1IMAPD.CONF(5)                     Cyrus IMAP                     IMAPD.CONF(5)
2
3
4

NAME

6       imapd.conf - Cyrus IMAP documentation
7
8       IMAP configuration file
9

DESCRIPTION

11          /etc/imapd.conf is the configuration file for the Cyrus IMAP server.
12          It defines local parameters for IMAP.
13
14          Each line of the /etc/imapd.conf file has the form
15                 option: value
16
17          where option is the name of the configuration option being  set  and
18          value is the value that the configuration option is being set to.
19
20          Although  there  is no limit to the length of a line, a ``\'' (back‐
21          slash) character may be used as the last  character  on  a  line  to
22          force  it  to continue on the next one.  No additional whitespace is
23          inserted before or after the ``\''.  Note that a line that is  split
24          using ``\'' character(s) is still considered a single line.
25
26          For example
27                 option:\
28                     value1 value2 \
29                        value3
30
31          is equivalent to
32                 option: value1 value2   value3
33
34          Blank lines and lines beginning with ``#'' are ignored.
35
36          For  boolean  and  enumerated  options,  the values ``yes'', ``on'',
37          ``t'', ``true'' and ``1'' turn the option  on,  the  values  ``no'',
38          ``off'', ``f'', ``false'' and ``0'' turn the option off.
39

FIELD DESCRIPTIONS

41          The  sections  below  detail  options  that  can  be  placed  in the
42          /etc/imapd.conf file, and show each option's  default  value.   Some
43          options   have  no  default  value,  these  are  listed  with  ``<no
44          default>''.  Some options default to the  empty  string,  these  are
45          listed with ``<none>''.
46
47          addressbookprefix: #addressbooks
48              The prefix for the addressbook mailboxes hierarchies.  The hier‐
49              archy delimiter will  be  automatically  appended.   The  public
50              addressbook  hierarchy  will  be  at  the toplevel of the shared
51              namespace.  A user's personal addressbook hierarchy  will  be  a
52              child of their Inbox.
53
54          admins: <empty string>
55              The  list  of userids with administrative rights.  Separate each
56              userid with a space.  Sites using  Kerberos  authentication  may
57              use separate "admin" instances.
58
59              Note  that  accounts used by users should not be administrators.
60              Administrative accounts should not receive mail.   That  is,  if
61              user "jbRo" is a user reading mail, he should not also be in the
62              admins line.  Some problems may occur  otherwise,  most  notably
63              the ability of administrators to create top-level mailboxes vis‐
64              ible to users, but not writable by users.
65
66          afspts_localrealms: <none>
67              The list of realms which are to be treated as  local,  and  thus
68              stripped  during  identifier  canonicalization  (for  the AFSPTS
69              ptloader module).  This is different from loginrealms in that it
70              occurs  later  in  the  authorization process (as the user id is
71              canonified for PTS lookup)
72
73          afspts_mycell: <none>
74              Cell to use for AFS PTS lookups.  Defaults to the local cell.
75
76          allowallsubscribe: 0
77              Allow subscription to nonexistent  mailboxes.   This  option  is
78              typically  used on backend servers in a Murder so that users can
79              subscribe to mailboxes that don't reside on their "home" server.
80              This  option  can  also be used as a workaround for IMAP clients
81              which don't play well with nonexistent or unselectable mailboxes
82              (e.g., Microsoft Outlook).
83
84          allowanonymouslogin: 0
85              Permit  logins by the user "anonymous" using any password.  Also
86              allows use of the SASL ANONYMOUS mechanism.
87
88          allowapop: 1
89              Allow use of the POP3 APOP authentication command.
90
91              Note that this command requires that SASL is compiled with  APOP
92              support,  that  the  plaintext passwords are available in a SASL
93              auxprop backend (e.g., sasldb), and that the system can  provide
94              enough  entropy  (e.g., from /dev/urandom) to create a challenge
95              in the banner.
96
97          allownewnews: 0
98              Allow use of the NNTP NEWNEWS command.
99
100              Note that this is a very expensive command and  should  only  be
101              enabled when absolutely necessary.
102
103          allowplaintext: 0
104              If enabled, allows the use of cleartext passwords on the wire.
105
106              By  default,  the  use of cleartext passwords requires a TLS/SSL
107              encryption layer to be negotiated prior to any cleartext authen‐
108              tication  mechanisms  being advertised or allowed.  To require a
109              TLS/SSL encryption layer to be negotiated prior to ANY authenti‐
110              cation, see the tls_required option.
111
112          allowusermoves: 0
113              Allow  moving  user  accounts  (with  associated  meta-data) via
114              RENAME or XFER.
115
116              Note that measures should be taken to make sure  that  the  user
117              being  moved is not logged in, and cannot login during the move.
118              Failure to do so may result in the user's meta-data (seen state,
119              subscriptions, etc) being corrupted or out of date.
120
121          altnamespace: 1
122              Use  the alternate IMAP namespace, where personal folders reside
123              at the same level in the hierarchy as INBOX.
124
125              This option ONLY applies where interaction takes place with  the
126              client/user.   Currently  this  is  limited to the IMAP protocol
127              (imapd) and Sieve scripts (lmtpd).  This option does  NOT  apply
128              to admin tools such as cyradm (admins ONLY), reconstruct, quota,
129              etc., NOR does it affect LMTP delivery of messages  directly  to
130              mailboxes  via plus-addressing.  The default changed in 3.0 from
131              off to on.
132
133          altprefix: Alt Folders
134              Alternative INBOX spellings that can't be accessed in  altnames‐
135              pace otherwise go under here
136
137          annotation_db: twoskip
138              The cyrusdb backend to use for mailbox annotations.
139
140              Allowed values: skiplist, twoskip, lmdb
141
142          annotation_db_path: <none>
143              The absolute path to the annotations db file.  If not specified,
144              will be confdir/annotations.db
145
146          anyoneuseracl: 1
147              Should non-admin users be allowed to set ACLs for  the  'anyone'
148              user on their mailboxes?  In a large organization this can cause
149              support problems, but it's enabled by default.
150
151          annotation_allow_undefined: 0
152              Allow clients to store values for entries which are not  defined
153              either by Cyrus or in the annotations_definitions file.
154
155          annotation_definitions: <none>
156              File containing external (third-party) annotation definitions.
157
158              Each  line of the file specifies the properties of an annotation
159              and has the following form:
160                 name, scope, attrib-type, proxy-type, attrib-names, acl
161
162              name   is the hierarchical name as in RFC 5257 or RFC  5464  (in
163                     the  latter  case,  without  the leading /shared or /pri‐
164                     vate).  For example, /vendor/acme/blurdybloop.
165
166              scope  specifies whether the annotation is  for  the  server,  a
167                     mailbox, or a message.
168
169              attrib-type
170                        specifies  the attribute data type, which is used only
171                        to check the string value passed by clients when  set‐
172                        ting annotations.  The attrib-type is one of:
173
174                     string any value is accepted.
175
176                     content-type
177                            this  obsolete  data  type,  which  was useful for
178                            early drafts of  the  standard,  is  accepted  but
179                            silently translated to string.
180
181                     boolean
182                            only  the  strings "true" or "false" are accepted.
183                            Checking is  case-insensitive  but  the  value  is
184                            forced to lowercase.
185
186                     int    integers are accepted.
187
188                     uint   non-negative integers are accepted.
189
190              proxy-type
191                     specifies  whether  this  attribute is for the backend or
192                     proxy servers or both (proxy_and_backend)
193
194              attrib-names
195                     is the space-separated list of available  attributes  for
196                     the    annotation.    Possible    attribute   names   are
197                     value.shared, value.priv, and value (which  permits  both
198                     value.priv  and value.shared).  The attribute names size,
199                     size.shared, and  size.priv  are  accepted  but  ignored;
200                     these attributes are automatically provided by the server
201                     if the corresponding value attribute is specified.   Some
202                     obsolete  attributes,  which were defined early drafts of
203                     the standard, are accepted and ignored with a warning.
204
205              extra-permissions
206                     is the extra ACL permission  bits  required  for  setting
207                     this  annotation,  in  standard  IMAP  ACL permission bit
208                     string format.  Note that this is in addition to the per‐
209                     mission bits specified in RFC 5257 and RFC 5464, so leav‐
210                     ing this field empty is harmless.  Note also  that  there
211                     is  no  way to specify that an annotation can only be set
212                     by an admin user; in particular the a permission bit does
213                     not achieve this.
214
215                     Blank lines and lines beginning with ``#'' are ignored.
216
217          annotation_callout: <none>
218              The  pathname of a callout to be used to automatically add anno‐
219              tations or flags to a message when it is appended to a  mailbox.
220              The  path can be either an executable (including a script), or a
221              UNIX domain socket.
222
223          aps_topic: <none>
224              Topic for Apple Push Service registration.
225
226          aps_topic_caldav: <none>
227              Topic for Apple Push Service registration for CalDAV.
228
229          aps_topic_carddav: <none>
230              Topic for Apple Push Service registration for CardDAV.
231
232          archive_enabled: 0
233              Is archiving enabled for this server.  You also need to have  an
234              archivepartition  for the mailbox.  Archiving allows older email
235              to be stored on slower, cheaper disks -  even  within  the  same
236              mailbox, as distinct from partitions.
237
238          archive_days: 7
239              The  number  of days after which to move messages to the archive
240              partition if archiving is enabled
241
242          archive_maxsize: 1024
243              The size in kilobytes of  the  largest  message  that  won't  be
244              archived immediately.  Default is 1Mb
245
246          archive_keepflagged: 0
247              If  set,  messages  with  the  \Flagged  system  flag  won't  be
248              archived, provided they are smaller than archive_maxsize.
