path: root/net-mail/qpopper/files/qpopper.conf

#---------------------------------------------------------------------
# Sample Qpopper 4.0 configuration file.
#
# This file lists all Qpopper configuration file options.  To use,
# copy the desired setting to your own configuration file, remove
# the leading '#' and set the desired value.
#
#---------------------------------------------------------------------



# An integer value for the number of seconds to announce in
# the CAPA response for the server's minimum login delay.
#
# Default: 
#
# set announce-login-delay     =


# An integer value for the number of days to announce in
# the CAPA response for the server's maximum message
# retention period.
#
# Default:
#
# set announce-expire          =


# The full path to the bulletins directory.
#
# Default: /var/spool/bulls
#
# set bulldir                  = "/var/spool/bulls"


# Set TRUE to permit sessions to continue even if the
# bulletins database can't be accessed.  This permits
# users to get their mail, but they might not see some
# bulletins for a while, or at all.
#
# Only valid when compiled with '--enable-bulldb'.
#
# Default: false.
#
# set bulldb-nonfatal          = false


# Sets the maximum number of attempts to lock the bulletins
# database.  You normally do not need to adjust this.  This value
# should only be changed if you know if your system has usleep(3C)
# or not.  On systems with usleep(3C), this can be a large value
# (the default is 75).  On systems without usleep(3C), this should
# remain small (the default is 10).
#
# Only valid when compiled with '--enable-bulldb'.
#
# Default: 75 (10 on systems without usleep(3c)).
#
# set bulldb-max-tries         = 75


# Sets clear text handling options.  Values are:
#    o 'default'  Clear text passwords are permitted for all users,
#                 except those in the APOP database
#    o 'never'    Clear text passwords are never permitted
#    o 'always'   Clear text passwords are always permitted
#    o 'local'    Clear text passwords are permitted on the local
#                 (127.*.*.*) loop back interface only
#    o 'tls'      Clear text passwords are permitted when TLS/SSL
#                 has been negotiated for the session
#    o 'ssl'      Same as tls
#
# The 'tls' and 'ssl' values are only valid if '--with-openssl' or
# '--with-sslplus' was used with ./configure.
#
# Default: default
#
# set clear-text-password      = default


# Reads additional run-time options from the specified file.
#
#           Caution. There are no restrictions on which options may
#           appear in files specified with the '-f' command-line flag
#           or the 'config-file' configuration file option in files 
#           chained from -f.  Be certain that the file specified with
#           '-f' or in any files it chains to are not writable by
#           users.
#
# Default: none
#
# set config-file              = /etc/mail/pop/qpopper.config


# Enables debug logging.  Output is in syslog.  If this option is used,
# it should be first, so that debug records are generated for subsequent
# options.
#
# Only valid if ./configure was run with '--enable-debugging'
#
# Default: false
#
# set debug                    = false


# Changes uppercase user names to lowercase.  This permits users to
# configure their clients with user names in UPPER or MiXeD case.
# They can then login, assuming their actual user name is all
# lowercase.
#
# Default: false
#
# set downcase-user            = false


# If '--with-drac' used with ./configure, this option specifies the DRAC 
# host.
#
# Default: localhost
#
# set drac-host                = localhost


# Enables Kerberos support.
#
# Only valid if ./configure run with '--enable-kerberos5'.
#
# Default: false
#
# set kerberos                 = false


# Specifies the Kerberos service to use (same as the compile time
# KERBEROS_SERVICE define). The default is rcmd, although the use of
# pop is popular.
#
# Only valid if ./configure run with '--enable-kerberos5'.
#
# Default: rcmd
#
# set kerberos-service         = "rcmd"


# Checks if mail lock needs to be refreshed every this many messages.
#
# You normally do not need to adjust this.  See "Performance" in the
# Qpopper Administrator's Guide for more information.
#
# Default: 
#
# set mail-lock-check          =


# Disables the reverse lookups on client IP addresses.
#
# Default: true
#
# set reverse-lookup           = true


# Enables server mode by default.  See the Qpopper Administrator's
# Guide for more information.
#
# Default: false
#
# set server-mode              = false


# Enables statistics logging.  After each session ends, a statistics
# record is  written to the log.  This record resembles the following
# example: 'stats randy 0 0 1 385 randy.example.org 192.168.2.4' and
# has the following meaning:
#   Username: 'randy'
#   Deleted messages: 0
#   Deleted octets: 0
#   Messages left on server: 1
#   Octets left on server: 385
#   Name of client machine: 'randy.example.org'
#   IP address of client machine: '192.168.2.4'
#
# Default: false
#
# set statistics               = false


