# This file is opened as root, so it should be owned by root and mode 0600.
|
#
|
# http://wiki.dovecot.org/AuthDatabase/SQL
|
#
|
# For the sql passdb module, you'll need a database with a table that
|
# contains fields for at least the userid and password. If you want to
|
# use the user@domain syntax, you might want to have a separate domain
|
# field as well.
|
#
|
# If your users all have the same uig/gid, and have predictable home
|
# directories, you can use the static userdb module to generate the home
|
# dir based on the userid and domain. In this case, you won't need fields
|
# for home, uid, or gid in the database.
|
#
|
# If you prefer to use the sql userdb module, you'll want to add fields
|
# for home, uid, and gid. Here is an example table:
|
#
|
# CREATE TABLE users (
|
# userid VARCHAR(128) NOT NULL,
|
# password VARCHAR(64) NOT NULL,
|
# home VARCHAR(255) NOT NULL,
|
# uid INTEGER NOT NULL,
|
# gid INTEGER NOT NULL,
|
# active CHAR(1) DEFAULT 'Y' NOT NULL
|
# );
|
|
# Database driver: mysql, pgsql, sqlite
|
#driver =
|
|
# Database connection string. This is driver-specific setting.
|
#
|
# pgsql:
|
# For available options, see the PostgreSQL documention for the
|
# PQconnectdb function of libpq.
|
#
|
# mysql:
|
# Basic options emulate PostgreSQL option names:
|
# host, port, user, password, dbname
|
#
|
# But also adds some new settings:
|
# client_flags - See MySQL manual
|
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
|
# ssl_cert, ssl_key - For sending client-side certificates to server
|
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
|
#
|
# You can connect to UNIX sockets by using host: host=/var/run/mysqld/mysqld.sock
|
# Note that currently you can't use spaces in parameters.
|
#
|
# sqlite:
|
# The path to the database file.
|
#
|
# Examples:
|
# connect = host=192.168.1.1 dbname=users
|
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
|
# connect = /etc/dovecot/authdb.sqlite
|
#
|
#connect = dbname=virtual user=virtual
|
|
# Default password scheme.
|
#
|
# List of supported schemes is in
|
# http://wiki.dovecot.org/Authentication/PasswordSchemes
|
#
|
#default_pass_scheme = PLAIN-MD5
|
|
# Query to retrieve the password.
|
#
|
# This query must return only one row with "user" and "password" columns.
|
# The query can also return other fields which have a special meaning, see
|
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
|
#
|
# The "user" column is needed to make sure the username gets used with exactly
|
# the same casing as it's in the database. Note that if you store username and
|
# domain in separate fields, you most likely want to return a combination of
|
# them as the "user" column, otherwise the domain gets stripped.
|
#
|
# Commonly used available substitutions (see
|
# http://wiki.dovecot.org/Variables for full list):
|
# %u = entire userid
|
# %n = user part of user@domain
|
# %d = domain part of user@domain
|
#
|
# Note that these can be used only as input to SQL query. If the query outputs
|
# any of these substitutions, they're not touched. Otherwise it would be
|
# difficult to have eg. usernames containing '%' characters.
|
#
|
# Example:
|
# password_query = SELECT concat(userid, '@', domain) AS user, password FROM users WHERE userid = '%n' AND domain = '%d'
|
# password_query = SELECT pw AS password FROM users WHERE userid = '%u' AND active = 'Y'
|
#
|
#password_query = SELECT userid as user, password FROM users WHERE userid = '%u'
|
|
# Query to retrieve the user information.
|
#
|
# The query must return only one row. Commonly returned columns are:
|
# uid - System UID
|
# gid - System GID
|
# home - Home directory
|
# mail - Mail location
|
#
|
# Either home or mail is required. uid and gid are required. If more than one
|
# row is returned or there are missing fields, the login will fail. For a list
|
# of all fields that can be returned, see
|
# http://wiki.dovecot.org/UserDatabase/ExtraFields
|
#
|
# Examples
|
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d'
|
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
|
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
|
#
|
#user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
|
|
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
|
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
|
# also have to return userdb fields in password_query prefixed with "userdb_"
|
# string. For example:
|
#password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
|
|
driver = mysql
|
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password}
|
default_pass_scheme = CRYPT
|
|
password_query = SELECT password FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
|
# user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', floor(quota/1024)) AS quota, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
|
user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'
|
