#  Search_snippet_length
#  ---------------------
#    The maximum byte length of a snippet generated by the XSNIPPETS
#    command. Only supported by the Xapian search backend, which
#    attempts to always fill search_snippet_length bytes in the
#    generated snippet.
#search_snippet_length: 255

#  Search_stopword_path
#  --------------------
#    The absolute base path to the search stopword lists. If not specified,
#    no stopwords will be taken into account during search indexing. Currently,
#    the only supported and default stop word file is english.txt.
#search_stopword_path: <none>

#  Searchpartition-name
#  --------------------
#    The pathname where to store the xapian search indexes of searchtier
#    for mailboxes of partition name. This must be configured for the
#    defaultsearchtier and any additional search tier (see squatter for
#    details).
#    #
#    For example: if defaultpartition is defined as part1 and
#    defaultsearchtier as tier1 then the configuration must contain
#    an entry tier1searchpartition-part1 that defines the path where to
#    store this tier1's search index for the part1 partition.
#    #
#    This option MUST be specified for xapian search.
#searchpartition-name: <none>

#  Seenstate_db
#  ------------
#    The cyrusdb backend to use for the seen state.
#    Allowed values: flat, skiplist, twoskip, zeroskip
#seenstate_db: twoskip

#  Sendmail
#  --------
#    The pathname of the sendmail executable.  Sieve invokes sendmail
#    for sending rejections, redirects and vacation responses.
#sendmail: /usr/lib/sendmail

#  Sendmail_auth_id
#  ----------------
#    The name of an environment variable to set when invoking sendmail.
#    The value of this environment variable will contain the user id
#    of the currently authenticated user. If no user is authenticated
#    the environment variable is not set.
#sendmail_auth_id: CYRUS_SENDMAIL_AUTH_ID

#  Serverlist
#  ----------
#    Whitespace separated list of backend server names.  Used for
#    finding server with the most available free space for proxying
#    CREATE.
#serverlist: <none>

#  Serverlist_select_mode
#  ----------------------
#    Server selection mode.
#    #
#    random
#        (pseudo-)random selection
#    freespace-most
#        backend with the most (total) free space (KiB)
#    freespace-percent-most
#        backend whose partition has the most free space (%)
#    freespace-percent-weighted
#        same as for partition selection, comparing the free space (%) of the least used
#        partition of each backend
#    freespace-percent-weighted-delta
#        same as for partition selection, comparing the free space (%) of the least used
#        partition of each backend.
#        #

#        Allowed values: random, freespace-most, freespace-percent-most, freespace-percent-weighted, freespace-percent-weighted-delta
#serverlist_select_mode: freespace-most

#  Serverlist_select_usage_reinit
#  ------------------------------
#    For a given session, number of operations (e.g. backend selection)
#    for which backend usage data are cached.
#serverlist_select_usage_reinit: 0

#  Serverlist_select_soft_usage_limit
#  ----------------------------------
#    Limit of backend usage (%): if a backend is over that limit, it is
#    automatically excluded from selection mode.
#    #
#    If all backends are over that limit, this feature is not used anymore.

#serverlist_select_soft_usage_limit: 0

#  Servername
#  ----------
#    This is the hostname visible in the greeting messages of the POP,
#    IMAP and LMTP daemons. If it is unset, then the result returned
#    from gethostname(2) is used.  This is also the value used by murder
#    clusters to identify the host name.  It should be resolvable by
#    DNS to the correct host, and unique within an active cluster.  If
#    you are using low level replication (e.g. drbd) then it should be
#    the same on each copy and the DNS name should also be moved to
#    the new master on failover.
#servername: <none>

#  Serverinfo
#  ----------
#    The server information to display in the greeting and capability
#    responses. Information is displayed as follows:

#        "off" = no server information in the greeting or capabilities
#        "min" = servername in the greeting; no server information in the capabilities
#        "on" = servername and product version in the greeting;
#        product version in the capabilities
#        #

#        Allowed values: off, min, on
#serverinfo: on

#  Sharedprefix
#  ------------
#    If using the alternate IMAP namespace, the prefix for the shared
#    namespace.  The hierarchy delimiter will be automatically appended.

