rev |
line source |
yuuji@0
|
1 /* ========================================================================
|
yuuji@0
|
2 * Copyright 1988-2006 University of Washington
|
yuuji@0
|
3 *
|
yuuji@0
|
4 * Licensed under the Apache License, Version 2.0 (the "License");
|
yuuji@0
|
5 * you may not use this file except in compliance with the License.
|
yuuji@0
|
6 * You may obtain a copy of the License at
|
yuuji@0
|
7 *
|
yuuji@0
|
8 * http://www.apache.org/licenses/LICENSE-2.0
|
yuuji@0
|
9 *
|
yuuji@0
|
10 *
|
yuuji@0
|
11 * ========================================================================
|
yuuji@0
|
12 */
|
yuuji@0
|
13
|
yuuji@0
|
14 .imaprc secrets revealed!
|
yuuji@0
|
15 Mark Crispin, June 17, 2002
|
yuuji@0
|
16
|
yuuji@0
|
17 The following information describes the format of the /etc/c-client.cf
|
yuuji@0
|
18 and ~/.imaprc file. The Columbia MM ~/.mminit file is also read by
|
yuuji@0
|
19 c-client; however, the only command that ~/.mminit has in common is
|
yuuji@0
|
20 set keywords.
|
yuuji@0
|
21
|
yuuji@0
|
22 **********************************************************************
|
yuuji@0
|
23 * DANGER! BEWARE! TAKE CARE! *
|
yuuji@0
|
24 **********************************************************************
|
yuuji@0
|
25 * *
|
yuuji@0
|
26 * These files, and this documentation, are for internal UW usage *
|
yuuji@0
|
27 * only. This capability is for UW experimental tinkering, and most *
|
yuuji@0
|
28 * emphatically *not* for sorcerer's apprentices at other sites who *
|
yuuji@0
|
29 * feel that if a config file capability exists, they must write a *
|
yuuji@0
|
30 * config file whether or not there is any need for one. *
|
yuuji@0
|
31 * *
|
yuuji@0
|
32 * This information is subject to change without notice. Commands *
|
yuuji@0
|
33 * may be added, removed, or altered. The behavior of comamnds may *
|
yuuji@0
|
34 * change. Do not use any of this information without consulting me *
|
yuuji@0
|
35 * first. c-client's defaults have been carefully chosen to be right *
|
yuuji@0
|
36 * for general-purpose and most special-purpose configurations. If *
|
yuuji@0
|
37 * you tinker with these defaults, all hell may break loose. *
|
yuuji@0
|
38 * *
|
yuuji@0
|
39 * This is not an idle threat. There have been several instances of *
|
yuuji@0
|
40 * people who ignored these warnings and have gotten burned. *
|
yuuji@0
|
41 * *
|
yuuji@0
|
42 * Don't even trust this file to work. Many of the things which can *
|
yuuji@0
|
43 * be changed by this file can also be changed by the application, *
|
yuuji@0
|
44 * and it is totally unpredictable which will take precedence. It *
|
yuuji@0
|
45 * all depends upon how the application is coded. Not only that, you *
|
yuuji@0
|
46 * may cause the application to crash. *
|
yuuji@0
|
47 * *
|
yuuji@0
|
48 * In other words, keep your cotton-pickin' hands off my defaults. *
|
yuuji@0
|
49 * If it crashes and erases your mail, I don't want to hear about it. *
|
yuuji@0
|
50 * Consider 'em ``mandatory defaults''. Got a nice ring, eh? :-) If *
|
yuuji@0
|
51 * you must tinker with defaults, play with the .pinerc and pine.conf *
|
yuuji@0
|
52 * files in Pine. It's got options galore, all supported for you to *
|
yuuji@0
|
53 * have fun. They're also documented; so well documented, it takes *
|
yuuji@0
|
54 * two strong men to carry around all the documentation. ;-) ;-) *
|
yuuji@0
|
55 * *
|
yuuji@0
|
56 * Joking aside, you really shouldn't be fooling around with this *
|
yuuji@0
|
57 * capability. It's dangerous, and you can shoot yourself in the *
|
yuuji@0
|
58 * foot easily. If you need custom changes, you are better off with *
|
yuuji@0
|
59 * local source code modifications. Seriously. *
|
yuuji@0
|
60 * *
|
yuuji@0
|
61 * One last warning: don't believe anything that you read in this *
|
yuuji@0
|
62 * document. Every effort has been made to ensure that this document *
|
yuuji@0
|
63 * is incomplete and inaccurate, and I take no responsibility for any *
|
yuuji@0
|
64 * glimmers of correct information that may, by some fluke, be here. *
|
yuuji@0
|
65 * *
|
yuuji@0
|
66 **********************************************************************
|
yuuji@0
|
67
|
yuuji@0
|
68 The files are read in order: /etc/c-client.cf, ~/.mminit, ~/.imaprc,
|
yuuji@0
|
69 and an entry in a later file overrides the setting of an earlier file
|
yuuji@0
|
70 except as noted below. This ordering and overriding behavior may
|
yuuji@0
|
71 change without notice.