# Sets the timeout for network reads.  Qpopper terminates the
# connection with the client if no input is received in this
# many seconds.  RFC 1939 states that this timeout must be
# 600 seconds (10 minutes).  However, ideal settings in some
# cases are between 30 and 120 seconds.  In other cases the 600
# value is best, and sometimes a value in between is better.
#
# Default: 120
#
# set timeout                  = 120


# Enables debug logging if '--enable-debugging' was used with
# ./configure.  All debug and standard log records are written to
# the specified file.  If this option is used, it should be first,
# so that debug records are generated for subsequent options.
#
# If used without '--enable-debugging', redirects all log messages
# to the specified file but does not enable debug logging.
#
# Default: none
#
# set tracefile                =


# Reads additional run-time options from a file named
# '.qpopper-options' in the user's home directory, if present.
#
# This file is normally owned by the user.
#
# Default: false
#
# set user-options             = false


# Reads additional run-time options from a file named
# 'username.qpopper-options' in the spool directory.
#
# This file should not be owned by nor writable by the user.
#
# Default: false
#
# set spool-options            = false


# When updating the spool at the end of a session, this option
# instructs Qpopper to rename the temporary file to the spool instead
# of copying it.  This reduces I/O at session end by a third, but is
# likely to break programs such as biff or the shell's mail check
# feature.  Use this option only if such programs are not used.  It is
# safest to only enable this option when users do not have shell
# access to the mail server.
#
# See "Performance" in the Qpopper Administrator's Guide for more
# information.
#
# Default: false
#
# set fast-update              = false


# When set, domains are trimmed from user names before use.  For
# example, if a user named 'maida' enters her login name in her POP
# client as 'maida@example.org', Qpopper treats this as just 'maida'.
#
# Default: false
#
# set trim-domain              = false


# Specifies TLS/SSL support.  The permitted values are:
#    o 'default'         TLS/SSL is not supported
#    o 'none'            Same as default
#    o 'stls'            Enables support for the STLS command. This
#                        permits TLS/SSL negotiations on the
#                        standard (or any) port, allowing the same
#                        port to be used by TLS/SSL and regular
#                        clients.
#    o 'alternate-port'  Enables alternate-port TLS/SSL.  Some older
#                        clients require this. (The usual port for
#                        alternate-port TLS/SSL with pop is 995.)
#
# Only valid when '--with-openssl' or '--with-sslplus' used with
# ./configure
#
# Default: default
#
# set tls-support              = default


# Specifies the permitted cipher suites.  See the OpenSSL documentation
# for syntax.  You normally do not need to set this.
#
# Only valid when '--with-openssl' used with ./configure
#
# Default: 
#
# set tls-cipher-list          =


# Restricts the version of TLS/SSL recognized in session negotiations.
# You normally do not need to set this.  Supported values are:
#    o 'default' (same as SSLv23)
#    o 'SSLv2'   Forces Qpopper only to understand SSLv2 client hello
#                messages.
#    o 'SSLv3'   Forces Qpopper only to understand SSLv3 client hello
#                messages.  This especially means that it does not
#                understand SSLv2 client hello messages, which are
#                widely used for compatibility reasons.
#    o 'TLSv1'   Forces Qpopper only to understand TLSv1 client hello
#                messages.  This especially means that it does not
#                understand SSLv2 client hello messages, which are
#                widely used for compatibility reasons.  It also does
#                not understand SSLv3 client hello messages.
#    o 'SSLv23'  Allows Qpopper to understand SSLv2, SSLv3, and TLSv1
#                client hello messages.  This is the best choice when
#                compatibility is a concern.  This is the default
#                value.
#    o 'all'     (same as SSLv23)
#
# Only valid when '--with-openssl' used with ./configure
#
# Default: default
#
# set tls-version              = default


# Specifies the file containing the server's TLS/SSL certificate and
# encrypted private key.
#
# Only valid if '--with-sslplus' used with ./configure.
#
# Default: none
#
# set tls-identity-file        =


# Specifies the passphrase to decrypt the server's private key (in the
# identify file).
#
# Only valid if '--with-sslplus' used with ./configure.
#
# Default: none
#
# set tls-passphrase           =


# Specifies the file which contains the server's TLS/SSL certificate.
# This file may also contain the server's unencrypted private key.
#
# Only valid if '--with-openssl' used with ./configure
#
# Default: none
#
#
# set tls-server-cert-file     = /etc/mail/certs/cert.pem