#sharedprefix: Shared Folders

#  Sieve_allowreferrals
#  --------------------
#    If enabled, timsieved will issue referrals to clients when the
#    user's scripts reside on a remote server (in a Murder).
#    Otherwise, timsieved will proxy traffic to the remote server.
#sieve_allowreferrals: 1

#  Sieve_duplicate_max_expiration
#  ------------------------------
#    Maximum expiration time for duplicate message tracking records.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#sieve_duplicate_max_expiration: 90d

#  Sieve_extensions
#  ----------------
#    Space-separated list of Sieve extensions allowed to be used in
#    sieve scripts, enforced at submission by timsieved(8).  Any
#    previously installed script will be unaffected by this option and
#    will continue to execute regardless of the extensions used.  This
#    option has no effect on options that are disabled at compile time
#    (e.g., "regex").
#    Allowed values: fileinto, reject, vacation, vacation-seconds, imapflags, notify, include, envelope, environment, body, relational, regex, subaddress, copy, date, index, imap4flags, mailbox, mboxmetadata, servermetadata, variables, editheader, extlists, duplicate, ihave, fcc, special-use, redirect-dsn, redirect-deliverby, mailboxid, x-cyrus-log, x-cyrus-jmapquery, x-cyrus-snooze
#sieve_extensions: fileinto reject vacation vacation-seconds imapflags notify include envelope environment body relational regex subaddress copy date index imap4flags mailbox mboxmetadata servermetadata variables editheader extlists duplicate ihave fcc special-use redirect-dsn redirect-deliverby mailboxid x-cyrus-log x-cyrus-jmapquery x-cyrus-snooze

#  Sieve_maxscriptsize
#  -------------------
#    Maximum size (in kilobytes) any sieve script can be, enforced at
#    submission by timsieved(8).
#sieve_maxscriptsize: 32

#  Sieve_maxscripts
#  ----------------
#    Maximum number of sieve scripts any user may have, enforced at
#    submission by timsieved(8).
#sieve_maxscripts: 5

#  Sieve_utf8fileinto
#  ------------------
#    If enabled, the sieve engine expects folder names for the
#    fileinto action in scripts to use UTF8 encoding.  Otherwise,
#    modified UTF7 encoding should be used.
#sieve_utf8fileinto: 0

#  Sieve_sasl_send_unsolicited_capability
#  --------------------------------------
#    If enabled, timsieved will emit a capability response after a successful
#    SASL authentication, per draft-martin-managesieve-12.txt .
#sieve_sasl_send_unsolicited_capability: 0

#  Sieve_use_lmtp_reject
#  ---------------------
#    Enabled by default.  If reject can be done via LMTP, then return a 550
#    rather than generating the bounce message in Cyrus.
#sieve_use_lmtp_reject: 1

#  Sieve_vacation_min_response
#  ---------------------------
#    Minimum time interval between consecutive vacation responses, per
#    draft-ietf-vacation-seconds.txt.  The default is 3 days.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#sieve_vacation_min_response: 3d

#  Sieve_vacation_max_response
#  ---------------------------
#    Maximum time interval between consecutive vacation responses, per
#    draft-ietf-vacation-seconds.txt.  The default is 90 days.  The
#    minimum is 7 days.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#sieve_vacation_max_response: 90d

#  Sievedir
#  --------
#    If sieveusehomedir is false, this directory is searched for Sieve
#    scripts.
#sievedir: /usr/sieve

#  Sievenotifier
#  -------------
#    Notifyd(8) method to use for "SIEVE" notifications.  If not set, "SIEVE"
#    notifications are disabled.
#    #
#    This method is only used when no method is specified in the script.
#sievenotifier: <none>

#  Sieveusehomedir
#  ---------------
#    If enabled, lmtpd will look for Sieve scripts in user's home
#    directories: ~user/.sieve.
#sieveusehomedir: 0

#  Anysievefolder
#  --------------
#    It must be "yes" in order to permit the autocreation of any INBOX subfolder
#    requested by a sieve filter, through the "fileinto" action. (default = no)
#anysievefolder: 0

#  Singleinstancestore
#  -------------------
#    If enabled, imapd, lmtpd and nntpd attempt to only write one copy
#    of a message per partition and create hard links, resulting in a
#    potentially large disk savings.
#singleinstancestore: 1

#  Skiplist_always_checkpoint
#  --------------------------
#    If enabled, this option forces the skiplist cyrusdb backend to
#    always checkpoint when doing a recovery.  This causes slightly
#    more IO, but on the other hand leads to more efficient databases,
#    and the entire file is already "hot".
#skiplist_always_checkpoint: 1

#  Skiplist_unsafe
#  ---------------
#    If enabled, this option forces the skiplist cyrusdb backend to
#    not sync writes to the disk.  Enabling this option is NOT RECOMMENDED.
#skiplist_unsafe: 0

#  Smtp_backend
#  ------------
#    The SMTP backend to use for sending email.

#    The \"host\" backend sends message submissions via
#    a TCP socket to the SMTP host defined in the config
#    option smtp_host.