|
yuuji@0
|
72
|
yuuji@0
|
73 Almost all of these facilities can also be set via the mail_parameters()
|
yuuji@0
|
74 call in the program. Whether the file overrides mail_parameters(), or
|
yuuji@0
|
75 mail_parameters() overrides the file, is indeterminate. It will vary
|
yuuji@0
|
76 from program to program, and it may be one way in one version and the
|
yuuji@0
|
77 other way in the next version. It's completely unpredictable, and so
|
yuuji@0
|
78 anything you do with these files has to be in complete knowledge of what
|
yuuji@0
|
79 the version of each program you're running is going to do. This is
|
yuuji@0
|
80 because the files do something for testing, but the real capability for
|
yuuji@0
|
81 configurability is put in the program instead. Are you getting the
|
yuuji@0
|
82 feeling that you shouldn't be messing with these files yet?
|
yuuji@0
|
83
|
yuuji@0
|
84 The very first line of the file MUST start with the exact string "I
|
yuuji@0
|
85 accept the risk". This ensures that you have checked the file for
|
yuuji@0
|
86 correctness against this version of the IMAP toolkit. This enable
|
yuuji@0
|
87 string may change without notice in future versions, and the new
|
yuuji@0
|
88 string may or may not be accurately described in an updated version of
|
yuuji@0
|
89 this file. So any time you install software that uses the IMAP
|
yuuji@0
|
90 toolkit, you need to check the new version against these files (if you
|
yuuji@0
|
91 have insisted upon creating them in spite of all warnings). If two
|
yuuji@0
|
92 pieces of software use different versions of the IMAP toolkit with
|
yuuji@0
|
93 incompatible requirements, one of them won't work. Re-read the
|
yuuji@0
|
94 warning above about why you should not use these files.
|
yuuji@0
|
95
|
yuuji@0
|
96 Subsequent lines are read from the file one at a time. Case does not
|
yuuji@0
|
97 matter. Unrecognized commands are ignored.
|
yuuji@0
|
98
|
yuuji@0
|
99 1) set new-folder-format
|
yuuji@0
|
100 sets what format new mailboxes are created in. This also controls
|
yuuji@0
|
101 default delivery via tmail and dmail.
|
yuuji@0
|
102
|
yuuji@0
|
103 a) set new-folder-format same-as-inbox
|
yuuji@0
|
104 Folder is created using the same mailbox format as INBOX. If
|
yuuji@0
|
105 INBOX is empty, it defaults to system standard.
|
yuuji@0
|
106
|
yuuji@0
|
107 b) set new-folder-format system-standard
|
yuuji@0
|
108 This is the default. Folder is created using the wired-in system
|
yuuji@0
|
109 standard format, which on most UNIX systems is ordinary UNIX
|
yuuji@0
|
110 /bin/mail format. On SCO systems, this is MMDF.
|
yuuji@0
|
111
|
yuuji@0
|
112 c) set new-folder-format <driver name>
|
yuuji@0
|
113 Folder is created using the given driver name, e.g. mbx, unix,
|
yuuji@0
|
114 mmdf, etc.
|
yuuji@0
|
115
|
yuuji@0
|
116 There is no protection against setting this to a silly value (e.g.
|
yuuji@0
|
117 news, nntp, dummy) and doing so is a great way to screw things up.
|
yuuji@0
|
118 Setting this to mh does not do what you think it does. Setting this
|
yuuji@0
|
119 to tenex or mtx isn't particularly useful.
|
yuuji@0
|
120
|
yuuji@0
|
121 2) set empty-folder-format
|
yuuji@0
|
122 sets what format data is written into an empty mailbox file using
|
yuuji@0
|
123 mail_copy() or mail_append(). This also controls default delivery
|
yuuji@0
|
124 via tmail.
|
yuuji@0
|
125
|
yuuji@0
|
126 a) set empty-folder-format same-as-inbox
|
yuuji@0
|
127 Data is written using the same mailbox format as INBOX. If
|
yuuji@0
|
128 INBOX is empty, it defaults to system standard.
|
yuuji@0
|
129
|
yuuji@0
|
130 b) set empty-folder-format system-standard
|
yuuji@0
|
131 This is the default. Data is written using the wired-in system
|
yuuji@0
|
132 standard format, which on most UNIX systems is ordinary UNIX
|
yuuji@0
|
133 /bin/mail format. On SCO systems, this is MMDF.
|
yuuji@0
|
134
|
yuuji@0
|
135 c) set-empty-folder-format <driver name>
|
yuuji@0
|
136 Data is written using the given driver name, e.g. tenex, unix,
|
yuuji@0
|
137 mmdf, etc.
|
yuuji@0
|
138
|
yuuji@0
|
139 There is no protection against setting this to a silly value (e.g.
|
yuuji@0
|
140 news, nntp, dummy) and doing so is a great way to screw things up.
|
yuuji@0
|
141 Setting this to mh, mbx, or mx does not work.
|
yuuji@0
|
142
|
yuuji@0
|
143 3) set keywords <word1>, <word2>, ... <wordn>
|
yuuji@0
|
144 Sets the list of keyword flags (supported by tenex and mtx) to the
|
yuuji@0
|
145 given list. Up to 30 flags may be given. Since these names
|
yuuji@0
|
146 correspond to numeric bits, the order of the keywords can not be
|
yuuji@0
|
147 changed, nor can keywords be removed or inserted (you can append
|
yuuji@0
|
148 new keywords, up to the limit of 30).
