From bcdf6f7287a48dcf6d74e0b4bf28ffc7905065c5 Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Thu, 1 Aug 2024 14:35:57 +0000
Subject: automatic import of dovecot

---
 dovecot-2.0-defaultconfig.patch | 42 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 dovecot-2.0-defaultconfig.patch

(limited to 'dovecot-2.0-defaultconfig.patch')

diff --git a/dovecot-2.0-defaultconfig.patch b/dovecot-2.0-defaultconfig.patch
new file mode 100644
index 0000000..21f00ec
--- /dev/null
+++ b/dovecot-2.0-defaultconfig.patch
@@ -0,0 +1,42 @@
+diff -up dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf.default-settings dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf
+--- dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf.default-settings	2021-08-06 11:25:51.000000000 +0200
++++ dovecot-2.3.16/doc/example-config/conf.d/10-mail.conf	2021-10-27 11:13:45.666956339 +0200
+@@ -175,7 +175,7 @@ namespace inbox {
+ # to make sure that users can't log in as daemons or other system users.
+ # Note that denying root logins is hardcoded to dovecot binary and can't
+ # be done even if first_valid_uid is set to 0.
+-#first_valid_uid = 500
++first_valid_uid = 1000
+ #last_valid_uid = 0
+ 
+ # Valid GID range for users, defaults to non-root/wheel. Users having
+@@ -322,6 +322,7 @@ protocol !indexer-worker {
+ # them simultaneously.
+ #mbox_read_locks = fcntl
+ #mbox_write_locks = dotlock fcntl
++mbox_write_locks = fcntl
+ 
+ # Maximum time to wait for lock (all of them) before aborting.
+ #mbox_lock_timeout = 5 mins
+diff -up dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf.default-settings dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf
+--- dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf.default-settings	2021-08-06 11:25:51.000000000 +0200
++++ dovecot-2.3.16/doc/example-config/conf.d/10-ssl.conf	2021-10-27 11:13:02.834533975 +0200
+@@ -3,7 +3,9 @@
+ ##
+ 
+ # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
+-#ssl = yes
++# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
++# plain imap and pop3 are still allowed for local connections
++ssl = required
+ 
+ # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+ # dropping root privileges, so keep the key file unreadable by anyone but
+@@ -64,6 +66,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
+ #ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+ # To disable non-EC DH, use:
+ #ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
++ssl_cipher_list = PROFILE=SYSTEM
+ 
+ # Colon separated list of elliptic curves to use. Empty value (the default)
+ # means use the defaults from the SSL library. P-521:P-384:P-256 would be an
-- 
cgit v1.2.3