#    The \"sendmail\" backend forks the Cyrus process into
#    the executable defined in the config option sendmail.
#    The executable must accept \"-bs\" as command line
#    argument, read from stdin and must implement the minimum
#    SMTP protocol as defined in section 4.5.1 of RFC 5321.

#    If the SMTP EHLO command reports AUTH (RFC 4954) as a
#    supported extension, then the MAIL FROM command includes
#    the AUTH parameter, with its value set to the name of any
#    authenticated user which triggered the email. The AUTH
#    parameter is omitted if the user is unknown to the calling
#    process.

#    If the directory
#    configdirectory/log/smtpclient.\ smtp_backend
#    exists, then telemetry logs for outgoing SMTP sessions will
#    be created in this directory.

#    Allowed values: host, sendmail
#smtp_backend: sendmail

#  Smtp_host
#  ---------
#    The SMTP host to use for sending mail (also see the
#    smtp_backend option). The value of this option must
#    the name or IP address of a TCP host, followed optionally
#    by a colon and the port or service to use. The default
#    port is 587. TLS may be activated by appending \"/tls\"
#    to the value. Authentication is enabled if smtp_auth_authname
#    is set. Authentication can be explicitly disabled by appending
#    \"/noauth\" to the host address.
#smtp_host: localhost:587

#  Smtp_auth_authname
#  ------------------
#    The authentication name to use when authenticating to the SMTP
#    server defined in smtp_host.
#smtp_auth_authname: <none>

#  Smtp_auth_password
#  ------------------
#    The password to use when authenticating to the SMTP server defined
#    in smtp_host.
#smtp_auth_password: <none>

#  Smtp_auth_realm
#  ---------------
#    The authentication SASL realm to use when authenticating to a SMTP
#    server.
#smtp_auth_realm: <none>

#  Soft_noauth
#  -----------
#    If enabled, lmtpd returns temporary failures if the client does not
#    successfully authenticate.  Otherwise lmtpd returns permanent failures
#    (causing the mail to bounce immediately).
#soft_noauth: 1

#  Sortcache_db
#  ------------
#    The cyrusdb backend to use for caching sort results (currently only
#    used for xconvmultisort)
#    Allowed values: skiplist, twoskip, zeroskip
#sortcache_db: twoskip

#  Specialuse_extra
#  ----------------
#    Whitespace separated list of extra special-use attributes
#    that can be set on a mailbox. RFC 6154 currently lists
#    what special-use attributes can be set. This allows
#    extending that list in the future or adding your own
#    if needed.
#specialuse_extra: <none>

#  Specialuse_protect
#  ------------------
#    Whitespace separated list of special-use attributes
#    to protect the mailboxes for.  If set, don't allow
#    mailboxes with these special use attributes to be deleted
#    or renamed to have a different parent. Default is the built-in list
#specialuse_protect: \\Archive \\Drafts \\Important \\Junk \\Sent \\Trash

#  Specialusealways
#  ----------------
#    If enabled, this option causes LIST and LSUB output to always include
#    the XLIST "special-use" flags
#specialusealways: 1

#  Sql_database
#  ------------
#    Name of the database which contains the cyrusdb table(s).
#sql_database: <none>

#  Sql_engine
#  ----------
#    Name of the SQL engine to use.
#    Allowed values: mysql, pgsql, sqlite
#sql_engine: <none>

#  Sql_hostnames
#  -------------
#    Comma separated list of SQL servers (in host[:port] format).
#sql_hostnames: <empty string>

#  Sql_passwd
#  ----------
#    Password to use for authentication to the SQL server.
#sql_passwd: <none>

#  Sql_user
#  --------
#    Username to use for authentication to the SQL server.
#sql_user: <none>

#  Sql_usessl
#  ----------
#    If enabled, a secure connection will be made to the SQL server.
#sql_usessl: 0

#  Srs_alwaysrewrite
#  -----------------
#    If true, perform SRS rewriting for ALL forwarding, even when not required.
#srs_alwaysrewrite: 0