249
250          archivepartition-name: <none>
251              The pathname of the archive  partition  name,  corresponding  to
252              spool  partition  partition-name.  For any mailbox residing in a
253              directory on  partition-name,  the  archived  messages  will  be
254              stored  in  a  corresponding directory on archivepartition-name.
255              Note that not every partition-name option is  strictly  required
256              to  have  a corresponding archivepartition-name option, but that
257              without one there's no benefit to enabling archiving.
258
259          auditlog: 0
260              Should cyrus output log entries for every action taken on a mes‐
261              sage  file  or  mailboxes list entry?  It's noisy so disabled by
262              default, but can be very useful for tracking down what  happened
263              if things look strange
264
265          auth_mech: unix
266              The authorization mechanism to use.
267
268              Allowed values: unix, pts, krb, krb5
269
270          autocreateinboxfolders: <none>
271              Deprecated in favor of autocreate_inbox_folders.
272
273          autocreatequota: 0
274              Deprecated in favor of autocreate_quota.
275
276          autocreatequotamsg: -1
277              Deprecated in favor of autocreate_quota_messages.
278
279          autosievefolders: <none>
280              Deprecated in favor of autocreate_sieve_folders.
281
282          generate_compiled_sieve_script: 0
283              Deprecated in favor of autocreate_sieve_script_compile.
284
285          autocreate_sieve_compiled_script: <none>
286              Deprecated in favor of autocreate_sieve_script_compiled.
287
288          autosubscribeinboxfolders: <none>
289              Deprecated in favor of autocreate_subscribe_folders.
290
291          autosubscribesharedfolders: <none>
292              Deprecated in favor of autocreate_subscribe_sharedfolders.
293
294          autosubscribe_all_sharedfolders: 0
295              Deprecated in favor of autocreate_subscribe_sharedfolders_all.
296
297          autocreate_inbox_folders: <none>
298              If a user does not have an INBOX already, and the INBOX is to be
299              created, create the list of folders in  this  setting  as  well.
300              autocreate_inbox_folders  is  a list of INBOX's subfolders sepa‐
301              rated by a "|", that are automatically  created  by  the  server
302              under  the  following two scenarios. Leading and trailing white‐
303              space is stripped, so "Junk | Trash"  results  in  two  folders:
304              "Junk" and "Trash".  See also the xlist-flag option, for setting
305              special-use flags on autocreated folders.
306
307              INBOX folders are created under both the following conditions:
308
309              1. The user logins via the IMAP or the POP3 protocol.   autocre‐
310                 ate_quota option must have a value of zero or greater.
311
312              2. A   message  arrives  for  the  user  through  the  lmtpd(8).
313                 autocreate_post option must be enabled.
314
315          autocreate_post: 0
316              If enabled, when lmtpd(8) receives an incoming mail for an INBOX
317              that  does not exist, then the INBOX is automatically created by
318              lmtpd(8) and delivery of the message continues.
319
320          autocreate_quota: -1
321              If set to a value of zero or  higher,  users  have  their  INBOX
322              folders  created  upon a successful login event or upon lmtpd(8)
323              message delivery if autocreate_post is enabled,  provided  their
324              INBOX did not yet already exist.
325
326              The user's quota is set to the value if it is greater than zero,
327              otherwise the user has unlimited quota.
328
329              Note that quota is specified in kilobytes.
330
331          autocreate_quota_messages: -1
332              If set to a value of zero or higher, users who have their  INBOX
333              folders  created  upon  a  successful  login event (see autocre‐
334              ate_quota), or upon lmtpd(8) message delivery if autocreate_post
335              is enabled, receive the message quota configured in this option.
336
337              The default of -1 disables assigning message quota.
338
339              For  consistency  with  autocreate_quota,  a  value  of  zero is
340              treated as unlimited message quota, rather than a message  quota
341              of zero.
342
343          autocreate_sieve_folders: <none>
344              A  "|"  separated list of subfolders of INBOX that will be auto‐
345              matically created, if requested by a sieve filter,  through  the
346              "fileinto" action. The default is to create no folders automati‐
347              cally.
348
349              Leading and trailing whitespace is stripped from each folder, so
350              a  setting of "Junk | Trash" will create two folders: "Junk" and
351              "Trash".
352
353          autocreate_sieve_script: <none>
354              The full path of a file  that  contains  a  sieve  script.  This
355              script automatically becomes a user's initial default sieve fil‐
356              ter script.
357
358              When this option is not defined, no default sieve filter is cre‐
359              ated.  The file must be readable by the Cyrus daemon.
360
361          autocreate_sieve_script_compile: 0
362              If  set  to  yes  and  no compiled sieve script file exists, the
363              sieve script which is compiled on the fly will be saved  in  the
364              file name that autocreate_sieve_compiledscript option points to.
365              In  order  a  compiled  script   to   be   generated,   autocre‐
366              ate_sieve_script  and  autocreate_sieve_compiledscript must have
367              valid values
368
369          autocreate_sieve_script_compiled: <none>
370              The full path of a file that contains  a  compiled  in  bytecode
371              sieve script. This script automatically becomes a user's initial
372              default sieve filter script.  If this option is  not  specified,
373              or  the  filename  doesn't  exist  then  the  script  defined by
374              autocreate_sieve_script is compiled on the fly and installed  as
375              the user's default sieve script
376
377          autocreate_subscribe_folders: <none>
378              A  list  of  folder  names, separated by "|", that the users get
379              automatically subscribed to, when their INBOX is created.  These
380              folder names must have been included in the autocreateinboxfold‐
381              ers option of the imapd.conf.
382
383          autocreate_subscribe_sharedfolders: <none>
384              A list of shared folders (bulletin boards),  separated  by  "|",
385              that  the  users  get  automatically  subscribed to, after their
386              INBOX is created. The shared folder must have been  created  and
387              the user must have the required permissions to get subscribed to
388              it. Otherwise, subscribing to the shared folder fails.
389
390          autocreate_subscribe_sharedfolders_all: 0
391              If set to yes, the  user  is  automatically  subscribed  to  all
392              shared folders, one has permission to subscribe to.
393
394          autocreate_users: anyone
395              A  space  separated list of users and/or groups that are allowed
396              their INBOX to be automatically created.
397
398          backuppartition-name: <none>
399              The pathname of the backup partition name.  At least one  backup
400              partition  pathname  MUST  be  specified  if backups are in use.
401              Note that there is no relationship between spool partitions  and
402              backup partitions.
403
404          backup_compact_minsize: 0
405              The  minimum  size  in  kilobytes of chunks in each backup.  The
406              compact tool will  try  to  combine  adjacent  chunks  that  are
407              smaller than this.
408
409              Setting  this  value  to  zero or negative disables combining of
410              chunks.
411
412          backup_compact_maxsize: 0
413              The maximum size in kilobytes of chunks  in  each  backup.   The
414              compact  tool  will  try  to  split chunks larger than this into
415              smaller chunks.
416
417              Setting this value to zero or  negative  disables  splitting  of
418              chunks.
419
420          backup_compact_work_threshold: 1
421              The  number of chunks that must obviously need compaction before
422              the compact tool will go ahead with the compaction.  If  set  to
423              less than one, the value is treated as being one.
424
425          backup_staging_path: <none>
426              The absolute path of the backup staging area.  If not specified,
427              will be temp_path/backup
428
429          backup_retention_days: 7
430              The number of days to keep content in backup after it  has  been
431              deleted  from  the  source.  If set to a negative value or zero,
432              deleted content will be kept indefinitely.
433
434          backup_db: twoskip
435              The cyrusdb backend to use for the backup locations database.
436
437              Allowed values: skiplist, sql, twoskip, lmdb
438
439          backup_db_path: <none>
440              The absolute path to the backup db file.  If not specified, will
441              be confdir/backups.db
442
443          backup_keep_previous: 0
444              Whether the ctl_backups compact and ctl_backups reindex commands
445              should preserve the original file.  The original  file  will  be
446              named  with  a  timestamped  suffix.   This is mostly useful for
447              debugging.
448
449              Note that with this enabled, compacting a backup  will  actually
450              increase the disk used by it (because there will now be an extra
451              copy: the original version, and the compacted version).
452
453          boundary_limit: 1000
454              messages are parsed recursively and a deep enough MIME structure
455              can  cause a stack overflow.  Do not parse deeper than this many
456              layers of MIME structure.  The default of 1000  is  much  higher
457              than any sane message should have.
458
459          caldav_allowattach: 1
460              Enable managed attachments support on the caldav server.
461
462          caldav_allowscheduling: on
463              Enable  calendar  scheduling  operations. If set to "apple", the
464              server will emulate Apple CalendarServer behavior as closely  as
465              possible.  Allowed values: off, on, apple
466
467          caldav_create_attach: 1
468              Create the 'Attachments' calendar if it doesn't already exist
469
470          caldav_create_default: 1
471              Create the 'Default' calendar if it doesn't already exist
472
473          caldav_create_sched: 1
474              Create  the 'Inbox' and 'Outbox' calendars if they don't already
475              exist
476
477          caldav_maxdatetime: 20380119T031407Z
478              The latest date and time accepted by the  server  (ISO  format).
479              This value is also used for expanding non-terminating recurrence
480              rules.
481
482              Note that increasing this value will require the  DAV  databases
483              for calendars to be reconstructed with the dav_reconstruct util‐
484              ity in order to see its effect on serer-side time-based queries.
