| #--------------------------------------------------------------------- |
| # Sample Qpopper 4.0 configuration file. |
| # |
| # This file lists all Qpopper configuration file options. To use, |
| # copy the desired setting to your own configuration file, remove |
| # the leading '#' and set the desired value. |
| # |
| #--------------------------------------------------------------------- |
| |
| |
| |
| # An integer value for the number of seconds to announce in |
| # the CAPA response for the server's minimum login delay. |
| # |
| # Default: |
| # |
| # set announce-login-delay = |
| |
| |
| # An integer value for the number of days to announce in |
| # the CAPA response for the server's maximum message |
| # retention period. |
| # |
| # Default: |
| # |
| # set announce-expire = |
| |
| |
| # The full path to the bulletins directory. |
| # |
| # Default: /var/spool/bulls |
| # |
| # set bulldir = "/var/spool/bulls" |
| |
| |
| # Set TRUE to permit sessions to continue even if the |
| # bulletins database can't be accessed. This permits |
| # users to get their mail, but they might not see some |
| # bulletins for a while, or at all. |
| # |
| # Only valid when compiled with '--enable-bulldb'. |
| # |
| # Default: false. |
| # |
| # set bulldb-nonfatal = false |
| |
| |
| # Sets the maximum number of attempts to lock the bulletins |
| # database. You normally do not need to adjust this. This value |
| # should only be changed if you know if your system has usleep(3C) |
| # or not. On systems with usleep(3C), this can be a large value |
| # (the default is 75). On systems without usleep(3C), this should |
| # remain small (the default is 10). |
| # |
| # Only valid when compiled with '--enable-bulldb'. |
| # |
| # Default: 75 (10 on systems without usleep(3c)). |
| # |
| # set bulldb-max-tries = 75 |
| |
| |
| # Sets clear text handling options. Values are: |
| # o 'default' Clear text passwords are permitted for all users, |
| # except those in the APOP database |
| # o 'never' Clear text passwords are never permitted |
| # o 'always' Clear text passwords are always permitted |
| # o 'local' Clear text passwords are permitted on the local |
| # (127.*.*.*) loop back interface only |
| # o 'tls' Clear text passwords are permitted when TLS/SSL |
| # has been negotiated for the session |
| # o 'ssl' Same as tls |
| # |
| # The 'tls' and 'ssl' values are only valid if '--with-openssl' or |
| # '--with-sslplus' was used with ./configure. |
| # |
| # Default: default |
| # |
| # set clear-text-password = default |
| |
| |
| # Reads additional run-time options from the specified file. |
| # |
| # Caution. There are no restrictions on which options may |
| # appear in files specified with the '-f' command-line flag |
| # or the 'config-file' configuration file option in files |
| # chained from -f. Be certain that the file specified with |
| # '-f' or in any files it chains to are not writable by |
| # users. |
| # |
| # Default: none |
| # |
| # set config-file = /etc/mail/pop/qpopper.config |
| |
| |
| # Enables debug logging. Output is in syslog. If this option is used, |
| # it should be first, so that debug records are generated for subsequent |
| # options. |
| # |
| # Only valid if ./configure was run with '--enable-debugging' |
| # |
| # Default: false |
| # |
| # set debug = false |
| |
| |
| # Changes uppercase user names to lowercase. This permits users to |
| # configure their clients with user names in UPPER or MiXeD case. |
| # They can then login, assuming their actual user name is all |
| # lowercase. |
| # |
| # Default: false |
| # |
| # set downcase-user = false |
| |
| |
| # If '--with-drac' used with ./configure, this option specifies the DRAC |
| # host. |
| # |
| # Default: localhost |
| # |
| # set drac-host = localhost |
| |
| |
| # Enables Kerberos support. |
| # |
| # Only valid if ./configure run with '--enable-kerberos5'. |
| # |
| # Default: false |
| # |
| # set kerberos = false |
| |
| |
| # Specifies the Kerberos service to use (same as the compile time |
| # KERBEROS_SERVICE define). The default is rcmd, although the use of |
| # pop is popular. |
| # |
| # Only valid if ./configure run with '--enable-kerberos5'. |
| # |
| # Default: rcmd |
| # |
| # set kerberos-service = "rcmd" |
| |
| |