# Specifies a file which contains the server's TLS/SSL private key.
# Note: This private key must not be encrypted.
#
# If the private key is contained in the same file as the certificate
# (as specified with tls-server-cert-file), you do not need to set
# this option.
#
# Only valid if '--with-openssl' used with ./configure
#
# Default: none
#
# set tls-private-key-file     =


# When set, Qpopper writes a log record at the end of a session
# containing the elapsed time for the session authentication,
# initialization. and cleanup.
#
# Default: false
#
# set timing                   = false


# When set, Qpopper checks for old .user.pop files in old locations
# when hash-spool or homedirmail is used.  When reset, Qpopper skips
# this check, which speeds things up.
#
# Default: true
#
# set check-old-spool-loc      = true


# When set, Qpopper checks for and creates if needed the hashed spool
# directories.  When reset, Qpopper doesn't check for or create the
# hashed spool directories.  Set to false if you precreate the
# directories.
#
# Default: true
#
# set check-hash-dir           = true


# When set, Qpopper checks for expired passwords (if the platform
# permits).  When reset, Qpopper omits this check.
#
# Default: true
#
# set check-password-expired   = true


# Determines whether Qpopper updates the read/unread status of
# messages (a feature relied on by some mail clients).  Also
# determines if Qpopper saves the message's unique identifier
# (UID) in the spool.
#
# When reset, it forces the UID for every message to be
# recalculated, using more CPU but potentially less I/O.
#
# See the "Performance" section of the Qpopper Administrator's Guide
# for more information.
#
# Default: true
#
# set update-status-headers    = true


# Determines whether Qpopper enters update state when a session
# aborts.  Resetting this option causes Qpopper to ignore any
# deletions if the session is aborted.
#
# Note that RFC 1939, section 6 prohibits the default behavior,
# but experience showed that otherwise users on noisy lines were
# often unable to delete their mail.  Reset this option to inhibit
# the default behavior, and obey RFC 1939, but watch for users who
# download the same messages over and over, or whose spools fill up.
#
# Default: true
#
# set update-on-abort          = true


# When set, Qpopper automatically and unconditionally deletes messages
# that have been downloaded using the RETR command (the normal command
# for accessing messages).
#
#       Caution: This option could result in lost mail.  Be sure to
#       inform your users that the option is in effect before enabling.
#
# Default: false
#
# set auto-delete              = false


# When set, Qpopper shows bulletins to users by groups (the group name
# is the second dot-separated element in each bulletin's name). See
# "Using Bulletins" in the Qpopper Administrator's Guide for more
# information.  Use a group name of 'ALL' for all users.
#
# Default: false
#
# set group-bulletins          = false


# When set to a 1 or 2, the subdirectory for the mail spools is
# determined from the user name by either (1) hashing the first four
# characters or (2) by using directories equal to the first letter and
# the second letter (if any).  For example, if the spool directory is
# '/var/mail', the spool file for user 'maida' would be:
#       '/var/mail/maida'                hash-spool = 0
#       '/var/mail/o/maida'              hash-spool = 1
#       '/var/mail/m/a/maida'            hash-spool = 2
#
# See the "Performance" section of the Qpopper Administrator's Guide
# for more information.
#
# Default: 0
#
# set hash-spool               = 0


# To have the user's home directory be the spool location, set this
# option to be the correct file name for the spool.
#
# Default: none
#
# set home-dir-mail            = ".mail"


# When set, instructs Qpopper to generate message unique identifiers
# (UIDs) using old (pre-3.x) style encoding.  This is useful only if
# you also set 'update-status-headers' to false, have existing users
# with old (pre-3.x) spool files, and you want to keep the UIDs the
# same.
#
# Default: false
#
# set old-style-uid            = false


# When set, Qpopper checks for and hides status messages created by
# University of Washington software.
#
# Default: false
#
# set UW-kluge                 = false


# When set, Qpopper keeps (does not delete) the '.user.pop' file (the
# temporary drop file).  Normally this file is deleted when the
# session ends.  Some sites like to retain it to determine the last
# time a user has accessed his or her mail.
#
# Default: false
#
# set keep-temp-drop           = false


# When set, causes server mode to be on for users who are members of
# the specified group.  See the "Enabling Server Mode" and
# "Performance" sections of the Qpopper Administrator's Guide for more
# information.
#
# Default: none
#
# set group-server-mode        =


# When set, causes server mode to be off for users who are members of
# the specified group.  See the "Enabling Server Mode" and
# "Performance" sections of the Qpopper Administrator's Guide for more
# information.
#
# Default: none
#
# set group-no-server-mode     =


# Specifies a file that permits only users listed in the file to have
# Qpopper access.  The format is a list of user names, one per line.
#
# Default: none
#
# set auth-file                =