485
486          caldav_mindatetime: 19011213T204552Z
487              The earliest date and time accepted by the server (ISO format).
488
489          caldav_realm: <none>
490              The  realm  to  present  for  HTTP  authentication   of   CalDAV
491              resources.   If not set (the default), the value of the "server‐
492              name" option will be used.
493
494          calendarprefix: #calendars
495              The prefix for the calendar mailboxes hierarchies.  The  hierar‐
496              chy delimiter will be automatically appended.  The public calen‐
497              dar hierarchy will be at the toplevel of the  shared  namespace.
498              A  user's  personal  calendar hierarchy will be a child of their
499              Inbox.
500
501          calendar_user_address_set: <none>
502              Space-separated list of domains corresponding to  calendar  user
503              addresses  for which the server is responsible.  If not set (the
504              default), the value of the "servername" option will be used.
505
506          carddav_realm: <none>
507              The  realm  to  present  for  HTTP  authentication  of   CardDAV
508              resources.   If not set (the default), the value of the "server‐
509              name" option will be used.
510
511          carddav_repair_vcard: 0
512              If enabled, VCARDs with invalid  content  are  attempted  to  be
513              repaired during creation.
514
515          chatty: 0
516              If  yes,  syslog tags and commands for every IMAP command, mail‐
517              boxes for every lmtp connection, every POP3 command, etc
518
519          client_bind: 0
520              If enabled, a specific IP will be bound when performing a client
521              connection.   client_bind_name  is  used if it is set, otherwise
522              servername is used.  This is useful on multi-homed servers where
523              Cyrus should not use other services' interfaces.
524
525              If not enabled (the default), no bind will be performed.  Client
526              connections will use an IP chosen by the operating system.
527
528          client_bind_name: <none>
529              IPv4, IPv6 address or hostname to bind  for  client  connections
530              when  client_bind is enabled.  If not set (the default), server‐
531              name will be used.
532
533          client_timeout: 10
534              Number of seconds to wait before  returning  a  timeout  failure
535              when  performing a client connection (e.g., in a murder environ‐
536              ment)
537
538          commandmintimer: <none>
539              Time in seconds. Any imap command that takes  longer  than  this
540              time is logged.
541
542          configdirectory: <none>
543              The pathname of the IMAP configuration directory.  This field is
544              required.
545
546          createonpost: 0
547              Deprecated in favor of autocreate_post.
548
549          conversations: 0
550              Enable  the  XCONVERSATIONS  extensions.   Extract  conversation
551              tracking  information  from  incoming messages and track them in
552              per-user databases.
553
554          conversations_counted_flags: <none>
555              space-separated list of flags for which per-conversation  counts
556              will  be  kept.  Note that you need to reconstruct the conversa‐
557              tions database  with  ctl_conversationsdb  if  you  change  this
558              option on a running server, or the counts will be wrong.
559
560          conversations_db: skiplist
561              The  cyrusdb backend to use for the per-user conversations data‐
562              base.
563
564              Allowed values: skiplist, sql, twoskip, lmdb
565
566          conversations_expire_days: 90
567              How long the conversations database keeps the  message  tracking
568              information  needed  for receiving new messages in existing con‐
569              versations, in days.
570
571          crossdomains: 0
572              Enable cross domain sharing.  This works best with alt namespace
573              and   unix   hierarchy   separators   on,   so   you  get  Other
574              Users/foo@example.com/...
575
576          crossdomains_onlyother: 0
577              only show the domain for users in other domains  than  your  own
578              (for backwards compatibility if you're already sharing
579
580          cyrus_user: <none>
581              The username to use as the 'cyrus' user.  If not configured, the
582              compile time default will be used. Can be further overridden  by
583              setting the $CYRUS_USER environment variable.
584
585          davdriveprefix: #drive
586              The prefix for the DAV storage mailboxes hierarchies.  The hier‐
587              archy delimiter will  be  automatically  appended.   The  public
588              storage  hierarchy  will be at the toplevel of the shared names‐
589              pace.  A user's personal storage hierarchy will be  a  child  of
590              their Inbox.
591
592          davnotificationsprefix: #notifications
593              The  prefix  for the DAV notifications hierarchy.  The hierarchy
594              delimiter will be automatically appended.  The public  notifica‐
595              tions hierarchy will be at the toplevel of the shared namespace.
596              A user's personal notifications hierarchy will  be  a  child  of
597              their Inbox.
598
599          dav_realm: <none>
600              The  realm  to  present  for  HTTP authentication of generic DAV
601              resources (principals).  If not set (the default), the value  of
602              the "servername" option will be used.
603
604          debug_command: <none>
605              Debug  command  to  be used by processes started with -D option.
606              The string is a C format string that gets 3 options:  the  first
607              is the name of the executable (without path).  The second is the
608              pid (integer)  and  the  third  is  the  service  ID.   Example:
609              /usr/local/bin/gdb /usr/cyrus/bin/%s %d
610
611          defaultacl: anyone lrs
612              The   Access  Control  List  (ACL)  placed  on  a  newly-created
613              (non-user) mailbox that does not have a parent mailbox.
614
615          defaultdomain: internal
616              The default domain for virtual domain support
617
618          defaultpartition: <none>
619              The partition name used by default for new  mailboxes.   If  not
620              specified,  the  partition with the most free space will be used
621              for new mailboxes.
622
623              Note that the partition specified by this option  must  also  be
624              specified as partition-name, where you substitute 'name' for the
625              alphanumeric string you set defaultpartition to.
626
627          defaultsearchtier: <empty string>
628              Name of the default tier  that  messages  will  be  indexed  to.
629              Search  indexes can be organized in tiers to allow index storage
630              in different directories and physical media. See the man page of
631              squatter  for details. The default search tier also requires the
632              definition of an according searchtierpartition-name entry.
633
634              This option MUST be specified for xapian search.
635
636          defaultserver: <none>
637              The backend server name used by default for new  mailboxes.   If
638              not  specified, the server with the most free space will be used
639              for new mailboxes.
640
641          deletedprefix: DELETED
642              With delete_mode  set  to  delayed,  the  deletedprefix  setting
643              defines the prefix for the hierarchy of deleted mailboxes.
644
645              The hierarchy delimiter will be automatically appended.
646
647          delete_mode: delayed
648              The  manner  in  which  mailboxes  are  deleted.  In the default
649              delayed mode, mailboxes that are being deleted are renamed to  a
650              special mailbox hierarchy under the deletedprefix, to be removed
651              later by cyr_expire(8).
652
653              In immediate mode, the mailbox is removed  from  the  filesystem
654              immediately.
655
656              Allowed values: immediate, delayed
657
658          delete_unsubscribe: 0
659              Whether  to  also  unsubscribe  from  mailboxes  when  they  are
660              deleted.  Note that this behaviour contravenes RFC 3501  section
661              6.3.9,  but may be useful for avoiding user/client software con‐
662              fusion.  The default is 'no'.
663
664          deleteright: c
665              Deprecated - only used for backwards compatibility with existing
666              installations.   Lists  the old RFC 2086 right which was used to
667              grant the user the ability to delete a mailbox.  If a  user  has
668              this right, they will automatically be given the new 'x' right.
669
670          disable_user_namespace: 0
671              Preclude  list  command on user namespace.  If set to 'yes', the
672              LIST response will  never  include  any  other  user's  mailbox.
673              Admin users will always see all mailboxes.  The default is 'no'
674
675          disable_shared_namespace: 0
676              Preclude list command on shared namespace.  If set to 'yes', the
677              LIST response will never include any non-user mailboxes.   Admin
678              users will always see all mailboxes.  The default is 'no'
679
680          disconnect_on_vanished_mailbox: 0
681              If  enabled,  IMAP/POP3/NNTP clients will be disconnected by the
682              server if the currently selected mailbox is (re)moved by another
683              session.   Otherwise,  the  missing  mailbox is treated as empty
684              while in use by the client.
685
686          ischedule_dkim_domain: <none>
687              The domain to be reported as doing iSchedule DKIM signing.
688
689          ischedule_dkim_key_file: <none>
690              File containing the private key for iSchedule DKIM signing.
691
692          ischedule_dkim_selector: <none>
693              Name of the selector subdividing  the  domain  namespace.   This
694              specifies  the actual key used for iSchedule DKIM signing within
695              the domain.
696
697          duplicate_db: twoskip
698              The cyrusdb backend to use for the duplicate  delivery  suppres‐
699              sion and sieve.  Allowed values: skiplist, sql, twoskip, lmdb
700
701          duplicate_db_path: <none>
702              The  absolute  path to the duplicate db file.  If not specified,
703              will be confdir/deliver.db
704
705          duplicatesuppression: 1
706              If enabled, lmtpd will suppress delivery of a message to a mail‐
707              box if a message with the same message-id (or resent-message-id)
708              is recorded as having already been  delivered  to  the  mailbox.
709              Records the mailbox and message-id/resent-message-id of all suc‐
710              cessful deliveries.
711
712          event_content_inclusion_mode: standard
713              The mode in which message content  may  be  included  with  Mes‐
714              sageAppend and MessageNew. "standard" mode is the default behav‐
715              ior in which message is included up to a size with the notifica‐
716              tion.  In  "message"  mode,  the  message is included and may be
717              truncated to a size. In "header" mode, it includes headers trun‐
718              cated to a size. In "body" mode, it includes body truncated to a
719              size. In "headerbody" mode, it includes full  headers  and  body
720              truncated  to  a size Allowed values: standard, message, header,
721              body, headerbody
722
723          event_content_size: 0
724              Truncate the message content that  may  be  included  with  Mes‐
725              sageAppend  and  MessageNew. Set 0 to include the entire message
726              itself
727
728          event_exclude_flags: <none>
729              Don't send event notification for given IMAP flag(s)
730
731          event_exclude_specialuse: \Junk
732              Don't send event notification for folder with given  special-use
733              attributes.  Set ALL for any folder
734
735          event_extra_params: timestamp
736              Space-separated list of extra parameters to add to any appropri‐
737              ated event.