| # Checks if mail lock needs to be refreshed every this many messages. |
| # |
| # You normally do not need to adjust this. See "Performance" in the |
| # Qpopper Administrator's Guide for more information. |
| # |
| # Default: |
| # |
| # set mail-lock-check = |
| |
| |
| # Disables the reverse lookups on client IP addresses. |
| # |
| # Default: true |
| # |
| # set reverse-lookup = true |
| |
| |
| # Enables server mode by default. See the Qpopper Administrator's |
| # Guide for more information. |
| # |
| # Default: false |
| # |
| # set server-mode = false |
| |
| |
| # Enables statistics logging. After each session ends, a statistics |
| # record is written to the log. This record resembles the following |
| # example: 'stats randy 0 0 1 385 randy.example.org 192.168.2.4' and |
| # has the following meaning: |
| # Username: 'randy' |
| # Deleted messages: 0 |
| # Deleted octets: 0 |
| # Messages left on server: 1 |
| # Octets left on server: 385 |
| # Name of client machine: 'randy.example.org' |
| # IP address of client machine: '192.168.2.4' |
| # |
| # Default: false |
| # |
| # set statistics = false |
| |
| |
| # Sets the timeout for network reads. Qpopper terminates the |
| # connection with the client if no input is received in this |
| # many seconds. RFC 1939 states that this timeout must be |
| # 600 seconds (10 minutes). However, ideal settings in some |
| # cases are between 30 and 120 seconds. In other cases the 600 |
| # value is best, and sometimes a value in between is better. |
| # |
| # Default: 120 |
| # |
| # set timeout = 120 |
| |
| |
| # Enables debug logging if '--enable-debugging' was used with |
| # ./configure. All debug and standard log records are written to |
| # the specified file. If this option is used, it should be first, |
| # so that debug records are generated for subsequent options. |
| # |
| # If used without '--enable-debugging', redirects all log messages |
| # to the specified file but does not enable debug logging. |
| # |
| # Default: none |
| # |
| # set tracefile = |
| |
| |
| # Reads additional run-time options from a file named |
| # '.qpopper-options' in the user's home directory, if present. |
| # |
| # This file is normally owned by the user. |
| # |
| # Default: false |
| # |
| # set user-options = false |
| |
| |
| # Reads additional run-time options from a file named |
| # 'username.qpopper-options' in the spool directory. |
| # |
| # This file should not be owned by nor writable by the user. |
| # |
| # Default: false |
| # |
| # set spool-options = false |
| |
| |
| # When updating the spool at the end of a session, this option |
| # instructs Qpopper to rename the temporary file to the spool instead |
| # of copying it. This reduces I/O at session end by a third, but is |
| # likely to break programs such as biff or the shell's mail check |
| # feature. Use this option only if such programs are not used. It is |
| # safest to only enable this option when users do not have shell |
| # access to the mail server. |
| # |
| # See "Performance" in the Qpopper Administrator's Guide for more |
| # information. |
| # |
| # Default: false |
| # |
| # set fast-update = false |
| |
| |
| # When set, domains are trimmed from user names before use. For |
| # example, if a user named 'maida' enters her login name in her POP |
| # client as 'maida@example.org', Qpopper treats this as just 'maida'. |
| # |
| # Default: false |
| # |
| # set trim-domain = false |
| |
| |
| # Specifies TLS/SSL support. The permitted values are: |
| # o 'default' TLS/SSL is not supported |
| # o 'none' Same as default |
| # o 'stls' Enables support for the STLS command. This |
| # permits TLS/SSL negotiations on the |
| # standard (or any) port, allowing the same |
| # port to be used by TLS/SSL and regular |
| # clients. |
| # o 'alternate-port' Enables alternate-port TLS/SSL. Some older |
| # clients require this. (The usual port for |
| # alternate-port TLS/SSL with pop is 995.) |
| # |
| # Only valid when '--with-openssl' or '--with-sslplus' used with |
| # ./configure |
| # |
| # Default: default |
| # |
| # set tls-support = default |
| |
| |
| # Specifies the permitted cipher suites. See the OpenSSL documentation |
| # for syntax. You normally do not need to set this. |
| # |
| # Only valid when '--with-openssl' used with ./configure |