|
yuuji@0
|
149
|
yuuji@0
|
150 Set keywords is a deprecated command. It may not appear in
|
yuuji@0
|
151 future versions, or it may appear in a changed form. It exists
|
yuuji@0
|
152 only for compatibility with MM, and should only appear in ~/.mminit
|
yuuji@0
|
153 and not in the other files. It is likely to disappear entirely in
|
yuuji@0
|
154 IMAP4.
|
yuuji@0
|
155
|
yuuji@0
|
156 There is no protection against setting these to silly values, and
|
yuuji@0
|
157 doing so is a great way to cause a crash.
|
yuuji@0
|
158
|
yuuji@0
|
159 4) set from-widget header-only
|
yuuji@0
|
160 Sets smart insertion of the > character in front of lines that
|
yuuji@0
|
161 begin with ``From ''. Only such lines that are also in UNIX mbox
|
yuuji@0
|
162 header file format will have a > character inserted. The default
|
yuuji@0
|
163 is to insert the > character in front of all lines which begin with
|
yuuji@0
|
164 ``From '', for the benefit of legacy tools that get confused
|
yuuji@0
|
165 otherwise.
|
yuuji@0
|
166
|
yuuji@0
|
167 5) set black-box-directory <directory name>
|
yuuji@0
|
168 Sets the directory in which the user's data can be found. A user's
|
yuuji@0
|
169 folders can be found in a subdirectory of the black box directory
|
yuuji@0
|
170 named with the user's username. For example, if the blackbox
|
yuuji@0
|
171 directory is /usr/spool/folders/, user jones' data can be found
|
yuuji@0
|
172 in /usr/spool/folders/jones/. The user's black-box directory is
|
yuuji@0
|
173 the location of folders, .mminit, .imaprc, .newsrc, and all other
|
yuuji@0
|
174 files used by c-client; internally, it sets c-client's idea of the
|
yuuji@0
|
175 user's ``home directory'', overriding /etc/passwd.
|
yuuji@0
|
176
|
yuuji@0
|
177 This command may not appear in ~/.mminit or ~/.imaprc
|
yuuji@0
|
178
|
yuuji@0
|
179 In black-box mode, it is not permitted to access any folders
|
yuuji@0
|
180 outside of the user's personal blackbox directory. The breakouts
|
yuuji@0
|
181 ``/'', ``~'', and ``..'' are not permitted.
|
yuuji@0
|
182
|
yuuji@0
|
183 In order to make this work without crashing, you must set another
|
yuuji@0
|
184 option which is not listed in this document.
|
yuuji@0
|
185
|
yuuji@0
|
186 There is no protection against setting this to a silly value, and
|
yuuji@0
|
187 doing so is a great way to cause a crash.
|
yuuji@0
|
188
|
yuuji@0
|
189 6) set local-host <host name>
|
yuuji@0
|
190 Sets c-client's idea of the local host name.
|
yuuji@0
|
191
|
yuuji@0
|
192 There is no protection against setting this to a silly value, and
|
yuuji@0
|
193 doing so is a great way to cause a crash.
|
yuuji@0
|
194
|
yuuji@0
|
195 7) set news-active-file <file name>
|
yuuji@0
|
196 Sets the location of the news active file, if it is not in the
|
yuuji@0
|
197 standard place.
|
yuuji@0
|
198
|
yuuji@0
|
199 It is recommended to use a courtesy symbolic link instead.
|
yuuji@0
|
200
|
yuuji@0
|
201 There is no protection against setting this to a silly value, and
|
yuuji@0
|
202 doing so is a great way to cause a crash.
|
yuuji@0
|
203
|
yuuji@0
|
204 8) set news-spool-directory <directory name>
|
yuuji@0
|
205 Sets the location of the news spool, if it is not in the standard
|
yuuji@0
|
206 place.
|
yuuji@0
|
207
|
yuuji@0
|
208 It is recommended to use a courtesy symbolic link instead.
|
yuuji@0
|
209
|
yuuji@0
|
210 There is no protection against setting this to a silly value, and
|
yuuji@0
|
211 doing so is a great way to cause a crash.
|
yuuji@0
|
212
|
yuuji@0
|
213 9) set news-state-file <file name>
|
yuuji@0
|
214 Sets the location of the news state file (normally $(USER)/.newsrc).
|
yuuji@0
|
215
|
yuuji@0
|
216 This is not very useful in /etc/c-client.cf because it is a file name.
|
yuuji@0
|
217 Setting this in /etc/c-client.cf would set all users to the same file
|
yuuji@0
|
218 as their newsrc, which is probably not what you want.
|
yuuji@0
|
219
|
yuuji@0
|
220 There is no protection against setting this to a silly value, and
|
yuuji@0
|
221 doing so is a great way to cause a crash.