738
739              Allowed   values:   bodyStructure,   clientAddress,    diskUsed,
740              flagNames,  messageContent,  messageSize, messages, modseq, ser‐
741              vice,  timestamp,  uidnext,  vnd.cmu.midset,  vnd.cmu.unseenMes‐
742              sages,  vnd.cmu.envelope, vnd.cmu.sessionId, vnd.cmu.mailboxACL,
743              vnd.cmu.mbtype, vnd.cmu.davFilename,  vnd.cmu.davUid,  vnd.fast‐
744              mail.clientId,  vnd.fastmail.sessionId, vnd.fastmail.convExists,
745              vnd.fastmail.convUnseen, vnd.fastmail.cid, vnd.fastmail.counters
746
747          event_groups: message mailbox
748              Space-separated list of groups of  related  events  to  turn  on
749              notification
750
751              Allowed  values:  message,  quota,  flags, access, mailbox, sub‐
752              scription, calendar, applepushservice
753
754          event_notifier: <none>
755              Notifyd(8) method to use for  "EVENT"  notifications  which  are
756              based  on  the  RFC 5423.  If not set, "EVENT" notifications are
757              disabled.
758
759          expunge_mode: delayed
760              The mode  in  which  messages  (and  their  corresponding  cache
761              entries)  are  expunged.   "default" mode is the old behavior in
762              which the message files are purged at the time of  the  EXPUNGE,
763              but  index and cache records are retained to facilitate QRESYNC.
764              (Note that this behaviour is no longer the default,  but  is  so
765              named  for historical reasons.)  In "delayed" mode, which is the
766              default since Cyrus 2.5.0, the message files are also  retained,
767              allowing  unexpunge  to  rescue them.  In "immediate" mode, both
768              the message files and the index records are removed as  soon  as
769              possible.   In  all  cases, nothing will be finally purged until
770              all other processes have closed the mailbox to ensure they never
771              see  data disappear under them.  In "default" or "delayed" mode,
772              a later run of "cyr_expire" will clean out the retained  records
773              (and  possibly  message  files).  This reduces the amount of I/O
774              that takes place at the time of EXPUNGE  and  should  result  in
775              greater responsiveness for the client, especially when expunging
776              a large number of messages.  Allowed values: default, immediate,
777              delayed
778
779          failedloginpause: 3
780              Number of seconds to pause after a failed login.
781
782          flushseenstate: 1
783              Deprecated. No longer used
784
785          foolstupidclients: 0
786              If  enabled, only list the personal namespace when a LIST "*" is
787              performed (it changes the request to a LIST "INBOX*").
788
789          force_sasl_client_mech: <none>
790              Force preference of a given SASL mechanism for client side oper‐
791              ations  (e.g., murder environments).  This is separate from (and
792              overridden by) the ability to  use  the  <host  shortname>_mechs
793              option to set preferred mechanisms for a specific host
794
795          fulldirhash: 0
796              If  enabled,  uses  an  improved  directory hashing scheme which
797              hashes on the entire username instead of using  just  the  first
798              letter  as the hash.  This changes hash algorithm used for quota
799              and user directories and if hashimapspool is enabled, the entire
800              mail spool.
801
802              Note  that  this option CANNOT be changed on a live system.  The
803              server must be quiesced and then the directories moved with  the
804              rehash utility.
805
806          hashimapspool: 0
807              If  enabled,  the partitions will also be hashed, in addition to
808              the hashing done on configuration directories.  This  is  recom‐
809              mended if one partition has a very bushy mailbox tree.
810
811          debug: 0
812              If enabled, allow syslog() to pass LOG_DEBUG messages.
813
814          hostname_mechs: <none>
815              Force  a  particular  list  of  SASL  mechanisms to be used when
816              authenticating to the backend server hostname (where hostname is
817              the  short  hostname  of  the  server in question). If it is not
818              specified it will query the server for available mechanisms  and
819              pick one to use. - Cyrus Murder
820
821          hostname_password: <none>
822              The  password  to  use  for authentication to the backend server
823              hostname (where hostname is the short hostname of the server)  -
824              Cyrus Murder
825
826          httpallowcompress: 1
827              If  enabled,  the  server will compress response payloads if the
828              client indicates that it can accept them.  Note  that  the  com‐
829              pressed  data  will  appear  in telemetry logs, leaving only the
830              response headers as human-readable.
831
832          httpallowcors: <none>
833              A wildmat pattern specifying a list  of  origin  URIs  (  scheme
834              "://"  host [ ":" port ] ) that are allowed to make Cross-Origin
835              Resource Sharing (CORS) requests on  the  server.   By  default,
836              CORS requests are disabled.
837
838              Note that the scheme and host should both be lowercase, the port
839              should be omitted if using the default for the  scheme  (80  for
840              http, 443 for https), and there should be no trailing '/' (e.g.:
841              "http://www.example.com:8080", "https://example.org").
842
843          httpallowtrace: 0
844              Allow use of the TRACE method.
845
846              Note that sensitive data might be disclosed by the response.
847
848          httpallowedurls: <none>
849              Space-separated list of relative URLs (paths) rooted  at  "http‐
850              docroot" (see below) to be served by httpd.  If set, this option
851              will limit served static content to only those  paths  specified
852              (returning  "404 Not Found" to any other client requested URLs).
853              Otherwise, httpd will serve any content found in "httpdocroot".
854
855              Note that any path specified by  "rss_feedlist_template"  is  an
856              exception to this rule.
857
858          httpcontentmd5: 0
859              If enabled, HTTP responses will include a Content-MD5 header for
860              the purpose of providing an end-to-end message  integrity  check
861              (MIC)  of the payload body.  Note that enabling this option will
862              use additional CPU to generate the  MD5  digest,  which  may  be
863              ignored by clients anyways.
864
865          httpdocroot: <none>
866              If  set,  http will serve the static content (html/text/jpeg/gif
867              files, etc) rooted at this directory.  Otherwise, httpd will not
868              serve any static content.
869
870          httpkeepalive: 20
871              Set  the length of the HTTP server's keepalive heartbeat in sec‐
872              onds.  The default is 20.  The minimum value is  0,  which  will
873              disable  the  keepalive  heartbeat.   When enabled, if a request
874              takes longer than httpkeepalive seconds to process,  the  server
875              will  send  the client provisional responses every httpkeepalive
876              seconds until the final response can be sent
877
878          httpmodules: <empty string>
879              Space-separated list of HTTP modules that  will  be  enabled  in
880              httpd(8).   This  option  has no effect on modules that are dis‐
881              abled at compile time due to missing  dependencies  (e.g.  libi‐
882              cal).
883
884              Note  that "domainkey" depends on "ischedule" being enabled, and
885              that both "freebusy" and "ischedule" depend  on  "caldav"  being
886              enabled.   Allowed  values:  admin,  caldav, carddav, domainkey,
887              freebusy, ischedule, rss, tzdist, webdav
888
889          httpprettytelemetry: 0
890              If enabled, HTTP response  payloads  including  server-generated
891              markup languages (HTML, XML) will utilize line breaks and inden‐
892              tation to promote better human-readability  in  telemetry  logs.
893              Note  that enabling this option will increase the amount of data
894              sent across the wire.
895
896          httptimeout: 5
897              Set the length of the HTTP server's inactivity autologout timer,
898              in  minutes.   The  default is 5.  The minimum value is 0, which
899              will disable persistent connections.
900
901          idlesocket: {configdirectory}/socket/idle
902              Unix domain socket that idled listens on.
903
904          ignorereference: 0
905              For backwards compatibility with Cyrus  1.5.10  and  earlier  --
906              ignore the reference argument in LIST or LSUB commands.
907
908          imapidlepoll: 60
909              The  interval  (in  seconds) for polling for mailbox changes and
910              ALERTs while running the IDLE command.  This option is used when
911              idled  is not enabled or cannot be contacted.  The minimum value
912              is 1.  A value of 0 will disable IDLE.
913
914          imapidresponse: 1
915              If enabled, the server responds to an ID command with a  parame‐
916              ter  list  containing: version, vendor, support-url, os, os-ver‐
917              sion, command, arguments,  environment.   Otherwise  the  server
918              returns NIL.
919
920          imapmagicplus: 0
921              Only  list  a  restricted  set  of  mailboxes  via IMAP by using
922              userid+namespace syntax as the authentication/authorization  id.
923              Using  userid+  (with  an  empty  namespace) will list only sub‐
924              scribed mailboxes.
925
926          imipnotifier: <none>
927              Notifyd(8) method to use  for  "IMIP"  notifications  which  are
928              based  on  the  RFC  6047.  If not set, "IMIP" notifications are
929              disabled.
930
931          implicit_owner_rights: lkxa
932              The implicit Access Control List (ACL) for the owner of a  mail‐
933              box.
934
935          @include: <none>
936              Directive  which includes the specified file as part of the con‐
937              figuration.  If the path to the file is not absolute, CYRUS_PATH
938              is prepended.
939
940          improved_mboxlist_sort: 0
941              If  enabled,  a  special comparator will be used which will cor‐
942              rectly sort mailbox names that contain characters such  as  '  '
943              and '-'.
