1# Suggested replication-master imapd.conf
2# See imapd.conf(5) for more information and more options
3
4# Space-separated users who have admin rights for all services.
5# NB: THIS MUST BE CONFIGURED
6admins: cyrus
7
8###################################################################
9## Replication support
10## This is how the Master (sync client) is defined.  In this example,
11## we define a pair of replicas, each with its own channel & shutdown
12## file.  For more details, please see:
13##   http://www.cyrusimap.org/imap/reference/admin/sop/replication.html
14###################################################################
15servername: mailbox.example.org
16# sync_authname **MUST** be an "admin" user on the replica.
17sync_authname: mailproxy
18sync_password: <secret>
19sync_compress: true
20sync_log: true
21sync_log_channels: repl1 repl2 offsite
22##
23# The main replica
24repl1_sync_host: mailrepl1.example.org
25repl1_sync_repeat_interval: 180
26repl1_shutdown_file: /run/cyrus/sync/repl1_shutdown
27##
28# A second replica used to feed the tape backup system
29repl2_sync_host: mailrepl2.example.org
30repl2_sync_repeat_interval: 180
31repl2_shutdown_file: /run/cyrus/sync/repl2_shutdown
32##
33# An offsite replica which needs a different port and uses a slower
34# cycle rate
35offsite_sync_port: 19205
36offsite_sync_host: mailoffsite.example.org
37offsite_sync_repeat_interval: 360
38offsite_shutdown_file: /run/cyrus/sync/offsite_shutdown
39
40###################################################################
41## File, socket and DB location settings.
42###################################################################
43
44# Configuration directory
45configdirectory: /var/lib/cyrus
46
47# Directories for proc and lock files
48proc_path: /run/cyrus/proc
49mboxname_lockpath: /run/cyrus/lock
50
51# Locations for DB files
52# The following DB are recreated upon initialization, so should live in
53# ephemeral storage for best performance.
54duplicate_db_path: /run/cyrus/deliver.db
55ptscache_db_path:  /run/cyrus/ptscache.db
56statuscache_db_path: /run/cyrus/statuscache.db
57tls_sessions_db_path: /run/cyrus/tls_sessions.db
58
59# Which partition to use for default mailboxes
60defaultpartition: default
61partition-default: /var/spool/cyrus/mail
62
63# If sieveusehomedir is false (the default), this directory is searched
64# for Sieve scripts.
65sievedir: /var/spool/sieve
66
67###################################################################
68## Important: KEEP THESE IN SYNC WITH cyrus.conf
69###################################################################
70
71lmtpsocket: /run/cyrus/socket/lmtp
72idlesocket: /run/cyrus/socket/idle
73notifysocket: /run/cyrus/socket/notify
74
75# Syslog prefix. Defaults to cyrus (so logging is done as cyrus/imap
76# etc.)
77syslog_prefix: cyrus
78
79###################################################################
80## Server behaviour settings
81###################################################################
82
83# Space-separated list of HTTP modules that will be enabled in
84# httpd(8).  This option has no effect on modules that are disabled at
85# compile time due to missing dependencies (e.g. libical).
86#
87# Allowed values: caldav, carddav, domainkey, ischedule, rss
88httpmodules: caldav carddav
89
90# If enabled, the partitions will also be hashed, in addition to the
91# hashing done on configuration directories. This is recommended if one
92# partition has a very bushy mailbox tree.
93hashimapspool: true
94
95###################################################################
96## User experience settings
97###################################################################
98
99# Minimum time between POP mail fetches in minutes
100popminpoll: 1
101
102###################################################################
103## User Authentication settings
104###################################################################
105
106# Allow plaintext logins by default (SASL PLAIN)
107allowplaintext: yes
108
109###################################################################
110## SASL library options (these are handled directly by the SASL
111## libraries, refer to SASL documentation for an up-to-date list of
112## these)
113###################################################################
114
115# The mechanism(s) used by the server to verify plaintext passwords.
116# Possible values are "saslauthd", "auxprop", "pwcheck" and
117# "alwaystrue".  They are tried in order, you can specify more than one,
118# separated by spaces.
119sasl_pwcheck_method: saslauthd
120
121# If enabled, the SASL library will automatically create authentication
122# secrets when given a plaintext password. Refer to SASL documentation
123sasl_auto_transition: no
124
125###################################################################
126## SSL/TLS Options
127###################################################################
128
129# File containing the global certificate used for ALL services (imap,
130# pop3, lmtp, sieve)
131#tls_server_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
132
133# File containing the private key belonging to the global server
134# certificate.
135#tls_server_key: /etc/ssl/private/ssl-cert-snakeoil.key
136
137
138# File containing one or more Certificate Authority (CA) certificates.
139#tls_client_ca_file: /etc/ssl/certs/cyrus-imapd-ca.pem
140
141# Path to directory with certificates of CAs.
142tls_client_ca_dir: /etc/ssl/certs
143
144# The length of time (in minutes) that a TLS session will be cached for
145# later reuse.  The maximum value is 1440 (24 hours), the default.  A
146# value of 0 will disable session caching.
147tls_session_timeout: 1440
148