# Freeze configuration syntax.
dovecot_config_version = 2.4.0

# Freeze storage file format version.
dovecot_storage_version = 2.4.0

# Protocols we want to be serving.
protocols = imap pop3 lmtp

# Path to the mail directory.
mail_home = /var/mail/%{user | domain}/%{user | username}
mail_path = ~/Maildir
mail_driver = maildir

# Path to SSL certificate files.
ssl_server_cert_file = /etc/letsencrypt/live/mail.ilvokhin.com/fullchain.pem
ssl_server_key_file = /etc/letsencrypt/live/mail.ilvokhin.com/privkey.pem

# Disable plaintext authentication, only SSL is allowed.
auth_allow_cleartext = no

service auth {
    # Postfix smtp-auth.
    unix_listener /var/spool/postfix/private/auth {
        mode = 0666
        user = postfix
        group = postfix
    }
}

service lmtp {
    unix_listener /var/spool/postfix/private/dovecot-lmtp {
        mode = 0600
        user = postfix
        group = postfix
    }
}

service imap-login {
    # Do not listen for plain IMAP.
    inet_listener imap {
        port = 0
    }
}

service pop3-login {
    # Do not listen for plain POP3.
    inet_listener pop3 {
        port = 0
    }
}

namespace inbox {
    inbox = yes
    separator = /

    # Create usual mail hierarchy.
    mailbox Sent {
        auto = subscribe
        special_use = \Sent
    }

    mailbox Drafts {
        auto = subscribe
        special_use = \Drafts
    }

    mailbox Trash {
        auto = subscribe
        special_use = \Trash
    }

    mailbox Junk {
        auto = subscribe
        special_use = \Junk
    }
}

# Use separate passwd file for storing passwords.
passdb passwd-file {
    default_password_scheme = SHA512-CRYPT
    auth_username_format = %{user}
    passwd_file_path = /etc/dovecot/passwd
}

# Use the same separate passwd file for user lookup.
userdb static {
    auth_username_format = %{user}
    passwd_file_path = /etc/dovecot/passwd
    fields {
        uid = vmail
        gid = vmail
    }
}