944
945              Note  that  this  option SHOULD NOT be changed on a live system.
946              The mailboxes database should be  dumped  (ctl_mboxlist)  before
947              the option is changed, removed, and then undumped after changing
948              the option.  When not using flat  files  for  the  subscriptions
949              databases  the  same  has  to be done (cyr_dbtool) for each sub‐
950              scription database See improved_mboxlist_sort.html.
951
952          internaldate_heuristic: standard
953              Mechanism to determine email  internaldates  on  delivery/recon‐
954              struct.  "standard" uses time() when delivering a message, mtime
955              on reconstruct.  "receivedheader" looks at the top most Received
956              header   or   time/mtime  otherwise  Allowed  values:  standard,
957              receivedheader
958
959          iolog: 0
960              Should cyrus output I/O log entries
961
962          ldap_authz: <none>
963              SASL authorization ID for the LDAP server
964
965          ldap_base: <empty string>
966              Contains the LDAP base dn for the LDAP ptloader module
967
968          ldap_bind_dn: <none>
969              Bind DN for the connection to the LDAP server (simple bind).  Do
970              not use for anonymous simple binds
971
972          ldap_deref: never
973              Specify how aliases dereferencing is handled during search.
974
975              Allowed values: search, find, always, never
976
977          ldap_domain_base_dn: <empty string>
978              Base DN to search for domain name spaces.
979
980          ldap_domain_filter:  (&(objectclass=domainrelatedobject)(associated‐
981          domain=%s))
982              Filter to use searching for domains
983
984          ldap_domain_name_attribute: associateddomain
985              The attribute name for domains.
986
987          ldap_domain_scope: sub
988              Search scope
989
990              Allowed values: sub, one, base
991
992          ldap_domain_result_attribute: inetdomainbasedn
993              Result attribute
994
995          ldap_filter: (uid=%u)
996              Specify a filter that searches user identifiers.  The  following
997              tokens can be used in the filter string:
998
999              %%    =  % %u   = user %U   = user portion of %u (%U = test when
1000              %u = test@domain.tld) %d   = domain portion of %u  if  available
1001              (%d  = domain.tld when %u = %test@domain.tld), otherwise same as
1002              %r %D   = user dn.  (use when ldap_member_method: filter) %1-9 =
1003              domain tokens (%1 = tld, %2 = domain when %d = domain.tld)
1004
1005              ldap_filter is not used when ldap_sasl is enabled.
1006
1007          ldap_group_base: <empty string>
1008              LDAP base dn for ldap_group_filter.
1009
1010          ldap_group_filter: (cn=%u)
1011              Specify  a  filter  that  searches  for  group identifiers.  See
1012              ldap_filter for more options.
1013
1014          ldap_group_scope: sub
1015              Specify search scope for ldap_group_filter.
1016
1017              Allowed values: sub, one, base
1018
1019          ldap_id: <none>
1020              SASL authentication ID for the LDAP server
1021
1022          ldap_mech: <none>
1023              SASL mechanism for LDAP authentication
1024
1025          ldap_user_attribute: <none>
1026              Specify LDAP attribute to use as canonical user id
1027
1028          ldap_member_attribute: <none>
1029              See ldap_member_method.
1030
1031          ldap_member_base: <empty string>
1032              LDAP base dn for ldap_member_filter.
1033
1034          ldap_member_filter: (member=%D)
1035              Specify  a  filter  for   "ldap_member_method:   filter".    See
1036              ldap_filter for more options.
1037
1038          ldap_member_method: attribute
1039              Specify a group method.  The "attribute" method retrieves groups
1040              from   a   multi-valued   attribute   specified   in   ldap_mem‐
1041              ber_attribute.
1042
1043              The "filter" method uses a filter, specified by ldap_member_fil‐
1044              ter, to find groups;  ldap_member_attribute  is  a  single-value
1045              attribute group name.  Allowed values: attribute, filter
1046
1047          ldap_member_scope: sub
1048              Specify search scope for ldap_member_filter.
1049
1050              Allowed values: sub, one, base
1051
1052          ldap_password: <none>
1053              Password  for the connection to the LDAP server (SASL and simple
1054              bind).  Do not use for anonymous simple binds
1055
1056          ldap_realm: <none>
1057              SASL realm for LDAP authentication
1058
1059          ldap_referrals: 0
1060              Specify whether or not the client should follow referrals.
1061
1062          ldap_restart: 1
1063              Specify whether or not LDAP  I/O  operations  are  automatically
1064              restarted if they abort prematurely.
1065
1066          ldap_sasl: 1
1067              Use SASL for LDAP binds in the LDAP PTS module.
1068
1069          ldap_sasl_authc: <none>
1070              Deprecated.  Use ldap_id
1071
1072          ldap_sasl_authz: <none>
1073              Deprecated.  Use ldap_authz
1074
1075          ldap_sasl_mech: <none>
1076              Deprecated.  Use ldap_mech
1077
1078          ldap_sasl_password: <none>
1079              Deprecated.  User ldap_password
1080
1081          ldap_sasl_realm: <none>
1082              Deprecated.  Use ldap_realm
1083
1084          ldap_scope: sub
1085              Specify search scope.
1086
1087              Allowed values: sub, one, base
1088
1089          ldap_servers: ldap://localhost/
1090              Deprecated.  Use ldap_uri
1091
1092          ldap_size_limit: 1
1093              Specify a number of entries for a search request to return.
1094
1095          ldap_start_tls: 0
1096              Use  transport layer security for ldap:// using STARTTLS. Do not
1097              use ldaps:// in 'ldap_uri' with this option enabled.
1098
1099          ldap_time_limit: 5
1100              Specify a number of seconds for a search request to complete.
1101
1102          ldap_timeout: 5
1103              Specify a number of seconds a search can take before timing out.
1104
1105          ldap_ca_dir: <none>
1106              Path to a directory with  CA  (Certificate  Authority)  certifi‐
1107              cates.
1108
1109          ldap_ca_file: <none>
1110              Patch  to  a file containing CA (Certificate Authority) certifi‐
1111              cate(s).
1112
1113          ldap_ciphers: <none>
1114              List of SSL/TLS ciphers to allow.  The format of the  string  is
1115              described in ciphers(1).
1116
1117          ldap_client_cert: <none>
1118              File containing the client certificate.
1119
1120          ldap_client_key: <none>
1121              File containing the private client key.
1122
1123          ldap_verify_peer: 0
1124              Require  and  verify server certificate.  If this option is yes,
1125              you must specify ldap_ca_file or ldap_ca_dir.
1126
1127          ldap_tls_cacert_dir: <none>
1128              Deprecated in favor of ldap_ca_dir.
1129
1130          ldap_tls_cacert_file: <none>
1131              Deprecated in favor of ldap_ca_file.
1132
1133          ldap_tls_cert: <none>
1134              Deprecated in favor of ldap_client_cert.
1135
1136          ldap_tls_key: <none>
1137              Deprecated in favor of ldap_client_key.
1138
1139          ldap_tls_check_peer: 0
1140              Deprecated in favor of ldap_verify_peer.
1141
1142          ldap_tls_ciphers: <none>
1143              Deprecated in favor of ldap_ciphers.
1144
1145          ldap_uri: <none>
1146              Contains a list of the URLs of all the LDAP servers  when  using
1147              the LDAP PTS module.
1148
1149          ldap_version: 3
1150              Specify  the  LDAP  protocol  version.  If ldap_start_tls and/or
1151              ldap_use_sasl are enabled, ldap_version  will  be  automatically
1152              set to 3.
1153
1154          literalminus: 0
1155              if  enabled,  CAPABILITIES  will reply with LITERAL- rather than
1156              LITERAL+ (RFC 7888).   Doesn't  actually  size-restrict  uploads
1157              though
1158
1159          lmtp_downcase_rcpt: 1
1160              If enabled, lmtpd will convert the recipient addresses to lower‐
1161              case (up to a '+' character, if present).
1162
1163          lmtp_fuzzy_mailbox_match: 0
1164              If enabled, and the mailbox specified in the detail part of  the
1165              recipient  (everything after the '+') does not exist, lmtpd will
1166              try to find the closest match (ignoring  case,  ignoring  white‐
1167              space, falling back to parent) to the specified mailbox name.
1168
1169          lmtp_over_quota_perm_failure: 0
1170              If enabled, lmtpd returns a permanent failure code when a user's
1171              mailbox is over quota.  By default, the  failure  is  temporary,
1172              causing the MTA to queue the message and retry later.
1173
1174          lmtp_strict_quota: 0
1175              If  enabled, lmtpd returns a failure code when the incoming mes‐
1176              sage will cause the user's mailbox  to  exceed  its  quota.   By
1177              default,  the  failure  won't occur until the mailbox is already
1178              over quota.
1179
1180          lmtp_strict_rfc2821: 1
1181              By default, lmtpd will be strict (per RFC 2821) with regards  to
1182              which  envelope addresses are allowed.  If this option is set to
1183              false, 8bit characters in the local-part of  envelope  addresses
1184              are  changed to 'X' instead.  This is useful to avoid generating
1185              backscatter with certain MTAs like Postfix or Exim which  accept
1186              such messages.
1187
1188          lmtpsocket: {configdirectory}/socket/lmtp
1189              Unix  domain  socket  that lmtpd listens on, used by deliver(8).
1190              This should match the path specified in cyrus.conf(5).
1191
1192          lmtptxn_timeout: 300
1193              Timeout (in seconds) used during a lmtp transaction to a  remote
1194              backend  (e.g. in a murder environment).  Can be used to prevent
1195              hung lmtpds on proxy hosts when a backend server  becomes  unre‐
1196              sponsive during a lmtp transaction.  The default is 300 - change
1197              to zero for infinite.