| # |
| # Default: |
| # |
| # set tls-cipher-list = |
| |
| |
| # Restricts the version of TLS/SSL recognized in session negotiations. |
| # You normally do not need to set this. Supported values are: |
| # o 'default' (same as SSLv23) |
| # o 'SSLv2' Forces Qpopper only to understand SSLv2 client hello |
| # messages. |
| # o 'SSLv3' Forces Qpopper only to understand SSLv3 client hello |
| # messages. This especially means that it does not |
| # understand SSLv2 client hello messages, which are |
| # widely used for compatibility reasons. |
| # o 'TLSv1' Forces Qpopper only to understand TLSv1 client hello |
| # messages. This especially means that it does not |
| # understand SSLv2 client hello messages, which are |
| # widely used for compatibility reasons. It also does |
| # not understand SSLv3 client hello messages. |
| # o 'SSLv23' Allows Qpopper to understand SSLv2, SSLv3, and TLSv1 |
| # client hello messages. This is the best choice when |
| # compatibility is a concern. This is the default |
| # value. |
| # o 'all' (same as SSLv23) |
| # |
| # Only valid when '--with-openssl' used with ./configure |
| # |
| # Default: default |
| # |
| # set tls-version = default |
| |
| |
| # Specifies the file containing the server's TLS/SSL certificate and |
| # encrypted private key. |
| # |
| # Only valid if '--with-sslplus' used with ./configure. |
| # |
| # Default: none |
| # |
| # set tls-identity-file = |
| |
| |
| # Specifies the passphrase to decrypt the server's private key (in the |
| # identify file). |
| # |
| # Only valid if '--with-sslplus' used with ./configure. |
| # |
| # Default: none |
| # |
| # set tls-passphrase = |
| |
| |
| # Specifies the file which contains the server's TLS/SSL certificate. |
| # This file may also contain the server's unencrypted private key. |
| # |
| # Only valid if '--with-openssl' used with ./configure |
| # |
| # Default: none |
| # |
| # |
| # set tls-server-cert-file = /etc/mail/certs/cert.pem |
| |
| |
| # Specifies a file which contains the server's TLS/SSL private key. |
| # Note: This private key must not be encrypted. |
| # |
| # If the private key is contained in the same file as the certificate |
| # (as specified with tls-server-cert-file), you do not need to set |
| # this option. |
| # |
| # Only valid if '--with-openssl' used with ./configure |
| # |
| # Default: none |
| # |
| # set tls-private-key-file = |
| |
| |
| # When set, Qpopper writes a log record at the end of a session |
| # containing the elapsed time for the session authentication, |
| # initialization. and cleanup. |
| # |
| # Default: false |
| # |
| # set timing = false |
| |
| |
| # When set, Qpopper checks for old .user.pop files in old locations |
| # when hash-spool or homedirmail is used. When reset, Qpopper skips |
| # this check, which speeds things up. |
| # |
| # Default: true |
| # |
| # set check-old-spool-loc = true |
| |
| |
| # When set, Qpopper checks for and creates if needed the hashed spool |
| # directories. When reset, Qpopper doesn't check for or create the |
| # hashed spool directories. Set to false if you precreate the |
| # directories. |
| # |
| # Default: true |
| # |
| # set check-hash-dir = true |
| |
| |
| # When set, Qpopper checks for expired passwords (if the platform |
| # permits). When reset, Qpopper omits this check. |
| # |
| # Default: true |
| # |
| # set check-password-expired = true |
| |
| |
| # Determines whether Qpopper updates the read/unread status of |
| # messages (a feature relied on by some mail clients). Also |
| # determines if Qpopper saves the message's unique identifier |
| # (UID) in the spool. |
| # |
| # When reset, it forces the UID for every message to be |
| # recalculated, using more CPU but potentially less I/O. |
| # |
| # See the "Performance" section of the Qpopper Administrator's Guide |
| # for more information. |
| # |
| # Default: true |
| # |
| # set update-status-headers = true |
| |
| |
| # Determines whether Qpopper enters update state when a session |
| # aborts. Resetting this option causes Qpopper to ignore any |
| # deletions if the session is aborted. |
| # |
| # Note that RFC 1939, section 6 prohibits the default behavior, |
| # but experience showed that otherwise users on noisy lines were |
| # often unable to delete their mail. Reset this option to inhibit |