#  Srs_domain
#  ----------
#    The domain to use in rewritten addresses. This must point only to machines
#    which know the encoding secret used by this system. When present, SRS is
#    enabled.
#srs_domain: <none>

#  Srs_hashlength
#  --------------
#    The hash length to generate in a rewritten address.
#srs_hashlength: 0

#  Srs_secrets
#  -----------
#    A list of secrets with which to generate addresses.
#srs_secrets: <none>

#  Srs_separator
#  -------------
#    The separator to appear immediately after SRS[01] in rewritten addresses.
#srs_separator: <none>

#  Srvtab
#  ------
#    The pathname of srvtab file containing the server's private
#    key.  This option is passed to the SASL library and overrides its
#    default setting.
#srvtab: <empty string>

#  Submitservers
#  -------------
#    A list of users and groups that are allowed to resolve "urlauth=submit+"
#    IMAP URLs, separated by spaces.  Any user listed in this will be
#    allowed to fetch the contents of any valid "urlauth=submit+" IMAP URL:
#    use with caution.
#submitservers: <none>

#  Subscription_db
#  ---------------
#    The cyrusdb backend to use for the subscriptions list.
#    Allowed values: flat, skiplist, twoskip, zeroskip
#subscription_db: flat

#  Suppress_capabilities
#  ---------------------
#    Suppress the named capabilities from any capability response.  Use the
#    exact case as it appears in the response, e.g.
#    "suppress_capabilities: ESEARCH QRESYNC WITHIN XLIST LIST-EXTENDED"
#    if you have a murder with 2.3.x backends and don't want clients being
#    confused by new capabilities that some backends don't support.
#suppress_capabilities: <none>

#  Statuscache
#  -----------
#    Enable/disable the imap status cache.
#statuscache: 0

#  Statuscache_db
#  --------------
#    The cyrusdb backend to use for the imap status cache.
#    Allowed values: skiplist, sql, twoskip, zeroskip
#statuscache_db: twoskip

#  Statuscache_db_path
#  -------------------
#    The absolute path to the statuscache db file.  If not specified,
#    will be configdirectory/statuscache.db
#statuscache_db_path: <none>

#  Sync_authname
#  -------------
#    The authentication name to use when authenticating to a sync server.
#    Prefix with a channel name to only apply for that channel
#sync_authname: <none>

#  Sync_batchsize
#  --------------
#    the number of messages to upload in a single mailbox replication.
#    Default is 8192.  If there are more than this many messages appended
#    to the mailbox, generate a synthetic partial state and send that.
#sync_batchsize: 8192

#  Sync_host
#  ---------
#    Name of the host (replica running sync_server(8)) to which
#    replication actions will be sent by sync_client(8).
#    Prefix with a channel name to only apply for that channel
#sync_host: <none>

#  Sync_log
#  --------
#    Enable replication action logging by lmtpd(8), imapd(8), pop3d(8),
#    and nntpd(8).  The log {configdirectory}/sync/log is used by
#    sync_client(8) for "rolling" replication.
#sync_log: 0

#  Sync_log_chain
#  --------------
#    Enable replication action logging by sync_server as well, allowing
#    chaining of replicas.  Use this on 'B' for A => B => C replication layout
#sync_log_chain: 0

#  Sync_log_channels
#  -----------------
#    If specified, log all events to multiple log files in directories
#    specified by each "channel".  Each channel can then be processed
#    separately, such as by multiple sync_client(8)s in a mesh replication
#    scheme, or by squatter(8) for rolling search index updates.
#    #
#    You can use "" (the two-character string U+22 U+22) to mean the
#    default sync channel.
#sync_log_channels: <none>

#  Sync_log_unsuppressable_channels
#  --------------------------------
#    If specified, the named channels are exempt from the effect of setting
#    sync_log_chain:off, i.e. they are always logged to by the sync_server
#    process.  This is only really useful to allow rolling search indexing
#    on a replica.
#sync_log_unsuppressable_channels: squatter

#  Sync_password
#  -------------
#    The default password to use when authenticating to a sync server.
#    Prefix with a channel name to only apply for that channel
#sync_password: <none>