1198
1199          loginrealms: <empty string>
1200              The list of remote realms whose  users  may  authenticate  using
1201              cross-realm  authentication  identifiers.   Separate  each realm
1202              name by a space.  (A  cross-realm  identity  is  considered  any
1203              identity returned by SASL with an "@" in it.).
1204
1205          loginuseacl: 0
1206              If  enabled, any authentication identity which has a rights on a
1207              user's INBOX may log in as that user.
1208
1209          logtimestamps: 0
1210              Include notations in the protocol telemetry logs indicating  the
1211              number of seconds since the last command or response.
1212
1213          mailbox_default_options: 0
1214              Default  "options" field for the mailbox on create.  You'll want
1215              to know what you're doing before setting this, but it can  apply
1216              some default annotations like duplicate supression
1217
1218          mailbox_initial_flags: <none>
1219              space-separated list of permanent flags which will be pre-set in
1220              every newly created mailbox.  If you know you will require  par‐
1221              ticular  flag  names  then this avoids a possible race condition
1222              against a client that fills  the  entire  128  available  slots.
1223              Default  is  NULL,  which is no flags.  Example: $Label1 $Label2
1224              $Label3 NotSpam Spam
1225
1226          mailnotifier: <none>
1227              Notifyd(8) method to use for "MAIL" notifications.  If not  set,
1228              "MAIL" notifications are disabled.
1229
1230          maxheaderlines: 1000
1231              Maximum  number  of  lines of header that will be processed into
1232              cache records.  Default 1000.  If set to zero, it is  unlimited.
1233              If  a  message  hits  the limit, an error will be logged and the
1234              rest of the lines in the header will be  skipped.   This  is  to
1235              avoid malformed messages causing giant cache records
1236
1237          maxlogins_per_host: 0
1238              Maximum  number  of  logged  in  sessions allowed per host, zero
1239              means no limit
1240
1241          maxlogins_per_user: 0
1242              Maximum number of logged in  sessions  allowed  per  user,  zero
1243              means no limit
1244
1245          maxmessagesize: 0
1246              Maximum  incoming  LMTP  message  size.  If non-zero, lmtpd will
1247              reject messages larger than maxmessagesize bytes.  If set to  0,
1248              this will allow messages of any size (the default).
1249
1250          maxquoted: 131072
1251              Maximum  size of a single quoted string for the parser.  Default
1252              128k
1253
1254          maxword: 131072
1255              Maximum size of a single word for the parser.  Default 128k
1256
1257          mboxkey_db: twoskip
1258              The cyrusdb backend to use for mailbox keys.
1259
1260              Allowed values: skiplist, twoskip, lmdb
1261
1262          mboxlist_db: twoskip
1263              The cyrusdb backend to use for the mailbox list.
1264
1265              Allowed values: flat, skiplist, sql, twoskip, lmdb
1266
1267          mboxlist_db_path: <none>
1268              The absolute path to the mailboxes db file.   If  not  specified
1269              will be confdir/mailboxes.db
1270
1271          mboxname_lockpath: <none>
1272              Path to mailbox name lock files (default $conf/lock)
1273
1274          metapartition_files: <empty string>
1275              Space-separated  list  of metadata files to be stored on a meta‐
1276              partition rather than in the mailbox directory on a spool parti‐
1277              tion.   Allowed  values:  header,  index, cache, expunge, squat,
1278              annotations, lock, dav, archivecache
1279
1280          metapartition-name: <none>
1281              The pathname of the metadata partition  name,  corresponding  to
1282              spool  partition  partition-name.  For any mailbox residing in a
1283              directory on partition-name, the metadata files listed in  meta‐
1284              partition_files  will  be stored in a corresponding directory on
1285              metapartition-name.   Note that not every partition-name  option
1286              is  required  to have a corresponding metapartition-name option,
1287              so that you can selectively choose which spool  partitions  will
1288              have separate metadata partitions.
1289
1290          mupdate_authname: <none>
1291              The SASL username (Authentication Name) to use when authenticat‐
1292              ing to the mupdate server (if needed).
1293
1294          mupdate_config: standard
1295              The configuration of the mupdate servers in  the  Cyrus  Murder.
1296              The  "standard"  config is one in which there are discreet fron‐
1297              tend (proxy) and backend servers.  The "unified" config  is  one
1298              in  which  a  server  can  be  both a frontend and backend.  The
1299              "replicated" config is one in which multiple backend servers all
1300              share  the  same mailspool, but each have their own "replicated"
1301              copy of mailboxes.db.  Allowed values: standard, unified, repli‐
1302              cated
1303
1304          munge8bit: 1
1305              If  enabled,  lmtpd munges messages with 8-bit characters in the
1306              headers.   The  8-bit  characters  are  changed  to   `X'.    If
1307              reject8bit  is  enabled,  setting  munge8bit  has no effect.  (A
1308              proper solution to non-ASCII characters in headers is offered by
1309              RFC 2047 and its predecessors.)
1310
1311          mupdate_connections_max: 128
1312              The max number of connections that a mupdate process will allow,
1313              this is related to the number of file descriptors in the mupdate
1314              process.   Beyond  this  number  connections will be immediately
1315              issued a BYE response.
1316
1317          mupdate_password: <none>
1318              The SASL password (if needed) to use when authenticating to  the
1319              mupdate server.
1320
1321          mupdate_port: 3905
1322              The port of the mupdate server for the Cyrus Murder
1323
1324          mupdate_realm: <none>
1325              The  SASL  realm  (if  needed) to use when authenticating to the
1326              mupdate server.
1327
1328          mupdate_retry_delay: 20
1329              The base time to wait between connection retries to the  mupdate
1330              server.
1331
1332          mupdate_server: <none>
1333              The mupdate server for the Cyrus Murder
1334
1335          mupdate_username: <empty string>
1336              The  SASL username (Authorization Name) to use when authenticat‐
1337              ing to the mupdate server
1338
1339          mupdate_workers_max: 50
1340              The maximum number of mupdate worker threads (overall)
1341
1342          mupdate_workers_maxspare: 10
1343              The maximum number of idle mupdate worker threads
1344
1345          mupdate_workers_minspare: 2
1346              The minimum number of idle mupdate worker threads
1347
1348          mupdate_workers_start: 5
1349              The number of mupdate worker threads to start
1350
1351          netscapeurl: <none>
1352              If enabled at compile time, this specifies a URL to  reply  when
1353              Netscape  asks  the  server  where  the mail administration HTTP
1354              server is.  Administrators should set this to a local resource.
1355
1356          newsaddheaders: to
1357              Space-separated list of headers to be added to  incoming  usenet
1358              articles.    Added  To:  headers  will  contain  email  delivery
1359              addresses corresponding to each  newsgroup  in  the  Newsgroups:
1360              header.   Added  Reply-To:  headers  will contain email delivery
1361              addresses corresponding to each newsgroup in the Followup-To: or
1362              Newsgroups: header.  If the specified header(s) already exist in
1363              an article, the email delivery addresses will be appended to the
1364              original header body(s).
1365
1366              This  option  applies  if and only if the newspostuser option is
1367              set.  Allowed values: to, replyto
1368
1369          newsgroups: *
1370              A wildmat pattern specifying which mailbox hierarchies should be
1371              treated as newsgroups.  Only mailboxes matching the wildmat will
1372              accept and/or serve articles via NNTP.  If not  set,  a  default
1373              wildmat  of  "*"  (ALL  shared  mailboxes) will be used.  If the
1374              newsprefix option is also  set,  the  default  wildmat  will  be
1375              translated to "<newsprefix>.*"
1376
1377          newsmaster: news
1378              Userid  that is used for checking access controls when executing
1379              Usenet control messages.  For instance, to allow articles to  be
1380              automatically  deleted  by cancel messages, give the "news" user
1381              the 'd' right on the desired mailboxes.  To allow newsgroups  to
1382              be automatically created, deleted and renamed by the correspond‐
1383              ing control messages, give the "news" user the 'c' right on  the
1384              desired mailbox hierarchies.
1385
1386          newspeer: <none>
1387              A  list  of  whitespace-separated  news server specifications to
1388              which articles should be fed.  Each server  specification  is  a
1389              string  of  the  form  [user[:pass]@]host[:port][/wildmat] where
1390              'host' is the fully qualified hostname of the server, 'port'  is
1391              the port on which the server is listening, 'user' and 'pass' are
1392              the authentication credentials and 'wildmat' is a  pattern  that
1393              specifies  which  groups  should be fed.  If no 'port' is speci‐
1394              fied, port 119 is used.   If  no  'wildmat'  is  specified,  all
1395              groups  are  fed.   If 'user' is specified (even if empty), then
1396              the NNTP POST command will be used to feed the  article  to  the
1397              server, otherwise the IHAVE command will be used.
1398
1399              A  '@'  may  be  used  in place of '!' in the wildmat to prevent
1400              feeding articles cross-posted  to  the  given  group,  otherwise
1401              cross-posted  articles  are  fed  if  any  part  of  the wildmat
1402              matches.   For  example,  the  string  "peer.example.com:*,!con‐
1403              trol.*,@local.*"  would  feed all groups except control messages
1404              and  local  groups  to  peer.example.com.   In   the   case   of
1405              cross-posting to local groups, these articles would not be fed.
1406
1407          newspostuser: <none>
1408              Userid  used  to  deliver  usenet  articles to newsgroup folders
1409              (usually via lmtp2nntp).  For example, if set to  "post",  email
1410              sent   to   "post+comp.mail.imap"  would  be  delivered  to  the
1411              "comp.mail.imap" folder.