# Specifies a file that denies access to users listed in the file.
# The format is a list of user names, one per line.
#
# Default: none
#
# set nonauth-file             =


# Set this option if you don't want Qpopper to display its version in
# the POP protocol banner or CAPA IMPLEMENTATION response of
# unauthenticated users.
# Some sites believe this improves security since it avoids advertising
# that an old version (perhaps with known vulnerabilities) is being
# used.  Others feel is makes the site more likely to be attacked,
# since it also avoids advertising when running a secure version.
#
# Default: false
#
# set shy                      = false


# Set this to the full path to sendmail or other such program used to
# submit new messages.  Qpopper uses this to implement XTND XMIT.
#
# The default is determined at compile time.  
#
#
# set mail-command             = /usr/sbin/sendmail


# Set this to the full path to the mail spool directory.
#
# The default is determined at compile time.  
#
# set spool-dir                = /var/spool/mail


# If you do not want '.user.pop' (temporary drop files) to be in the
# spool directory, set this to the full path to the directory to be
# used for temp drop files.  Note that use of /tmp is not recommended,
# because a system reboot will wipe out the files.  This could cause
# lost mail.
#
# Default: spool directory
#
# set temp-dir                 =


# The name of the temporary drop files.  You should not normally set
# this option.
#
# Default: ".%s.pop"
#
# set temp-name                = ".%s.pop"


# If you do not want user cache files to be in the same directory as
# temporary drop files, set this to the full path to the directory for
# cache files.  Note that use of /tmp is not recommended, because a
# system reboot wipes out the files.
#
# Default: temp-dir
#
# set cache-dir                =


# The name of the cache files.  You should not normally set this
# option.
#
# Default: ".%s.cache"
#
# set cache-name               = ".%s.cache"


# Specifies the maximum number of old bulletins seen by new users.
#
# Default: 1
#
# set max-bulletins            = 1


# When set, Qpopper uses a method of opening lock files that may work
# over NFS.  This has not been thoroughly tested, however.
#
# Default: false
#
# set no-atomic-open           = false


# Qpopper sends network output to client in small chunks (for example,
# line-by-line when sending a message).  By default, Qpopper
# aggregates data to be sent to clients in large chunks.  This may be
# faster or slower, depending on specifics of both the client and
# server hardware and networking stacks as wel as network elements in
# between (such as routers).  Also, some networking stacks do their
# own aggregation.
#
# Under congested network conditions, larger packets increase the
# incidence of lost packets and thus client or server timeouts,
# leading to "POP timeout" or "EOF" errors.
#
# When TLS/SSL is in effect, smaller packets increase the overhead
# needed to send data, which may result in worse performance.
#
# You can adjust the Qpopper behavior by setting this option.  The
# values are:
#    o 'default'  Always send large chunks
#    o 'always'   Same as 'default'
#    o 'never'    Never aggregate data into large chunks
#    o 'tls'      Only aggregate data into large chunks when TLS/SSL
#                 has been negotiated for the session 
#    o 'ssl'      Same as 'tls'
#
# Default: default
#
# set chunky-writes            = default


# Specifies the log facility that Qpopper uses.
#
# Note that this does not apply to popauth, nor to the daemon in
# standalone mode.  These continue to use the compile-time default.
#
# Values are:
#    o 'mail'    Qpopper logs to LOG_MAIL facility.
#    o 'local0'  Qpopper logs to LOG_LOCAL0 facility.
#    o 'local1'  Qpopper logs to LOG_LOCAL1 facility.
#    o 'local2'  Qpopper logs to LOG_LOCAL2 facility.
#    o 'local3'  Qpopper logs to LOG_LOCAL3 facility.
#    o 'local4'  Qpopper logs to LOG_LOCAL4 facility.
#    o 'local5'  Qpopper logs to LOG_LOCAL5 facility.
#    o 'local6'  Qpopper logs to LOG_LOCAL6 facility.
#    o 'local7'  Qpopper logs to LOG_LOCAL7 facility.
#
# Default: determined at compile time, usually LOG_LOCAL0 or
# LOG_MAIL, depending on the operating system.
#
# set log-facility             = local1


# When set, Qpopper logs successful authentications using the
# specified string.  Within the string, an occurrence of '%0' is
# replaced with the Qpopper version, '%1' with the user name, '%2'
# with the user's host name, and '%3' with the user's IP address.
#
# Default: none, unless '--enable-log-login' used with ./configure,
# in which case "(v%0) POP login by user /"%1/" at (%2) %3" is used.
#
# set log-login                = "(v%0) POP login by user /"%1/" at (%2) %3"