#  Sync_port
#  ---------
#    Name of the service (or port number) of the replication service on
#    replica host.  Prefix with a channel name to only apply for that
#    channel.  If not specified, and if sync_try_imap is set to "yes"
#    (the default), then the replication client will first try "imap"
#    (port 143) to check if imapd supports replication.  otherwise it
#    will default to "csync" (usually port 2005).
#sync_port: <none>

#  Sync_realm
#  ----------
#    The authentication realm to use when authenticating to a sync server.
#    Prefix with a channel name to only apply for that channel
#sync_realm: <none>

#  Sync_repeat_interval
#  --------------------
#    Minimum interval between replication runs in rolling replication
#    mode. If a replication run takes longer than this time, we repeat
#    immediately.  Prefix with a channel name to only apply for that
#    channel.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#sync_repeat_interval: 1s

#  Sync_shutdown_file
#  ------------------
#    Simple latch used to tell sync_client(8) that it should shut down at the
#    next opportunity. Safer than sending signals to running processes.
#    Prefix with a channel name to only apply for that channel
#sync_shutdown_file: <none>

#  Sync_timeout
#  ------------
#    How long to wait for a response before returning a timeout failure
#    when talking to a replication peer (client or server).  The minimum
#    duration is 3 seconds, the default is 30 minutes.
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#sync_timeout: 30m

#  Sync_try_imap
#  -------------
#    Whether sync_client should try to perform an IMAP connection
#    before falling back to csync.  If this is set to "no",
#    sync_client will only use csync.  Prefix with a channel name to
#    apply only for that channel
#sync_try_imap: 1

#  Syslog_prefix
#  -------------
#    String to be prepended to the process name in syslog entries. Can
#    be further overridden by setting the $CYRUS_SYSLOG_PREFIX environment
#    variable.
#    #
#    Using the $CYRUS_SYSLOG_PREFIX environment variable has the additional
#    advantage that it can be set before the imapd.conf is read, so
#    errors while reading the config file can be syslogged with the correct
#    prefix.
#syslog_prefix: <none>

#  Syslog_facility
#  ---------------
#    Configure a syslog facility.  The default is whatever is compiled
#    in.  Allowed values are: DAEMON, MAIL, NEWS, USER, and LOCAL0
#    through to LOCAL7
#syslog_facility: <none>

#  Tcp_keepalive
#  -------------
#    Enable keepalive on TCP connections
#tcp_keepalive: 0

#  Tcp_keepalive_cnt
#  -----------------
#    Number of TCP keepalive probes to send before declaring the
#    connection dead (0 == system default)
#tcp_keepalive_cnt: 0

#  Tcp_keepalive_idle
#  ------------------
#    How long a connection must be idle before keepalive probes are sent
#    (0 == system default).
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#tcp_keepalive_idle: 0

#  Tcp_keepalive_intvl
#  -------------------
#    Time between keepalive probes (0 == system default).
#    #
#    For backward compatibility, if no unit is specified, seconds is
#    assumed.
#tcp_keepalive_intvl: 0

#  Temp_path
#  ---------
#    The pathname to store temporary files in
#temp_path: /tmp

#  Telemetry_bysessionid
#  ---------------------
#    If true, log by sessionid instead of PID for telemetry
#telemetry_bysessionid: 0

#  Timeout
#  -------
#    The length of the IMAP server's inactivity autologout timer.
#    The minimum value is 30 minutes.  The default is 32 minutes,
#    to allow a bit of leeway for clients that try to NOOP every
#    30 minutes.
#    #
#    For backward compatibility, if no unit is specified, minutes
#    is assumed.
#timeout: 32m

#  Imapidletimeout
#  ---------------
#    Timeout for idling clients (RFC 2177).  If not set (the default),
#    the value of "timeout" will be used instead.
#    #
#    For backward compatibility, if no unit is specified, minutes
#    is assumed.
#imapidletimeout: <none>