|
yuuji@0
|
222
|
yuuji@0
|
223 10) set system-inbox <file name>
|
yuuji@0
|
224 Sets the location of the "system inbox", if it is not in the standard
|
yuuji@0
|
225 place. This is the default location of INBOX, or the mail drop point
|
yuuji@0
|
226 from which mail is snarfed (e.g. in tenex, mtx, mbox, mh formats).
|
yuuji@0
|
227
|
yuuji@0
|
228 This is not very useful in /etc/c-client.cf because it is a file name.
|
yuuji@0
|
229 Setting this in /etc/c-client.cf would set all users to the same file
|
yuuji@0
|
230 as their system inbox, which is probably not what you want.
|
yuuji@0
|
231
|
yuuji@0
|
232 There is no protection against setting this to a silly value, and
|
yuuji@0
|
233 doing so is a great way to cause a crash.
|
yuuji@0
|
234
|
yuuji@0
|
235 11) set tcp-open-timeout <number>
|
yuuji@0
|
236 Sets the number of seconds that the TCP routines will block on opening
|
yuuji@0
|
237 a TCP connection before timing out. If a timeout occurs, the connection
|
yuuji@0
|
238 attempt is aborted.
|
yuuji@0
|
239
|
yuuji@0
|
240 The default is zero, meaning use the operating system default (75
|
yuuji@0
|
241 seconds on most UNIX systems).
|
yuuji@0
|
242
|
yuuji@0
|
243 There is no protection against setting this to an excessively small
|
yuuji@0
|
244 value, such as 1, and doing so is a great way to cause users extreme
|
yuuji@0
|
245 grief.
|
yuuji@0
|
246
|
yuuji@0
|
247 12) set tcp-read-timeout <number>
|
yuuji@0
|
248 Sets the number of seconds that the TCP routines will block on reading
|
yuuji@0
|
249 data before calling the timeout routine. If no timeout routine is set
|
yuuji@0
|
250 by the program, the connection will be aborted on a timeout.
|
yuuji@0
|
251
|
yuuji@0
|
252 The default is zero, meaning infinite.
|
yuuji@0
|
253
|
yuuji@0
|
254 There is no protection against setting this to an excessively small
|
yuuji@0
|
255 value, such as 1, and doing so is a great way to cause users extreme
|
yuuji@0
|
256 grief.
|
yuuji@0
|
257
|
yuuji@0
|
258 13) set tcp-write-timeout <number>
|
yuuji@0
|
259 Sets the number of seconds that the TCP routines will block on sending
|
yuuji@0
|
260 data before calling the timeout routine. If no timeout routine is set
|
yuuji@0
|
261 by the program, the connection will be aborted on a timeout.
|
yuuji@0
|
262
|
yuuji@0
|
263 The default is zero, meaning infinite.
|
yuuji@0
|
264
|
yuuji@0
|
265 There is no protection against setting this to an excessively small
|
yuuji@0
|
266 value, such as 1, and doing so is a great way to cause users extreme
|
yuuji@0
|
267 grief.
|
yuuji@0
|
268
|
yuuji@0
|
269 14) set rsh-timeout <number>
|
yuuji@0
|
270 Sets the number of seconds that the rsh routines will block on opening
|
yuuji@0
|
271 an rimapd connection before timing out. If a timeout occurs, the
|
yuuji@0
|
272 rsh connection attempt is aborted. A zero timeout will disable rsh.
|
yuuji@0
|
273
|
yuuji@0
|
274 The default is 15 seconds.
|
yuuji@0
|
275
|
yuuji@0
|
276 There is no protection against setting this to an excessively small
|
yuuji@0
|
277 value, such as 1, and doing so is a great way to cause users extreme
|
yuuji@0
|
278 grief.
|
yuuji@0
|
279
|
yuuji@0
|
280 15) set maximum-login-trials <number>
|
yuuji@0
|
281 Sets the number of iterations of asking the user, via mm_login(), for
|
yuuji@0
|
282 a user name and password, before cancelling the attempt.
|
yuuji@0
|
283
|
yuuji@0
|
284 The default is 3.
|
yuuji@0
|
285
|
yuuji@0
|
286 There is no protection against setting this to zero, and doing so is
|
yuuji@0
|
287 a great way to cause users extreme grief.
|
yuuji@0
|
288
|
yuuji@0
|
289 16) set lookahead <number>
|
yuuji@0
|
290 Sets the number of envelopes that are looked ahead in IMAP, in
|
yuuji@0
|
291 mail_fetchstructure(). This is based on the guess that in such
|
yuuji@0
|
292 operations as drawing browser lines, if you get data for message n
|
yuuji@0
|
293 you are likely to want it for message n+1, n+2,... in short order.
|
yuuji@0
|
294 Lookahead preloads the c-client cache and saves unnecessary RTTs.
|
yuuji@0
|
295
|
yuuji@0
|
296 The default is 20, a good number for a browser on a 24x80 screen, and
|
yuuji@0
|
297 small enough to usually have no significant real-time difference from
|
yuuji@0
|
298 a single message fetch.
|
yuuji@0
|
299
|
yuuji@0
|
300 Setting it to 0 turns off lookahead.
|
yuuji@0
|
301
|
yuuji@0
|
302 There is no protection against setting this ridiculously high and
|
yuuji@0
|
303 incurring performance penalties as a result.