| # the default behavior, and obey RFC 1939, but watch for users who |
| # download the same messages over and over, or whose spools fill up. |
| # |
| # Default: true |
| # |
| # set update-on-abort = true |
| |
| |
| # When set, Qpopper automatically and unconditionally deletes messages |
| # that have been downloaded using the RETR command (the normal command |
| # for accessing messages). |
| # |
| # Caution: This option could result in lost mail. Be sure to |
| # inform your users that the option is in effect before enabling. |
| # |
| # Default: false |
| # |
| # set auto-delete = false |
| |
| |
| # When set, Qpopper shows bulletins to users by groups (the group name |
| # is the second dot-separated element in each bulletin's name). See |
| # "Using Bulletins" in the Qpopper Administrator's Guide for more |
| # information. Use a group name of 'ALL' for all users. |
| # |
| # Default: false |
| # |
| # set group-bulletins = false |
| |
| |
| # When set to a 1 or 2, the subdirectory for the mail spools is |
| # determined from the user name by either (1) hashing the first four |
| # characters or (2) by using directories equal to the first letter and |
| # the second letter (if any). For example, if the spool directory is |
| # '/var/mail', the spool file for user 'maida' would be: |
| # '/var/mail/maida' hash-spool = 0 |
| # '/var/mail/o/maida' hash-spool = 1 |
| # '/var/mail/m/a/maida' hash-spool = 2 |
| # |
| # See the "Performance" section of the Qpopper Administrator's Guide |
| # for more information. |
| # |
| # Default: 0 |
| # |
| # set hash-spool = 0 |
| |
| |
| # To have the user's home directory be the spool location, set this |
| # option to be the correct file name for the spool. |
| # |
| # Default: none |
| # |
| # set home-dir-mail = ".mail" |
| |
| |
| # When set, instructs Qpopper to generate message unique identifiers |
| # (UIDs) using old (pre-3.x) style encoding. This is useful only if |
| # you also set 'update-status-headers' to false, have existing users |
| # with old (pre-3.x) spool files, and you want to keep the UIDs the |
| # same. |
| # |
| # Default: false |
| # |
| # set old-style-uid = false |
| |
| |
| # When set, Qpopper checks for and hides status messages created by |
| # University of Washington software. |
| # |
| # Default: false |
| # |
| # set UW-kluge = false |
| |
| |
| # When set, Qpopper keeps (does not delete) the '.user.pop' file (the |
| # temporary drop file). Normally this file is deleted when the |
| # session ends. Some sites like to retain it to determine the last |
| # time a user has accessed his or her mail. |
| # |
| # Default: false |
| # |
| # set keep-temp-drop = false |
| |
| |
| # When set, causes server mode to be on for users who are members of |
| # the specified group. See the "Enabling Server Mode" and |
| # "Performance" sections of the Qpopper Administrator's Guide for more |
| # information. |
| # |
| # Default: none |
| # |
| # set group-server-mode = |
| |
| |
| # When set, causes server mode to be off for users who are members of |
| # the specified group. See the "Enabling Server Mode" and |
| # "Performance" sections of the Qpopper Administrator's Guide for more |
| # information. |
| # |
| # Default: none |
| # |
| # set group-no-server-mode = |
| |
| |
| # Specifies a file that permits only users listed in the file to have |
| # Qpopper access. The format is a list of user names, one per line. |
| # |
| # Default: none |
| # |
| # set auth-file = |
| |
| |
| # Specifies a file that denies access to users listed in the file. |
| # The format is a list of user names, one per line. |
| # |
| # Default: none |
| # |
| # set nonauth-file = |
| |
| |
| # Set this option if you don't want Qpopper to display its version in |
| # the POP protocol banner or CAPA IMPLEMENTATION response of |
| # unauthenticated users. |
| # Some sites believe this improves security since it avoids advertising |
| # that an old version (perhaps with known vulnerabilities) is being |
| # used. Others feel is makes the site more likely to be attacked, |
| # since it also avoids advertising when running a secure version. |
| # |
| # Default: false |
| # |
| # set shy = false |
| |
| |
| # Set this to the full path to sendmail or other such program used to |