#  Tls_ca_file
#  -----------
#    Deprecated in favor of tls_client_ca_file.
#tls_ca_file: <none>

#  Tls_ca_path
#  -----------
#    Deprecated in favor of tls_client_ca_dir.
#tls_ca_path: <none>

#  Tlscache_db
#  -----------
#    Deprecated in favor of tls_sessions_db.
#tlscache_db: twoskip

#  Tlscache_db_path
#  ----------------
#    Deprecated in favor of tls_sessions_db_path.
#tlscache_db_path: <none>

#  Tls_cert_file
#  -------------
#    Deprecated in favor of tls_server_cert.
#tls_cert_file: <none>

#  Tls_cipher_list
#  ---------------
#    Deprecated in favor of tls_ciphers.
#tls_cipher_list: DEFAULT

#  Tls_ciphers
#  -----------
#    The list of SSL/TLS ciphers to allow.  The format of the string
#    (and definition of "DEFAULT") is described in ciphers(1).
#    #
#    See also Mozilla's server-side TLS recommendations:
#    #
#    https://wiki.mozilla.org/Security/Server_Side_TLS
#tls_ciphers: DEFAULT

#  Tls_crl_file
#  ------------
#    Path to a file containing the Certificate Revocation List
#tls_crl_file: <none>

#  Tls_client_ca_dir
#  -----------------
#    Path to a directory containing the CA certificates used to verify
#    client SSL certificates used for authentication.
#tls_client_ca_dir: <none>

#  Tls_client_ca_file
#  ------------------
#    Path to a file containing the CA certificate(s) used to verify
#    client SSL certificates used for authentication.
#tls_client_ca_file: <none>

#  Tls_client_cert
#  ---------------
#    File containing the certificate presented to a server for authentication
#    during STARTTLS. A value of "disabled" will disable this server's use
#    of certificate-based authentication.
#tls_client_cert: <none>

#  Tls_client_certs
#  ----------------
#    Disable ("off"), allow ("optional", default) or require ("require") the
#    use of SSL certificates by clients to authenticate themselves.
#    Allowed values: off, optional, require
#tls_client_certs: optional

#  Tls_client_key
#  --------------
#    File containing the private key belonging to the tls_client_cert
#    certificate. A value of "disabled" will disable this server's use
#    of certificate-based authentication.
#tls_client_key: <none>

#  Tls_eccurve
#  -----------
#    The elliptic curve used for ECDHE. Default is NIST Suite B prime256.
#    See 'openssl ecparam -list_curves' for possible values.
#tls_eccurve: prime256v1

#  Tls_key_file
#  ------------
#    Deprecated in favor of tls_server_key.
#tls_key_file: <none>

#  Tls_required
#  ------------
#    If enabled, require a TLS/SSL encryption layer to be negotiated
#    prior to ANY authentication mechanisms being advertised or allowed.
#tls_required: 0

#  Tls_prefer_server_ciphers
#  -------------------------
#    Prefer the ciphers on the server side instead of client side.
#tls_prefer_server_ciphers: 0

#  Tls_server_ca_dir
#  -----------------
#    Path to a directory with CA certificates used to verify certificates
#    offered by the server, when cyrus acts as client. This directory must
#    have filenames with the hashed value of the certificates (see
#    openssl(1)).
#tls_server_ca_dir: <none>

#  Tls_server_ca_file
#  ------------------
#    Path to a file containing CA certificates used to verify certificates
#    offered by the server, when cyrus acts as client.
#tls_server_ca_file: <none>

#  Tls_server_cert
#  ---------------
#    File containing the certificate, including the full chain, presented to clients.
#    Two certificates can be set, e.g RSA and EC, if the filenames are separated with
#    comma without spaces.
#tls_server_cert: <none>

#  Tls_server_dhparam
#  ------------------
#    File containing the DH parameters belonging to the certificate in
#    tls_server_cert.
#tls_server_dhparam: <none>

#  Tls_server_key
#  --------------
#    File containing the private key belonging to the certificate in
#    tls_server_cert.  If not set, tls_server_cert must contain both private and
#    public key.  Two files with keys can be set, if two certificates are used, in
#    which case the files must be separated with comma without spaces
#tls_server_key: <none>

#  Tls_sessions_db
#  ---------------
#    The cyrusdb backend to use for the TLS cache.
#    Allowed values: skiplist, sql, twoskip, zeroskip
#tls_sessions_db: twoskip

#  Tls_sessions_db_path
#  --------------------
#    The absolute path to the TLS sessions db file. If not specified,
#    will be configdirectory/tls_sessions.db
#tls_sessions_db_path: <none>

#  Tls_session_timeout
#  -------------------
#    The length of time that a TLS session will be cached for later
#    reuse.  The maximum value is 24 hours, also the default.  A
#    value of 0 will disable session caching.
#    #
#    For backward compatibility, if no unit is specified, minutes is
#    assumed.
#tls_session_timeout: 24h

