Create README.md
This commit is contained in:
Sebastian Hugentobler
GitHub
parent
40dd7817b3
commit
9a550c0f59
132
README.md
Normal file
132
README.md
Normal file
@ -0,0 +1,132 @@
|
||||
[Dovecot](http://www.dovecot.org/) with imap, starttls, ldap authentication, sieve rules in ldap.
|
||||
|
||||
Uses [SSMTP](https://packages.debian.org/stable/mail/ssmtp) to send mails (for example if you have a redirect sieve rule).
|
||||
|
||||
## Volumes
|
||||
- `/var/lib/vmail/mail`
|
||||
- `/etc/ssl/mail:ro`: certificates have to be here.
|
||||
|
||||
## Environment Variables
|
||||
### HOSTNAME
|
||||
Fully qualified name of the mail host.
|
||||
|
||||
### SSMTP_MAIL_RELAY
|
||||
Hostname and port for the used smtp relay (for example `mail.example.com:587`).
|
||||
|
||||
### SSMTP_USER
|
||||
User to authenticate agains the smtp relay.
|
||||
|
||||
### SSMTP_PASSWORD
|
||||
Password to authenticate agains the smtp relay.
|
||||
|
||||
### SSMTP_AUTH_METHOD
|
||||
- default: LOGIN
|
||||
|
||||
Which authentication mechanism to use for the smtp relay.
|
||||
|
||||
### SSMTP_USE_STARTTLS
|
||||
- default: yes
|
||||
|
||||
Whether to use starttls for the smtp relay.
|
||||
|
||||
### LDAP_URI
|
||||
Complete uri for the authentication ldap host.
|
||||
|
||||
### LDAP_SIEVE_HOST
|
||||
Has to be the same as `LDAP_URI` but in a different format (like `ldap:389`).
|
||||
|
||||
### LDAP_BIND_DN
|
||||
DN used to authenticate against ldap.
|
||||
|
||||
### LDAP_BIND_PASSWORD
|
||||
Password used to authenticate against ldap.
|
||||
|
||||
### LDAP_BASE_DN
|
||||
Base DN to look for users on the ldap host.
|
||||
|
||||
### LDAP_SCOPE
|
||||
- default: subtree
|
||||
|
||||
Search scope of ldap queries.
|
||||
|
||||
### LDAP_USER_FILTER
|
||||
|
||||
### LDAP_PASS_FILTER
|
||||
Specifies the filter on how user is found on the ldap host.
|
||||
[Dovecot variables](http://wiki2.dovecot.org/Variables) can be used.
|
||||
|
||||
### LDAP_USER_ATTRIBUTE
|
||||
- default: cn
|
||||
|
||||
The ldap attribute which stands for the username.
|
||||
|
||||
### LDAP_PASSWORD_ATTRIBUTE
|
||||
- default: userPassword
|
||||
|
||||
The ldap attribute which stands for the password.
|
||||
|
||||
### LDAP_SIEVE_ATTRIBUTE
|
||||
- default: sieve
|
||||
|
||||
The ldap attribute which contains the sieve rules.
|
||||
|
||||
### LDAP_USE_TLS
|
||||
- default: yes
|
||||
|
||||
Whether to use tls when connecting to the ldap host.
|
||||
|
||||
### LDAP_DEFAULT_PASSSCHEME
|
||||
- default: SSHA
|
||||
|
||||
Default password scheme used on the ldap host.
|
||||
|
||||
### ALLOWED_USERNAME_CHARS
|
||||
- default: äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
|
||||
|
||||
List of characters allowed in a username.
|
||||
|
||||
### AUTH_MECHANISMS
|
||||
- default: plain login
|
||||
|
||||
Space seperated list of supported [authentication mechanisms](http://wiki2.dovecot.org/Authentication/Mechanisms).
|
||||
|
||||
### CERTNAME
|
||||
- default: fullchain.pem
|
||||
|
||||
Name of the certificate file.
|
||||
|
||||
### Keyname
|
||||
- default: privkey.pem
|
||||
|
||||
Name of the key file.
|
||||
|
||||
### SSL_DH_LENGTH
|
||||
- default: 2048
|
||||
|
||||
Length of the Diffie-Helman key in bits.
|
||||
|
||||
### SSL_PROTOCOLS
|
||||
- default: !SSLv2 !SSLv3
|
||||
|
||||
Space seperated list of allowed ssl protocols (`!`disables a protocol).
|
||||
|
||||
### SSL_CIPHERLIST
|
||||
- default: ALL:!ADH:!LOW:!SSLv2:!EXP:!aNULL:!RC4:+HIGH:+MEDIUM
|
||||
|
||||
Colon seperated list of supported ciphers (`!`disables a cipher).
|
||||
|
||||
### IMAP_MAX_USER_CONNECTIONS
|
||||
- default: 10
|
||||
|
||||
Maximum number of connections from the same user + ip.
|
||||
|
||||
## Ports
|
||||
- 143
|
||||
|
||||
## Capabilities
|
||||
- CHOWN
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- NET_BIND_SERVICE
|
||||
- SETGID
|
||||
- SETUID
|
||||
Loading…
Reference in New Issue
Block a user