|
yuuji@0
|
304
|
yuuji@0
|
305 17) set prefetch <number>
|
yuuji@0
|
306 Sets the number of envelops which are automatically fetched for the
|
yuuji@0
|
307 messages which match in a search. This is based on the guess that
|
yuuji@0
|
308 in a browser that is "zoomed" on the results of a search, you are
|
yuuji@0
|
309 likely to want the envelope data for each of those messages in
|
yuuji@0
|
310 short order. Prefetching reloads the c-client cache, saves
|
yuuji@0
|
311 unnecessary RTTs, and avoids loading undesired envelopes due to
|
yuuji@0
|
312 lookahead (see above).
|
yuuji@0
|
313
|
yuuji@0
|
314 The default is 20.
|
yuuji@0
|
315
|
yuuji@0
|
316 Setting it to 0 turns off prefetch.
|
yuuji@0
|
317
|
yuuji@0
|
318 There is no protection against setting this ridiculously high and
|
yuuji@0
|
319 incurring performance penalties as a result.
|
yuuji@0
|
320
|
yuuji@0
|
321 18) set close-on-error <number>
|
yuuji@0
|
322 If non-zero, IMAP connections are closed if an EXAMINE or SELECT
|
yuuji@0
|
323 command fails. Otherwise, they are left half-open, and can be used
|
yuuji@0
|
324 again to select some other mailbox. The mailbox name in the stream
|
yuuji@0
|
325 is set to {serverhost}<no_mailbox>
|
yuuji@0
|
326
|
yuuji@0
|
327 The default is zero (do not close on error).
|
yuuji@0
|
328
|
yuuji@0
|
329 19) set imap-port <number>
|
yuuji@0
|
330 Set the TCP/IP contact port to use for IMAP. This overrides the
|
yuuji@0
|
331 wired-in setting and the setting from /etc/services, and can in
|
yuuji@0
|
332 turn be overridden by an explicit user specification in the mailbox
|
yuuji@0
|
333 name, e.g. {serverhost:143}foo
|
yuuji@0
|
334
|
yuuji@0
|
335 The default is zero (use setting from /etc/services or the wired-in
|
yuuji@0
|
336 setting (143).
|
yuuji@0
|
337
|
yuuji@0
|
338 There is no protection against setting this to a silly value, and
|
yuuji@0
|
339 doing so is a great way to cause users extreme grief.
|
yuuji@0
|
340
|
yuuji@0
|
341 20) set pop3-port <number>
|
yuuji@0
|
342 Set the TCP/IP contact port to use for POP3. This overrides the
|
yuuji@0
|
343 wired-in setting and the setting from /etc/services, and can in
|
yuuji@0
|
344 turn be overridden by an explicit user specification in the mailbox
|
yuuji@0
|
345 name, e.g. {serverhost:110/pop3}
|
yuuji@0
|
346
|
yuuji@0
|
347 The default is zero (use setting from /etc/services or the wired-in
|
yuuji@0
|
348 setting (110).
|
yuuji@0
|
349
|
yuuji@0
|
350 There is no protection against setting this to a silly value, and
|
yuuji@0
|
351 doing so is a great way to cause users extreme grief.
|
yuuji@0
|
352
|
yuuji@0
|
353 21) set uid-lookahead <number>
|
yuuji@0
|
354 Sets the number of UIDs that are looked ahead in IMAP in mail_uid().
|
yuuji@0
|
355 Lookahead preloads the c-client cache and saves unnecessary RTTs.
|
yuuji@0
|
356
|
yuuji@0
|
357 The default is 1000, small enough to usually have no significant
|
yuuji@0
|
358 real-time difference from a single message UID fetch.
|
yuuji@0
|
359
|
yuuji@0
|
360 Setting it to 0 turns off lookahead.
|
yuuji@0
|
361
|
yuuji@0
|
362 There is no protection against setting this ridiculously high and
|
yuuji@0
|
363 incurring performance penalties as a result.
|
yuuji@0
|
364
|
yuuji@0
|
365 22) set mailbox-protection <number>
|
yuuji@0
|
366 Set the default protection for newly-created mailbox files.
|
yuuji@0
|
367
|
yuuji@0
|
368 The default is 384.
|
yuuji@0
|
369
|
yuuji@0
|
370 There is no protection against setting this to a silly value, and
|
yuuji@0
|
371 doing so is a great way to screw things up massively.
|
yuuji@0
|
372
|
yuuji@0
|
373 23) set directory-protection <number>
|
yuuji@0
|
374 Set the default protection for newly-created directories.
|
yuuji@0
|
375
|
yuuji@0
|
376 The default is 448.
|
yuuji@0
|
377
|
yuuji@0
|
378 There is no protection against setting this to a silly value, and
|
yuuji@0
|
379 doing so is a great way to screw things up massively.
|
yuuji@0
|
380
|
yuuji@0
|
381 24) set lock-protection <number>
|
yuuji@0
|
382 Set the default protection for lock files
|
yuuji@0
|
383
|
yuuji@0
|
384 The default is 438, which is necessary if locks are to be respected
|
yuuji@0
|
385 by processes running as other UIDs.