1412
1413              When set, the Cyrus NNTP server will add the header(s) specified
1414              in  the  newsaddheaders  option to each incoming usenet article.
1415              The added header(s) will contain email delivery addresses corre‐
1416              sponding to each relevent newsgroup.  If not set, no headers are
1417              added to usenet articles.
1418
1419          newsprefix: <none>
1420              Prefix to be prepended to newsgroup names  to  make  the  corre‐
1421              sponding IMAP mailbox names.
1422
1423          newsrc_db_path: <none>
1424              The absolute path to the newsrc db file.  If not specified, will
1425              be confdir/fetchnews.db
1426
1427          nntptimeout: 3
1428              Set the length of the NNTP server's inactivity autologout timer,
1429              in minutes.  The minimum value is 3, the default.
1430
1431          notesmailbox: <none>
1432              The  top  level  mailbox in each user's account which is used to
1433              store * Apple-style Notes.  Default is blank (disabled)
1434
1435          notifysocket: {configdirectory}/socket/notify
1436              Unix domain socket that the mail notification daemon listens on.
1437
1438          notify_external: <none>
1439              Path to the external program that notifyd(8) will call  to  send
1440              mail notifications.
1441
1442              The  external  program will be called with the following command
1443              line options:
1444
1445                 -c class
1446
1447                 -p priority
1448
1449                 -u user
1450
1451                 -m mailbox
1452
1453                 And the notification message will be available on stdin.
1454
1455          partition-name: <none>
1456              The pathname of the partition  name.   At  least  one  partition
1457              pathname  MUST  be specified.  If the defaultpartition option is
1458              used, then its pathname MUST be specified.  For example, if  the
1459              value  of  the  defaultpartion  option is part1, then the parti‐
1460              tion-part1 field is required.
1461
1462          outbox_sendlater: 0
1463              If enabled, any message with a Draft flag will be  sent  at  the
1464              time of its INTERNALDATE
1465
1466          partition_select_mode: freespace-most
1467              Partition selection mode.
1468
1469              random (pseudo-)random selection
1470
1471              freespace-most
1472                     partition with the most free space (KiB)
1473
1474              freespace-percent-most
1475                     partition with the most free space (%)
1476
1477              freespace-percent-weighted
1478                     each  partition  is  weighted according to its free space
1479                     (%); the more free space  the  partition  has,  the  more
1480                     chances it has to be selected
1481
1482              freespace-percent-weighted-delta
1483                     each partition is weighted according to its difference of
1484                     free space (%) compared to the most used  partition;  the
1485                     more the partition is lagging behind the most used parti‐
1486                     tion, the more chances it has to be selected
1487
1488                     Note that actually even the most used partition has a few
1489                     chances  to  be selected, and those chances increase when
1490                     other partitions get closer
1491
1492                     Allowed values:  random,  freespace-most,  freespace-per‐
1493                     cent-most,   freespace-percent-weighted,   freespace-per‐
1494                     cent-weighted-delta
1495
1496          partition_select_exclude: <none>
1497              List of partitions to exclude from selection mode.
1498
1499          partition_select_usage_reinit: 0
1500              For a given session, number of operations (e.g. partition selec‐
1501              tion) for which partitions usage data are cached.
1502
1503          partition_select_soft_usage_limit: 0
1504              Limit of partition usage (%): if a partition is over that limit,
1505              it is automatically excluded from selection mode.
1506
1507              If all partitions are over that limit, this feature is not  used
1508              anymore.
1509
1510          plaintextloginpause: 0
1511              Number  of  seconds to pause after a successful plaintext login.
1512              For systems that support  strong  authentication,  this  permits
1513              users  to  perceive  a cost of using plaintext passwords.  (This
1514              does not affect the use of PLAIN in SASL authentications.)
1515
1516          plaintextloginalert: <none>
1517              Message to send to client after a successful plaintext login.
1518
1519          popexpiretime: -1
1520              The number of days advertised as being the minimum a message may
1521              be  left  on  the  POP server before it is deleted (via the CAPA
1522              command, defined in the POP3  Extension  Mechanism,  which  some
1523              clients  may  support).   "NEVER", the default, may be specified
1524              with a negative number.  The Cyrus  POP3  server  never  deletes
1525              mail,  no  matter what the value of this parameter is.  However,
1526              if a site implements a less liberal policy, it needs  to  change
1527              this parameter accordingly.
1528
1529          popminpoll: 0
1530              Set  the  minimum amount of time the server forces users to wait
1531              between successive POP logins, in minutes.
1532
1533          popsubfolders: 0
1534              Allow  access  to  subfolders  of  INBOX  via  POP3   by   using
1535              userid+subfolder syntax as the authentication/authorization id.
1536
1537          poppollpadding: 1
1538              Create a softer minimum poll restriction.  Allows poppollpadding
1539              connections before the minpoll restriction is triggered.   Addi‐
1540              tionally,  one  padding entry is recovered every popminpoll min‐
1541              utes.  This allows for the occasional polling rate  faster  than
1542              popminpoll,  (i.e.,  for  clients that require a send/receive to
1543              send mail) but still enforces the rate long-term.  Default is  1
1544              (disabled).
1545
1546              The  easiest  way to think of it is a queue of past connections,
1547              with one slot being filled for every connection,  and  one  slot
1548              being  cleared every popminpoll minutes. When the queue is full,
1549              the user will not be able to check mail again until  a  slot  is
1550              cleared.   If  the  user waits a sufficient amount of time, they
1551              will get back many or all of the slots.
1552
1553          poptimeout: 10
1554              Set the length of the POP server's inactivity autologout  timer,
1555              in minutes.  The minimum value is 10, the default.
1556
1557          popuseacl: 0
1558              Enforce  IMAP  ACLs in the pop server.  Due to the nature of the
1559              POP3 protocol, the only rights which are used by the pop  server
1560              are  'r',  't',  and  's' for the owner of the mailbox.  The 'r'
1561              right allows the user to open the mailbox and list/retrieve mes‐
1562              sages.   The  't' right allows the user to delete messages.  The
1563              's' right allows messages retrieved by  the  user  to  have  the
1564              \Seen flag set (only if popuseimapflags is also enabled).
1565
1566          popuseimapflags: 0
1567              If  enabled,  the pop server will set and obey IMAP flags.  Mes‐
1568              sages having the \Deleted flag are ignored as  if  they  do  not
1569              exist.   Messages that are retrieved by the client will have the
1570              \Seen flag set.  All messages will have the \Recent flag unset.
1571
1572          postmaster: postmaster
1573              Username that is used as the 'From' address  in  rejection  MDNs
1574              produced by sieve.
1575
1576          postuser: <empty string>
1577              Userid used to deliver messages to shared folders.  For example,
1578              if set to "bb", email sent to "bb+shared.blah" would  be  deliv‐
1579              ered  to the "shared.blah" folder.  By default, an email address
1580              of "+shared.blah" would be used.
1581
1582          proc_path: <none>
1583              Path to proc directory.  Default is NULL - must be  an  absolute
1584              path  if  specified.   If not specified, the path $confdir/proc/
1585              will be used.
1586
1587          proxy_authname: proxy
1588              The authentication name to use when authenticating to a  backend
1589              server in the Cyrus Murder.
1590
1591          proxy_compress: 0
1592              Try  to  enable  protocol-specific compression when performing a
1593              client connection to a backend server in the Cyrus Murder.
1594
1595              Note that this should only be necessary over slow  network  con‐
1596              nections.   Also  note that currently only IMAP and MUPDATE sup‐
1597              port compression.
1598
1599          proxy_password: <none>
1600              The default password to use when  authenticating  to  a  backend
1601              server  in  the  Cyrus Murder.  May be overridden on a host-spe‐
1602              cific basis using the hostname_password option.
1603
1604          proxy_realm: <none>
1605              The authentication realm to use when authenticating to a backend
1606              server in the Cyrus Murder
1607
1608          proxyd_allow_status_referral: 0
1609              Set  to  true to allow proxyd to issue referrals to clients that
1610              support it when answering the STATUS command.  This is  disabled
1611              by  default  since  some clients issue many STATUS commands in a
1612              row, and do not cache the connections that these referrals would
1613              cause,  thus  resulting  in  a higher authentication load on the
1614              respective backend server.
1615
1616          proxyd_disable_mailbox_referrals: 0
1617              Set to true to disable the use of mailbox-referrals on the proxy
1618              servers.
1619
1620          proxyservers: <none>
1621              A  list  of users and groups that are allowed to proxy for other
1622              users, separated by spaces.  Any user listed  in  this  will  be
1623              allowed  to  login  for  any other user: use with caution.  In a
1624              standard murder this option should ONLY be set on backends.   DO
1625              NOT SET on frontends or things won't work properly.
1626
1627          pts_module: afskrb
1628              The PTS module to use.
1629
1630              Allowed values: afskrb, ldap
1631
1632          ptloader_sock: <none>
1633              Unix  domain socket that ptloader listens on.  (defaults to con‐
1634              figdir/ptclient/ptsock)
1635
1636          ptscache_db: twoskip
1637              The cyrusdb backend to use for the pts cache.
1638
1639              Allowed values: skiplist, twoskip, lmdb
1640
1641          ptscache_db_path: <none>
1642              The absolute path to the ptscache db file.   If  not  specified,
1643              will be confdir/ptscache.db
1644
1645          ptscache_timeout: 10800
1646              The  timeout  (in seconds) for the PTS cache database when using
1647              the auth_krb_pts authorization method (default: 3 hours).
