add imap stuff

20 files changed, 263 insertions, 0 deletions

diff --git a/files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server
new file mode 100644
index 0000000..7a908e6
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server
@@ -0,0 +1,7 @@
+auth_default_realm = ${realm}
+auth_gssapi_hostname = "\$ALL"
+auth_username_format = %Ln
+auth_mechanisms = gssapi plain login
+auth_cache_size = 10M
+
+!include auth-ldap.conf.ext
diff --git a/files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server
new file mode 100644
index 0000000..0fa15ea
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server
@@ -0,0 +1,23 @@
+mail_location = mdbox:~/mdbox
+
+namespace inbox {
+  type = private
+  separator = /
+  inbox = yes
+  subscriptions = yes
+}
+
+mail_plugins = \$mail_plugins quota virtual fts fts_solr
+
+mail_privileged_group = ${dovecot_vmail_user}
+
+first_valid_uid = ${dovecot_vmail_uid}
+last_valid_uid = ${dovecot_vmail_uid}
+
+first_valid_gid = ${dovecot_vmail_uid}
+last_valid_gid = ${dovecot_vmail_uid}
+
+# recommended configuration for quota:count
+protocol !indexer-worker {
+  mail_vsize_bg_after_count = 100
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server
new file mode 100644
index 0000000..1445cb6
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server
@@ -0,0 +1,32 @@
+service imap-login {
+  inet_listener imap {
+    port = 0
+  }
+
+  inet_listener imaps {
+    port = 993
+    ssl = yes
+  }
+}
+
+service lmtp {
+  user = ${dovecot_vmail_user}
+  inet_listener lmtp {
+    port = ${lmtp_port}
+    ssl = yes
+  }
+}
+
+service auth-worker {
+  user = \$default_internal_user
+}
+
+# Allow the vmail user to write to stats. This isn't strictly necessary, but
+# prevents dovecot-lda from spamming the mail log with errors.
+service stats {
+  unix_listener stats-writer {
+    user = dovecot
+    group = ${dovecot_vmail_user}
+    mode = 0660
+  }
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server
new file mode 100644
index 0000000..9f90a47
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server
@@ -0,0 +1,8 @@
+ssl = required
+
+ssl_cert = <${dovecot_tls_cert}
+ssl_key = <${dovecot_tls_key}
+
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ${dovecot_cipherlist}
+ssl_prefer_server_ciphers = no
diff --git a/files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server
new file mode 100644
index 0000000..557594b
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server
@@ -0,0 +1,8 @@
+recipient_delimiter = ${dovecot_recipient_delimiter}
+lda_original_recipient_header = X-Original-To
+
+lda_mailbox_autocreate = yes
+
+protocol lda {
+  mail_plugins = \$mail_plugins sieve
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server
new file mode 100644
index 0000000..540947c
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server
@@ -0,0 +1,31 @@
+namespace inbox {
+
+  mailbox INBOX {
+    auto = subscribe
+  }
+
+  mailbox Drafts {
+    auto = subscribe
+    special_use = \Drafts
+  }
+
+  mailbox Junk {
+    auto = subscribe
+    special_use = \Junk
+  }
+
+  mailbox Trash {
+    auto = subscribe
+    special_use = \Trash
+  }
+
+  mailbox Sent {
+    auto = subscribe
+    special_use = \Sent
+  }
+
+  mailbox Archive {
+    auto = subscribe
+    special_use = \Archive
+  }
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server
new file mode 100644
index 0000000..ae67bae
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server
@@ -0,0 +1,3 @@
+protocol imap {
+  mail_plugins = $mail_plugins imap_quota imap_sieve
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server
new file mode 100644
index 0000000..2619ce5
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server
@@ -0,0 +1,3 @@
+protocol lmtp {
+  mail_plugins = $mail_plugins sieve
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server
new file mode 100644
index 0000000..f4adea9
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server
@@ -0,0 +1,11 @@
+protocols = $protocols sieve
+
+service managesieve-login {
+  inet_listener sieve {
+    port = 4190
+  }
+
+  inet_listener sieve_deprecated {
+    port = 0
+  }
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server
new file mode 100644
index 0000000..fbe7e0f
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server
@@ -0,0 +1,6 @@
+plugin {
+  fts_autoindex = yes
+  fts = solr
+  fts_solr = url=http://127.0.0.1:${solr_port}/solr/dovecot/
+  fts_tika = http://127.0.0.1:${tika_port}/tika/
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server
new file mode 100644
index 0000000..7bffe9f
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server
@@ -0,0 +1,32 @@
+plugin {
+  quota = count:User quota
+  quota_vsizes = yes
+  quota_rule = *:storage=${dovecot_default_quota}
+  quota_grace = ${dovecot_quota_grace_percent}%%
+
+  quota_status_success = DUNNO
+  quota_status_nouser = DUNNO
+  quota_status_overquota = "552 5.2.2 Mailbox is full"
+
+  quota_warning  = storage=95%% quota-warning 95 %u ${dovecot_quota_mail_from}
+  quota_warning2 = storage=90%% quota-warning 90 %u ${dovecot_quota_mail_from}