#  Tls_versions
#  ------------
#    A list of SSL/TLS versions to not disable. Cyrus IMAP SSL/TLS starts
#    with all protocols, and subtracts protocols not in this list. Newer
#    versions of SSL/TLS will need to be added here to allow them to get
#    disabled.
#tls_versions: tls1_0 tls1_1 tls1_2 tls1_3

#  Uidl_format
#  -----------
#    Choose the format for UIDLs in pop3.  Possible values are "uidonly",
#    "cyrus", "dovecot" and "courier".  "uidonly" forces the old default
#    of UID, "cyrus" is UIDVALIDITY.UID.  Dovecot is 8 digits of leading
#    hex (lower case) each UID UIDVALIDITY. Courier is UIDVALIDITY-UID.
#    Allowed values: uidonly, cyrus, dovecot, courier
#uidl_format: cyrus

#  Umask
#  -----
#    The umask value used by various Cyrus IMAP programs.
#umask: 077

#  Userdeny_db
#  -----------
#    The cyrusdb backend to use for the user access list.
#    Allowed values: flat, skiplist, sql, twoskip, zeroskip
#userdeny_db: flat

#  Userdeny_db_path
#  ----------------
#    The absolute path to the userdeny db file.  If not specified,
#    will be configdirectory/user_deny.db
#userdeny_db_path: <none>

#  Username_tolower
#  ----------------
#    Convert usernames to all lowercase before login/authentication.  This
#    is useful with authentication backends which ignore case during
#    username lookups (such as LDAP).
#username_tolower: 1

#  Userprefix
#  ----------
#    If using the alternate IMAP namespace, the prefix for the other users
#    namespace.  The hierarchy delimiter will be automatically appended.
#userprefix: Other Users

#  Unix_group_enable
#  -----------------
#    Should we look up groups when using auth_unix (disable this if you are
#    not using groups in ACLs for your IMAP server, and you are using auth_unix
#    with a backend (such as LDAP) that can make getgrent() calls very
#    slow)
#unix_group_enable: 1

#  Unixhierarchysep
#  ----------------
#    Use the UNIX separator character '/' for delimiting levels of
#    mailbox hierarchy.  Turn off to use the netnews separator
#    character '.'. Note that with the newnews separator, no dots may
#    occur in mailbox names.  The default switched in 3.0 from off to on.
#unixhierarchysep: 1

#  Virtdomains
#  -----------
#    Configure virtual domain support.
#    #
#    off
#        Cyrus does not know or care about domains. Only the local part of email
#        addresses is ever considered.  This is not recommended for any deployment,
#        but is currently the default.
#    userid
#        The user's domain is determined by splitting a fully qualified userid at the
#        last '@' or '%' symbol.  If the userid is unqualified, the defaultdomain
#        will be used.  This is the recommended configuration for all deployments.
#        If you wish to provide calendaring services you must use this configuration.
#    on
#        Fully qualified userids are respected, as per "userid".  Unqualified userids
#        will have their domain determined by doing a reverse lookup on the IP address
#        of the incoming network interface, or if no record is found, the
#        defaultdomain will be used.

#        #

#        Allowed values: off, userid, on
#virtdomains: off

#  Virusscan_notification_subject
#  ------------------------------
#    The text used in the subject of email notifications created by
#    cyr_virusscan(8) when deleting infected mail.
#virusscan_notification_subject: Automatically deleted mail

#  Virusscan_notification_template
#  -------------------------------
#    The absolute path to a file containing a template to use to describe
#    infected messages that have been deleted by cyr_virusscan(8).
#    See cyr_virusscan(8) for specification of the format of this file.
#    If not specified, the builtin default template will be used.
#virusscan_notification_template: <none>

#  Xbackup_enabled
#  ---------------
#    Enable support for the XBACKUP command in imapd.  If enabled, admin
#    users can use this command to provoke a replication of specified users
#    to the named backup channel.
#xbackup_enabled: 0

#  Xlist-flag
#  ----------
#    Set the special-use flag flag on the specified folder when it
#    is autocreated (see the autocreate_inbox_folders option).  For
#    example, if xlist-junk: Spam is set, and the folder Spam
#    is autocreated, the special-use flag \Junk will be set on it.
#    #
#    (This option is so named for backward compatibility with old config
#    files.)