|
yuuji@0
|
386
|
yuuji@0
|
387 There is no protection against setting this to a silly value, and
|
yuuji@0
|
388 contrary to what you may think just about any value other than 438
|
yuuji@0
|
389 turns out to be a silly value.
|
yuuji@0
|
390
|
yuuji@0
|
391 25) set disable-fcntl-locking <number>
|
yuuji@0
|
392 This only applies to SVR4 systems.
|
yuuji@0
|
393
|
yuuji@0
|
394 If non-zero, fnctl() locking is not attempted. In the past, this
|
yuuji@0
|
395 was used to avoid locking NFS files. If NFS is involved, the evil
|
yuuji@0
|
396 lockd/statd daemons get invoked. These daemons supposedly work over
|
yuuji@0
|
397 NFS, but really don't.
|
yuuji@0
|
398
|
yuuji@0
|
399 You probably don't really want to do this, though, because now the
|
yuuji@0
|
400 flock() emulator (which calls fcntl()) now checks to see if the file
|
yuuji@0
|
401 is accessed via NFS and no-ops the lock. This is compatible with
|
yuuji@0
|
402 BSD.
|
yuuji@0
|
403
|
yuuji@0
|
404 Disabling fcntl() locking loses a great deal of locking protection
|
yuuji@0
|
405 on local files as well as NFS files (which now never have locking
|
yuuji@0
|
406 protection).
|
yuuji@0
|
407
|
yuuji@0
|
408 The default is zero (fcntl() locking is enabled).
|
yuuji@0
|
409
|
yuuji@0
|
410 26) set lock-EACCES-error <number>
|
yuuji@0
|
411 If non-zero, a warning message is given if an attempt to create a
|
yuuji@0
|
412 lock file fails. Otherwise, EACCES is treated as a "silent failure",
|
yuuji@0
|
413 and it proceeds without trying to use the lock file. This is for
|
yuuji@0
|
414 the benefit of users on systems with paranoid /usr/spool/mail
|
yuuji@0
|
415 protections which don't let users create /usr/spool/mail/$(USER).lock
|
yuuji@0
|
416 files; these unfortunate users would be harassed with a flood of
|
yuuji@0
|
417 error messages otherwise. The problem is that on SVR4, if EACCES
|
yuuji@0
|
418 remains disabled and fcntl() locking is also disabled, then there is
|
yuuji@0
|
419 no locking at all which is doubleplus-ungood.
|
yuuji@0
|
420
|
yuuji@0
|
421 If the site is paranoid on /usr/spool/mail protections AND if there
|
yuuji@0
|
422 is no fcntl() locking (SVR4) or usable flock() locking (e.g. NFS),
|
yuuji@0
|
423 then there is no way to win. Find a different system to use.
|
yuuji@0
|
424
|
yuuji@0
|
425 The default is non-zero (report EACCESS as an error).
|
yuuji@0
|
426
|
yuuji@0
|
427 27) set list-maximum-level <number>
|
yuuji@0
|
428 Sets the maximum depth of recursion that a * wildcard list will go
|
yuuji@0
|
429 down the directory tree. 0 means that no recursion is permitted,
|
yuuji@0
|
430 and * becomes like %.
|
yuuji@0
|
431
|
yuuji@0
|
432 The default is 20.
|
yuuji@0
|
433
|
yuuji@0
|
434 There is no protection against setting this to a ridiculously high
|
yuuji@0
|
435 value. Since LIST will follow symbolic links, it can effectively
|
yuuji@0
|
436 recurse infinitely, until the name strings get large enough that
|
yuuji@0
|
437 some name limit is exceeded.
|
yuuji@0
|
438
|
yuuji@0
|
439 28) set anonymous-home-directory <directory name>
|
yuuji@0
|
440 Sets the location of the anonymous home directory, if it is not in
|
yuuji@0
|
441 the standard place.
|
yuuji@0
|
442
|
yuuji@0
|
443 It is recommended to use a courtesy symbolic link instead.
|
yuuji@0
|
444
|
yuuji@0
|
445 There is no protection against setting this to a silly value, and
|
yuuji@0
|
446 doing so is a great way to cause a crash.
|
yuuji@0
|
447
|
yuuji@0
|
448 29) set chroot-server <number>
|
yuuji@0
|
449 This option is for closed server systems only. If defined, a chroot()
|
yuuji@0
|
450 call to the user's home directory is done as part of the login
|
yuuji@0
|
451 process. This has the effect of preventing access to any files
|
yuuji@0
|
452 outside of the user's home directory (including shared mailboxes).
|
yuuji@0
|
453
|
yuuji@0
|
454 Shared mailboxes with other users can't possibly work with this
|
yuuji@0
|
455 option, because there is no way to export lock information to other
|
yuuji@0
|
456 users.
|
yuuji@0
|
457
|
yuuji@0
|
458 This should be done ONLY on systems which do not permit users to
|
yuuji@0
|
459 have shell access
|
yuuji@0
|
460
|
yuuji@0
|
461 This option should NEVER(!!) be set if users are allowed shell access.
|
yuuji@0
|
462 Doing so actually makes the system *less* secure, since the user could
|
yuuji@0
|
463 create an etc subdirectory which would be treated as real /etc by such
|
yuuji@0
|
464 programs as /bin/su.