| # submit new messages. Qpopper uses this to implement XTND XMIT. |
| # |
| # The default is determined at compile time. |
| # |
| # |
| # set mail-command = /usr/sbin/sendmail |
| |
| |
| # Set this to the full path to the mail spool directory. |
| # |
| # The default is determined at compile time. |
| # |
| # set spool-dir = /var/spool/mail |
| |
| |
| # If you do not want '.user.pop' (temporary drop files) to be in the |
| # spool directory, set this to the full path to the directory to be |
| # used for temp drop files. Note that use of /tmp is not recommended, |
| # because a system reboot will wipe out the files. This could cause |
| # lost mail. |
| # |
| # Default: spool directory |
| # |
| # set temp-dir = |
| |
| |
| # The name of the temporary drop files. You should not normally set |
| # this option. |
| # |
| # Default: ".%s.pop" |
| # |
| # set temp-name = ".%s.pop" |
| |
| |
| # If you do not want user cache files to be in the same directory as |
| # temporary drop files, set this to the full path to the directory for |
| # cache files. Note that use of /tmp is not recommended, because a |
| # system reboot wipes out the files. |
| # |
| # Default: temp-dir |
| # |
| # set cache-dir = |
| |
| |
| # The name of the cache files. You should not normally set this |
| # option. |
| # |
| # Default: ".%s.cache" |
| # |
| # set cache-name = ".%s.cache" |
| |
| |
| # Specifies the maximum number of old bulletins seen by new users. |
| # |
| # Default: 1 |
| # |
| # set max-bulletins = 1 |
| |
| |
| # When set, Qpopper uses a method of opening lock files that may work |
| # over NFS. This has not been thoroughly tested, however. |
| # |
| # Default: false |
| # |
| # set no-atomic-open = false |
| |
| |
| # Qpopper sends network output to client in small chunks (for example, |
| # line-by-line when sending a message). By default, Qpopper |
| # aggregates data to be sent to clients in large chunks. This may be |
| # faster or slower, depending on specifics of both the client and |
| # server hardware and networking stacks as wel as network elements in |
| # between (such as routers). Also, some networking stacks do their |
| # own aggregation. |
| # |
| # Under congested network conditions, larger packets increase the |
| # incidence of lost packets and thus client or server timeouts, |
| # leading to "POP timeout" or "EOF" errors. |
| # |
| # When TLS/SSL is in effect, smaller packets increase the overhead |
| # needed to send data, which may result in worse performance. |
| # |
| # You can adjust the Qpopper behavior by setting this option. The |
| # values are: |
| # o 'default' Always send large chunks |
| # o 'always' Same as 'default' |
| # o 'never' Never aggregate data into large chunks |
| # o 'tls' Only aggregate data into large chunks when TLS/SSL |
| # has been negotiated for the session |
| # o 'ssl' Same as 'tls' |
| # |
| # Default: default |
| # |
| # set chunky-writes = default |
| |
| |
| # Specifies the log facility that Qpopper uses. |
| # |
| # Note that this does not apply to popauth, nor to the daemon in |
| # standalone mode. These continue to use the compile-time default. |
| # |
| # Values are: |
| # o 'mail' Qpopper logs to LOG_MAIL facility. |
| # o 'local0' Qpopper logs to LOG_LOCAL0 facility. |
| # o 'local1' Qpopper logs to LOG_LOCAL1 facility. |
| # o 'local2' Qpopper logs to LOG_LOCAL2 facility. |
| # o 'local3' Qpopper logs to LOG_LOCAL3 facility. |
| # o 'local4' Qpopper logs to LOG_LOCAL4 facility. |
| # o 'local5' Qpopper logs to LOG_LOCAL5 facility. |
| # o 'local6' Qpopper logs to LOG_LOCAL6 facility. |
| # o 'local7' Qpopper logs to LOG_LOCAL7 facility. |
| # |
| # Default: determined at compile time, usually LOG_LOCAL0 or |
| # LOG_MAIL, depending on the operating system. |
| # |
| # set log-facility = local1 |
| |
| |
| # When set, Qpopper logs successful authentications using the |
| # specified string. Within the string, an occurrence of '%0' is |
| # replaced with the Qpopper version, '%1' with the user name, '%2' |
| # with the user's host name, and '%3' with the user's IP address. |
| # |
| # Default: none, unless '--enable-log-login' used with ./configure, |
| # in which case "(v%0) POP login by user /"%1/" at (%2) %3" is used. |
| # |
| # set log-login = "(v%0) POP login by user /"%1/" at (%2) %3" |
| |
| |