#xlist-flag: <none>

#  Lmtp_catchall_mailbox
#  ---------------------
#    Mail sent to mailboxes which do not exist, will be delivered to
#    this user.  NOTE: This must be an existing local user name with an
#    INBOX, NOT an email address!
#lmtp_catchall_mailbox: <none>

#  Zoneinfo_db
#  -----------
#    The cyrusdb backend to use for zoneinfo.  This database is used by the
#    "tzdist" httpmodules, and is managed by ctl_zoneinfo(8).
#    Allowed values: flat, skiplist, twoskip, zeroskip
#zoneinfo_db: twoskip

#  Zoneinfo_db_path
#  ----------------
#    The absolute path to the zoneinfo db file.  If not specified,
#    will be configdirectory/zoneinfo.db
#zoneinfo_db_path: <none>

#  Zoneinfo_dir
#  ------------
#    The absolute path to the zoneinfo directory, containing timezone
#    definitions as generated by the vzic tool.  If not specified, whatever
#    definitions libical finds will be used.
#    #
#    If you are providing a Time Zone Data Distribution Service (i.e. you have
#    "tzdist" listed in httpmodules), then this configuration option MUST
#    be specified.
#zoneinfo_dir: <none>

#  Object_storage_enabled
#  ----------------------
#    Is Object storage enabled for this server.  You also need to have
#    archiving enabled and archivepartition for the mailbox.
#    Only email files will be stored on object Storage archive partition will be
#    used to store any other files
#object_storage_enabled: 0

#  Object_storage_dummy_spool
#  --------------------------
#    Dummy object storage spool; this is for test only.
#    Spool where user directory (container) will be created to store all emails
#    in a flat structure
#object_storage_dummy_spool: <none>

#  Openio_namespace
#  ----------------
#    The OpenIO namespace used to store archived email messages. A namespace
#    identifies the physical platform cyrus must contact. This directive is used
#    by the OpenIO's SDK to locate its platform entry point.
#openio_namespace: <none>

#  Openio_account
#  --------------
#    The OpenIO account used to account for stored emails. Accounts are unique
#    in their namespace. They provides virtual partitions, with quotas and QoS
#    features.
#openio_account: <none>

#  Openio_rawx_timeout
#  -------------------
#    The OpenIO timeout to query to the RAWX services (default 30 sec).
#openio_rawx_timeout: 30s

#  Openio_proxy_timeout
#  --------------------
#    The OpenIO timeout to query to the PROXY services (default 5 sec).
#openio_proxy_timeout: 5s

#  Openio_autocreate
#  -----------------
#    Allow the OpenIO SDK to autocreate containers. Mainly destined to be turned
#    on development environments. In production, the container should have been
#    provisioned with the mailboxes.
#openio_autocreate: 0

#  Openio_verbosity
#  ----------------
#    Sets the logging verbosity of the OpenIO's internal behavior. Admissible
#    values are: "warning", "notice", "info", "debug", "trace", "quiet".
#    The default verbosity is "warning". Set to "notice" for a few lines on a
#    per-client basis. Set to "info" for a few lines on a per-request basis. Set
#    to "debug" Set to "trace" to activate the underlying libcurl debug
#    output. Enabling a verbosity higher to equal than "debug" requires
#    the cyrus to be set in debug mode. The special "quiet" value disables all
#    kinds of logging at the GLib level.
#openio_verbosity: <none>

#  Caringo_hostname
#  ----------------
#    The Caringo hostname used to store archived email messages. A hostname
#    identifies the physical platform cyrus must contact. This directive is used
#    by the Caringo's SDK (CastorSDK: Caringo Simple Content Storage Protocol (SCSP)
#    on HTTP 1.1 using a RESTful architecture
#caringo_hostname: <none>

#  Caringo_port
#  ------------
#    The port of the caringo server (caringo_hostname); default is 80.
#caringo_port: 80

#  Fastmailsharing
#  ---------------
#    If enabled, use FastMail style sharing (oldschool full server paths)
#fastmailsharing: 0


#
#SEE ALSO
#========

##
#    imapd(8), pop3d(8), nntpd(8), lmtpd(8),
#    httpd(8), timsieved(8), idled(8), notifyd(8),
#    deliver(8), master(8), ciphers(1)