|
yuuji@0
|
465
|
yuuji@0
|
466 The default is zero (don't do chroot).
|
yuuji@0
|
467
|
yuuji@0
|
468 This option is strongly *NOT* recommended.
|
yuuji@0
|
469
|
yuuji@0
|
470 30) set disable-automatic-shared-namespaces <number>
|
yuuji@0
|
471 Never look up the "ftp", "imappublic", and "imapshared" users as
|
yuuji@0
|
472 posssible home directories for the #ftp, #public, and #shared
|
yuuji@0
|
473 namespaces. On some systems (reportedly including AIX 4.3.3)
|
yuuji@0
|
474 getpwnam() of an unknown user name is horrendously slow.
|
yuuji@0
|
475
|
yuuji@0
|
476 Note that this does not remove the #ftp, #public, and #shared
|
yuuji@0
|
477 namespaces, and they can still be set up by other means.
|
yuuji@0
|
478
|
yuuji@0
|
479 The default is zero (shared namespaces are automatic).
|
yuuji@0
|
480
|
yuuji@0
|
481 31) set advertise-the-world <number>
|
yuuji@0
|
482 Include the UNIX root as a shared namespace. This is generally a bad
|
yuuji@0
|
483 idea, since certain IMAP clients (names withheld to protect the guilty)
|
yuuji@0
|
484 will take this as license to download the entire filesystem tree.
|
yuuji@0
|
485
|
yuuji@0
|
486 The default is zero (don't advertise the world).
|
yuuji@0
|
487
|
yuuji@0
|
488 32) set mail-subdirectory <subdirectory name>
|
yuuji@0
|
489 Change the default connected directory from the user's home directory
|
yuuji@0
|
490 to the named subdirectory of the user's home directory. For example,
|
yuuji@0
|
491 setting MAILSUBDIR="mail" will cause the POP2 and IMAP servers to
|
yuuji@0
|
492 connect to the user's ~/mail subdirectory. This is equivalent to
|
yuuji@0
|
493 the env_unix.c edit described in Example 2 of the CONFIG file.
|
yuuji@0
|
494
|
yuuji@0
|
495 Note that if the subdirectory does not exist, the result is undefined.
|
yuuji@0
|
496 It is probably an extremely bad idea to set this unless you can
|
yuuji@0
|
497 guarantee that the subdirectory exists for all users. If you can not
|
yuuji@0
|
498 guarantee this, then you should leave the default as the user's home
|
yuuji@0
|
499 directory and allow them to configure a personal default in their IMAP
|
yuuji@0
|
500 client.
|
yuuji@0
|
501
|
yuuji@0
|
502 The default is not to use any subdirectory.
|
yuuji@0
|
503
|
yuuji@0
|
504 33) set allow-user-config <number>
|
yuuji@0
|
505 Allow users to use ~/.imaprc and ~/.mminit files.
|
yuuji@0
|
506
|
yuuji@0
|
507 The default is zero (don't allow user config files).
|
yuuji@0
|
508
|
yuuji@0
|
509 34) set allow-reverse-dns <number>
|
yuuji@0
|
510 By default, the servers (ipop[23]d and imapd) will do gethostbyaddr()
|
yuuji@0
|
511 on the local and remote sockets so that imapd can identify itself
|
yuuji@0
|
512 properly (this is important when the same CPU hosts multiple virtual
|
yuuji@0
|
513 hosts on different IP addresss) and also includes the client's name
|
yuuji@0
|
514 when it writes to the syslog. There are also client gethostbyaddr()
|
yuuji@0
|
515 calls, used primarily by authentication mechanisms.
|
yuuji@0
|
516
|
yuuji@0
|
517 Setting this option to zero disables all gethostbyaddr() calls. The
|
yuuji@0
|
518 returned "host name" string for the socket is just the bracketed
|
yuuji@0
|
519 [12.34.56.78] form, as if the reverse DNS lookup failed.
|
yuuji@0
|
520
|
yuuji@0
|
521 WARNING: Some authentication mechanisms, e.g. Kerberos V, depend upon
|
yuuji@0
|
522 the host names being right, and if you set this option, it won't work.
|
yuuji@0
|
523
|
yuuji@0
|
524 You should only do this if you are encountering server performance
|
yuuji@0
|
525 problems due to a misconfigured DNS, e.g. long startup delays or
|
yuuji@0
|
526 client timeouts.
|
yuuji@0
|
527
|
yuuji@0
|
528 The default is non-zero (allow reverse DNS).
|
yuuji@0
|
529
|
yuuji@0
|
530 35) set disable-plaintext <number>
|
yuuji@0
|
531 Disable plaintext password authentication (LOGIN command, AUTH=LOGIN,
|
yuuji@0
|
532 and AUTH=PLAIN).
|
yuuji@0
|
533
|
yuuji@0
|
534 The default is zero (allow plaintext authentication).
|
yuuji@0
|
535
|
yuuji@0
|
536 36) set trust-dns <number>
|
yuuji@0
|
537 By default, host names are canonicalized via gethostbyname() for
|
yuuji@0
|
538 everything except for SSL certificate validation.