+  quota_warning3 = storage=80%% quota-warning 80 %u ${dovecot_quota_mail_from}
+}
+
+service quota-warning {
+  executable = script ${dovecot_script_dir}/quota-warning.sh
+  user = ${dovecot_vmail_user}
+  unix_listener quota-warning {
+    user = dovecot
+    group = ${dovecot_vmail_user}
+    mode = 0660
+  }
+}
+
+service quota-status {
+  executable = quota-status -p postfix
+  inet_listener {
+    port = ${quota_status_port}
+  }
+  client_limit = 5
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server
new file mode 100644
index 0000000..06250e9
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server
@@ -0,0 +1,3 @@
+plugin {
+  sieve_pipe_bin_dir = ${dovecot_sieve_pipe_bin_dir}
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server
new file mode 100644
index 0000000..cd67671
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server
@@ -0,0 +1,28 @@
+plugin {
+  sieve = file:~/sieve;active=~/.dovecot.sieve
+
+  sieve_before = ${dovecot_sieve_before_dir}
+
+  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+
+  sieve_plugins = sieve_extprograms sieve_imapsieve
+
+  sieve_quota_max_scripts = 10
+  sieve_quota_max_storage = 2M
+
+  # The default value for this is "sender", but that will totally break SPF
+  sieve_redirect_envelope_from = orig_recipient
+
+  # From elsewhere to Junk folder
+  imapsieve_mailbox1_name = Junk
+  imapsieve_mailbox1_causes = COPY
+  imapsieve_mailbox1_before = file:${dovecot_conf_dir}/report-spam.sieve
+
+  # From Junk folder to elsewhere
+  imapsieve_mailbox2_name = *
+  imapsieve_mailbox2_from = Junk
+  imapsieve_mailbox2_causes = COPY
+  imapsieve_mailbox2_before = file:${dovecot_conf_dir}/report-ham.sieve
+
+  sieve_global_extensions = +vnd.dovecot.pipe
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server b/files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server
new file mode 100644
index 0000000..9237f1f
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server
@@ -0,0 +1,8 @@
+passdb {
+  driver = ldap
+  args = ${dovecot_conf_dir}/dovecot-ldap-passdb.conf.ext
+}
+userdb {
+  driver = ldap
+  args = ${dovecot_conf_dir}/dovecot-ldap-userdb.conf.ext
+}
diff --git a/files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server b/files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server
new file mode 100644
index 0000000..5158954
--- /dev/null
+++ b/files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server
@@ -0,0 +1,11 @@
+uris = ${ldap_uri}
+
+sasl_bind = yes
+sasl_mech = gssapi
+sasl_realm = ${realm}
+
+base = ${users_basedn}
+
+auth_bind = yes
+pass_attrs = uid=user
+user_filter = (uid=%u)
diff --git a/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server b/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server
new file mode 100644
index 0000000..fc939a6
--- /dev/null
+++ b/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server
@@ -0,0 +1,17 @@
+uris = ${ldap_uri}
+
+sasl_bind = yes
+sasl_mech = gssapi
+sasl_realm = ${realm}
+
+base = ${users_basedn}
+user_filter = (|(mailAddress=%u)(uid=%u))
+user_attrs = \
+  =user=%{ldap:uid}, \
+  =uid=${dovecot_vmail_uid}, \
+  =gid=${dovecot_vmail_uid}, \
+  =home=${dovecot_vmail_dir}/%{ldap:uid} \
+  mailQuota=quota_rule=\*:storage=%{ldap:mailQuota}
+
+iterate_attrs = uid=user
+iterate_filter = (mailAddress=*)
diff --git a/files/usr/local/etc/dovecot/dovecot.conf.imap_server b/files/usr/local/etc/dovecot/dovecot.conf.imap_server
new file mode 100644
index 0000000..2045e76
--- /dev/null
+++ b/files/usr/local/etc/dovecot/dovecot.conf.imap_server
@@ -0,0 +1,5 @@
+protocols = imap lmtp
+
+import_environment = \$import_environment KRB5_KTNAME=${dovecot_keytab} KRB5_CLIENT_KTNAME=${dovecot_keytab}
+
+!include conf.d/*.conf
diff --git a/files/usr/local/etc/dovecot/report-ham.sieve.imap_server b/files/usr/local/etc/dovecot/report-ham.sieve.imap_server
new file mode 100644
index 0000000..578e7b2
--- /dev/null
+++ b/files/usr/local/etc/dovecot/report-ham.sieve.imap_server
@@ -0,0 +1,15 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
+
+if environment :matches "imap.mailbox" "*" {
+  set "mailbox" "${1}";
+}
+
+if string "${mailbox}" "Trash" {
+  stop;
+}
+
+if environment :matches "imap.email" "*" {
+  set "email" "${1}";
+}
+
+pipe :copy "report-ham.sh" [ "${email}" ];
diff --git a/files/usr/local/etc/dovecot/report-spam.sieve.imap_server b/files/usr/local/etc/dovecot/report-spam.sieve.imap_server
new file mode 100644
index 0000000..d34c71b
--- /dev/null
+++ b/files/usr/local/etc/dovecot/report-spam.sieve.imap_server
@@ -0,0 +1,7 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
+
+if environment :matches "imap.email" "*" {
+  set "email" "${1}";
+}
+
+pipe :copy "report-spam.sh" [ "${email}" ];
diff --git a/files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server b/files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server
new file mode 100644
index 0000000..7931a71
--- /dev/null
+++ b/files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server
@@ -0,0 +1,5 @@
+require ["fileinto"];
+
+if header :is "X-Spam" "Yes" {
+  fileinto "Junk";
+}