Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 233523 Details for
Bug 319751
courier-imap-4.5.0 broke relay-ctrl
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
/etc/courier-imap/imapd-ssl for v4.0.6-r3
imapd-ssl.old (text/plain), 6.33 KB, created by
Vern Smith
on 2010-05-30 15:15:43 UTC
(
hide
)
Description:
/etc/courier-imap/imapd-ssl for v4.0.6-r3
Filename:
MIME Type:
Creator:
Vern Smith
Created:
2010-05-30 15:15:43 UTC
Size:
6.33 KB
patch
obsolete
>##VERSION: $Id: imapd-ssl.dist.in,v 1.12 2005/07/02 01:13:57 mrsam Exp $ ># ># imapd-ssl created from imapd-ssl.dist by sysconftool ># ># Do not alter lines that begin with ##, they are used when upgrading ># this configuration. ># ># Copyright 2000 - 2004 Double Precision, Inc. See COPYING for ># distribution information. ># ># This configuration file sets various options for the Courier-IMAP server ># when used to handle SSL IMAP connections. ># ># SSL and non-SSL connections are handled by a dedicated instance of the ># couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP ># connections, you will start two instances of couriertcpd, one on the ># IMAP port 143, and another one on the IMAP-SSL port 993. ># ># Download OpenSSL from http://www.openssl.org/ ># >##NAME: SSLPORT:1 ># ># Options in the imapd-ssl configuration file AUGMENT the options in the ># imapd configuration file. First the imapd configuration file is read, ># then the imapd-ssl configuration file, so we do not have to redefine ># anything. ># ># However, some things do have to be redefined. The port number is ># specified by SSLPORT, instead of PORT. The default port is port 993. ># ># Multiple port numbers can be separated by commas. When multiple port ># numbers are used it is possibly to select a specific IP address for a ># given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" ># accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 ># The SSLADDRESS setting is a default for ports that do not have ># a specified IP address. > >SSLPORT=993 > >##NAME: SSLADDRESS:0 ># ># Address to listen on, can be set to a single IP address. ># ># SSLADDRESS=127.0.0.1 > >SSLADDRESS=0 > >##NAME: SSLPIDFILE:0 ># ># That's the SSL IMAP port we'll listen on. ># Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP. > >SSLPIDFILE=/var/run/imapd-ssl.pid > >##NAME: SSLLOGGEROPTS:0 ># ># courierlogger(1) options. ># > >SSLLOGGEROPTS="-name=imapd-ssl" > >##NAME: IMAPDSSLSTART:0 ># ># Different pid files, so that both instances of couriertcpd can coexist ># happily. ># ># You can also redefine IMAP_CAPABILITY, although I can't ># think of why you'd want to do that. ># ># ># Ok, the following settings are new to imapd-ssl: ># ># Whether or not to start IMAP over SSL on simap port: > >IMAPDSSLSTART=YES > >##NAME: IMAPDSTARTTLS:0 ># ># Whether or not to implement IMAP STARTTLS extension instead: > >IMAPDSTARTTLS=YES > >##NAME: IMAP_TLS_REQUIRED:1 ># ># Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. ># (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS ># is issued). > >IMAP_TLS_REQUIRED=0 > > >######################################################################### ># ># The following variables configure IMAP over SSL. If OpenSSL is available ># during configuration, the couriertls helper gets compiled, and upon ># installation a dummy TLS_CERTFILE gets generated. courieresmtpd will ># automatically advertise the ESMTP STARTTLS extension if both TLS_CERTFILE ># and COURIERTLS exist. ># ># WARNING: Peer certificate verification has NOT yet been tested. Proceed ># at your own risk. Only the basic SSL/TLS functionality is known to be ># working. Keep this in mind as you play with the following variables. ># >##NAME: COURIERTLS:0 ># > >COURIERTLS=/usr/sbin/couriertls > >##NAME: TLS_PROTOCOL:0 ># ># TLS_PROTOCOL sets the protocol version. The possible versions are: ># ># SSL2 - SSLv2 ># SSL3 - SSLv3 ># TLS1 - TLS1 > >TLS_PROTOCOL=SSL3 > >##NAME: TLS_STARTTLS_PROTOCOL:0 ># ># TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS ># extension, as opposed to IMAP over SSL on port 993. ># > >TLS_STARTTLS_PROTOCOL=TLS1 > >##NAME: TLS_CIPHER_LIST:0 ># ># TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the ># OpenSSL library. In most situations you can leave TLS_CIPHER_LIST ># undefined ># ># TLS_CIPHER_LIST="ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH" > >##NAME: TLS_TIMEOUT:0 ># TLS_TIMEOUT is currently not implemented, and reserved for future use. ># This is supposed to be an inactivity timeout, but its not yet implemented. ># > >##NAME: TLS_DHCERTFILE:0 ># ># TLS_DHCERTFILE - PEM file that stores our Diffie-Hellman cipher pair. ># When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA ># you must generate a DH pair that will be used. In most situations the ># DH pair is to be treated as confidential, and the file specified by ># TLS_DHCERTFILE must not be world-readable. ># ># TLS_DHCERTFILE= > >##NAME: TLS_CERTFILE:0 ># ># TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS ># servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually ># treated as confidential, and must not be world-readable. ># >TLS_CERTFILE=/etc/courier-imap/imapd.pem > >##NAME: TLS_TRUSTCERTS:0 ># ># TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. ># pathname can be a file or a directory. If a file, the file should ># contain a list of trusted certificates, in PEM format. If a ># directory, the directory should contain the trusted certificates, ># in PEM format, one per file and hashed using OpenSSL's c_rehash ># script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying ># the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set ># to PEER or REQUIREPEER). ># ># ># TLS_TRUSTCERTS= > >##NAME: TLS_VERIFYPEER:0 ># ># TLS_VERIFYPEER - how to verify client certificates. The possible values of ># this setting are: ># ># NONE - do not verify anything ># ># PEER - verify the client certificate, if one's presented ># ># REQUIREPEER - require a client certificate, fail if one's not presented ># ># >TLS_VERIFYPEER=NONE > >##NAME: TLS_CACHE:0 ># ># A TLS/SSL session cache may slightly improve response for IMAP clients ># that open multiple SSL sessions to the server. TLS_CACHEFILE will be ># automatically created, TLS_CACHESIZE bytes long, and used as a cache ># buffer. ># ># This is an experimental feature and should be disabled if it causes ># problems with SSL clients. Disable SSL caching by commenting out the ># following settings: > >TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache >TLS_CACHESIZE=524288 > >##NAME: MAILDIRPATH:0 ># ># MAILDIRPATH - directory name of the maildir directory. ># >MAILDIRPATH=.maildir > ># Hardwire a value for ${MAILDIR} >MAILDIR=.maildir >MAILDIRPATH=.maildir ># Put any program for ${PRERUN} here >PRERUN="envdir /etc/relay-ctrl relay-ctrl-chdir" ># Put any program for ${LOGINRUN} here ># this is for relay-ctrl-allow in 4* >LOGINRUN="relay-ctrl-allow" >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=233523">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 319751
:
233521
| 233523