|
yuuji@0
|
539
|
yuuji@0
|
540 This can represent a security bug due to DNS spoofing, but is more
|
yuuji@0
|
541 likely to deliver results that users expect. It also may be necessary
|
yuuji@0
|
542 for SASL authentication to work right (e.g. generating a correct name
|
yuuji@0
|
543 for a Kerberos service principal) if the name entered by the user is a
|
yuuji@0
|
544 CNAME or not a fully-qualified domain name.
|
yuuji@0
|
545
|
yuuji@0
|
546 If trust-dns is set to zero, no host name canonicalization is done.
|
yuuji@0
|
547 The user's actual entered name is used for SASL authentication and
|
yuuji@0
|
548 will appear in the mailbox name of the open stream.
|
yuuji@0
|
549
|
yuuji@0
|
550 The default is non-zero (do DNS canonicalization).
|
yuuji@0
|
551
|
yuuji@0
|
552 37) set sasl-uses-ptr-name <number>
|
yuuji@0
|
553 By default, if trust-dns is set, the host names used in authentication
|
yuuji@0
|
554 (e.g. to generate a Kerberos service principal) are canonicalized via
|
yuuji@0
|
555 gethostbyaddr() instead of by gethostbyname(). If gethostbyaddr()
|
yuuji@0
|
556 fails the gethostbyname() canonicalization is used.
|
yuuji@0
|
557
|
yuuji@0
|
558 This represents an additional security bug due to DNS spoofing, over and
|
yuuji@0
|
559 above trust-dns. It also adds an additional DNS query to starting a
|
yuuji@0
|
560 session.
|
yuuji@0
|
561
|
yuuji@0
|
562 It is necessary for sites which implement a server cluster with multiple
|
yuuji@0
|
563 A records for a cluster name (instead of a CNAME) but each cluster
|
yuuji@0
|
564 member has a unique PTR record which it expects for a Kerberos service
|
yuuji@0
|
565 principal.
|
yuuji@0
|
566
|
yuuji@0
|
567 If sasl-uses-ptr-name is set to zero and trust-dns is set non-zero, the
|
yuuji@0
|
568 gethostbyname() canonicalized name is used for SASL authentication.
|
yuuji@0
|
569
|
yuuji@0
|
570 The setting of sasl-uses-ptr-name is irrelevant if trust-dns is set to
|
yuuji@0
|
571 zero.
|
yuuji@0
|
572
|
yuuji@0
|
573 The default is non-zero (use name from PTR record for SASL).
|
yuuji@0
|
574
|
yuuji@0
|
575 38) set network-filesystem-stat-bug <number>
|
yuuji@0
|
576 By default, traditional UNIX mailbox files are only closed and reopened
|
yuuji@0
|
577 at checkpoint and expunge time. This ensures that, prior to rewriting
|
yuuji@0
|
578 the file, that any cached stat() data from a network filesystem is
|
yuuji@0
|
579 updated with current data.
|
yuuji@0
|
580
|
yuuji@0
|
581 Very old versions of NFS, and reputedly also AFS, can get into a state
|
yuuji@0
|
582 in which the cached stat() data stays out-of-date, even across a
|
yuuji@0
|
583 close and reopen of the file.
|
yuuji@0
|
584
|
yuuji@0
|
585 If network-filesystem-stat-bug is set non-zero, then the mailbox file
|
yuuji@0
|
586 is closed and reopened at ping time as a workaround for this bug in
|
yuuji@0
|
587 these network filesystems. This means that in imapd, the mailbox
|
yuuji@0
|
588 file is closed and reopened for every IMAP command. This is obviously
|
yuuji@0
|
589 something that should be avoided unless absolutely necessary.
|
yuuji@0
|
590
|
yuuji@0
|
591 NFS and AFS are terrible ways to distribute mail. You use use IMAP
|
yuuji@0
|
592 servers with a local disk instead.
|
yuuji@0
|
593
|
yuuji@0
|
594 The default is zero (only close/reopen at checkpoint and expunge time).
|
yuuji@0
|
595
|
yuuji@0
|
596 Setting this option is a great way to ruin your system's performance.
|
yuuji@0
|
597
|
yuuji@0
|
598 39) set restrict-mailbox-access <option> <option> ... <option>
|
yuuji@0
|
599 This option is for closed server systems only. It is less extreme
|
yuuji@0
|
600 than chroot-server, and allows selective restriction of what mailbox
|
yuuji@0
|
601 named users can use. The existing options are:
|
yuuji@0
|
602 root access not permitted to names starting with "/"
|
yuuji@0
|
603 otherusers access not permitted to other users' names; this should
|
yuuji@0
|
604 normally be used in conjunction with "root", otherwise
|
yuuji@0
|
605 another user's names can be accessed via a root name.
|
yuuji@0
|
606 all all of the above
|
yuuji@0
|
607 Setting any combination of options also disables access to superior
|
yuuji@0
|
608 directories via "..".
|
yuuji@0
|
609
|
yuuji@0
|
610 This should be done ONLY on systems which do not permit users to
|
yuuji@0
|
611 have shell access
|
yuuji@0
|
612
|
yuuji@0
|
613 The default is no restrictions.
|