1648
1649          ptskrb5_convert524: 1
1650              When using the AFSKRB ptloader module with Kerberos 5 canonical‐
1651              ization,  do  the final 524 conversion to get a n AFS style name
1652              (using '.' instead of '/', and using short names
1653
1654          ptskrb5_strip_default_realm: 1
1655              When using the AFSKRB ptloader module with Kerberos 5 canonical‐
1656              ization,  strip the default realm from the userid (this does not
1657              affect the stripping of realms specified  by  the  afspts_local‐
1658              realms option)
1659
1660          qosmarking: cs0
1661              This  specifies  the  Class  Selector or Differentiated Services
1662              Code Point  designation  on  IP  headers  (in  the  ToS  field).
1663              Allowed  values:  cs0,  cs1, cs2, cs3, cs4, cs5, cs6, cs7, af11,
1664              af12, af13, af21, af22, af23,  af31,  af32,  af33,  af41,  af42,
1665              af43, ef
1666
1667          quota_db: quotalegacy
1668              The cyrusdb backend to use for quotas.
1669
1670              Allowed values: flat, skiplist, sql, quotalegacy, twoskip, lmdb
1671
1672          quota_db_path: <none>
1673              The  absolute  path for the quota database (if you choose a sin‐
1674              gle-file quota DB type - or the base path if you choose quotale‐
1675              gacy).    If   not   specified   will  be  confdir/quotas.db  or
1676              confdir/quota/
1677
1678          quotawarn: 90
1679              The percent of quota utilization over which the server generates
1680              warnings.
1681
1682          quotawarnkb: 0
1683              The  maximum  amount  of  free  space (in kB) at which to give a
1684              quota warning (if this value is 0, or if the  quota  is  smaller
1685              than this amount, then warnings are always given).
1686
1687          quotawarnmsg: 0
1688              The  maximum amount of messages at which to give a quota warning
1689              (if this value is 0, or  if  the  quota  is  smaller  than  this
1690              amount, then warnings are always given).
1691
1692          reject8bit: 0
1693              If  enabled, lmtpd rejects messages with 8-bit characters in the
1694              headers.
1695
1696          restore_authname: <none>
1697              The authentication used by the restore tool when  authenticating
1698              to an IMAP/sync server.
1699
1700          restore_password: <none>
1701              The  password used by the restore tool when authenticating to an
1702              IMAP/sync server.
1703
1704          restore_realm: <none>
1705              The authentication realm used by the restore tool when authenti‐
1706              cating to an IMAP/sync server.
1707
1708          reverseacls: 0
1709              At  startup  time,  ctl_cyrusdb  -r will check this value and it
1710              will either add or remove reverse ACL pointers from mailboxes.db
1711
1712          rfc2046_strict: 0
1713              If enabled, imapd will be strict (per RFC  2046)  when  matching
1714              MIME  boundary  strings.   This means that boundaries containing
1715              other boundaries as substrings will  be  treated  as  identical.
1716              Since  enabling  this option will break some messages created by
1717              Eudora 5.1 (and earlier), it is recommended that it be left dis‐
1718              abled unless there is good reason to do otherwise.
1719
1720          rfc2047_utf8: 0
1721              If  enabled, imapd will parse any non-encoded character sequence
1722              in MIME header values as UTF8. This is useful for  installations
1723              that  either  advertise  the  UTF8SMTP  (RFC  5335) extension or
1724              receive mails with improperly escaped UTF-8 byte  sequences.  It
1725              is recommended that this option is left disabled unless there is
1726              good reason to do otherwise.
1727
1728          rfc3028_strict: 1
1729              If enabled, Sieve will be strict (per RFC 3028) with regards  to
1730              which  headers  are  allowed  to be used in address and envelope
1731              tests.  This means that only those headers which are defined  to
1732              contain addresses will be allowed in address tests and only "to"
1733              and "from" will be allowed in envelope  tests.   When  disabled,
1734              ANY grammatically correct header will be allowed.
1735
1736          rss_feedlist_template: <none>
1737              File  containing  HTML  that will be used as a template for dis‐
1738              playing the list of available RSS feeds.  A single  instance  of
1739              the  variable  %RSS_FEEDLIST%  should  appear in the file, which
1740              will be replaced by a  nested  unordered  list  of  feeds.   The
1741              toplevel unordered list will be tagged with an id of "feed" (<ul
1742              id='feed'>) which can be used by stylesheet(s) in your template.
1743              The dynamically created list of feeds based on the HTML template
1744              will be accessible at the "/rss" URL on the server.
1745
1746          rss_feeds: *
1747              A wildmat pattern specifying which mailbox hierarchies should be
1748              treated  as RSS feeds.  Only mailboxes matching the wildmat will
1749              have their messages available via RSS.  If not  set,  a  default
1750              wildmat of "*" (ALL mailboxes) will be used.
1751
1752          rss_maxage: 0
1753              Maximum age (in days) of items to display in an RSS channel.  If
1754              non-zero, httpd will only display items received within the last
1755              rss_maxage  days.  If set to 0, all available items will be dis‐
1756              played (the default).
1757
1758          rss_maxitems: 0
1759              Maximum number of items  to  display  in  an  RSS  channel.   If
1760              non-zero,  httpd will display no more than the rss_maxitems most
1761              recent items.  If set to 0, all available  items  will  be  dis‐
1762              played (the default).
1763
1764          rss_maxsynopsis: 0
1765              Maximum  RSS item synopsis length.  If non-zero, httpd will dis‐
1766              play no more than the first  rss_maxsynopsis  characters  of  an
1767              item's  synopsis.  If set to 0, the entire synopsis will be dis‐
1768              played (the default).
1769
1770          rss_realm: <none>
1771              The realm to present for HTTP authentication of RSS  feeds.   If
1772              not set (the default), the value of the "servername" option will
1773              be used.
1774
1775          sasl_auto_transition: 0
1776              If enabled, the SASL library will automatically create authenti‐
1777              cation  secrets  when  given a plaintext password.  See the SASL
1778              documentation.
1779
1780          sasl_maximum_layer: 256
1781              Maximum SSF (security strength  factor)  that  the  server  will
1782              allow a client to negotiate.
1783
1784          sasl_minimum_layer: 0
1785              The  minimum  SSF that the server will allow a client to negoti‐
1786              ate.  A value of 1 requires  integrity  protection;  any  higher
1787              value requires some amount of encryption.
1788
1789          sasl_option: 0
1790              Any  SASL  option  can  be set by preceding it with sasl_.  This
1791              file overrides the SASL configuration file.
1792
1793          sasl_pwcheck_method: <none>
1794              The mechanism used by the server to verify plaintext  passwords.
1795              Possible values include "auxprop", "saslauthd", and "pwcheck".
1796
1797          search_batchsize: 20
1798              The  number of messages to be indexed in one batch (default 20).
1799              Note that long batches may delay user commands or mail delivery.
1800
1801          search_normalisation_max: 1000
1802              A resource bound  for  the  combinatorial  explosion  of  search
1803              expression  tree  complexity  caused  by normalising expressions
1804              with many OR nodes.  These can use more  CPU  time  to  optimise
1805              than they save IO time in scanning folders.
1806
1807          search_engine: none
1808              The indexing engine used to speed up searching.
1809
1810              Allowed values: none, squat, sphinx, xapian
1811
1812          search_index_headers: 1
1813              Whether  to index headers other than From, To, Cc, Bcc, and Sub‐
1814              ject.  Experiment shows that some headers such as  Received  and
1815              DKIM-Signature can contribute up to 2/3rds of the index size but
1816              almost nothing to the utility of searching.  Note that is header
1817              indexing  is  disabled,  headers  can  still  be  searched,  the
1818              searches will just be slower.
1819
1820          search_indexed_db: twoskip
1821              The cyrusdb backend to use for the  search  latest  indexed  uid
1822              state.
1823
1824              Allowed values: flat, skiplist, twoskip, lmdb
1825
1826          search_maxtime: <none>
1827              The  maximum number of seconds to run a search for before abort‐
1828              ing.  Default of no value means  search  "forever"  until  other
1829              timeouts.
1830
1831          search_skipdiacrit: 1
1832              When  searching, should diacriticals be stripped from the search
1833              terms.  The default is "true", a search  for  "hav"  will  match
1834              "Håvard".  This is not RFC 5051 complient, but it backwards com‐
1835              patible, and may be preferred by some sites.
1836
1837          search_skiphtml: 0
1838              If enabled, HTML parts of messages are skipped, i.e. not indexed
1839              and not searchable.  Otherwise, they're indexed.
1840
1841          search_whitespace: merge
1842              When  searching, how whitespace should be handled.  Options are:
1843              "skip" (default in 2.3 and earlier series) - where a search  for
1844              "equi"  would  match  "the  quick  brown  fox".   "merge"  - the
1845              default, where "he  qu" would match "the quick   brownfox",  and
1846              "keep",  where  whitespace  must  match exactly.  The default of
1847              "merge" is recommended for most cases - it's a  good  compromise
1848              which keeps words separate.  Allowed values: skip, merge, keep
1849
1850          search_snippet_length: 255
1851              The  maximum byte length of a snippet generated by the XSNIPPETS
1852              command. Only supported by  the  Xapian  search  backend,  which
1853              attempts  to always fill search_snippet_length bytes in the gen‐
1854              erated snippet.
1855
1856          search_stopword_path: <none>
1857              The absolute base path to the  search  stopword  lists.  If  not
1858              specified, no stopwords will be taken into account during search
1859              indexing. Currently, the only supported and  default  stop  word
1860              file is english.list.
1861
1862          searchpartition-name: <none>
1863              The  pathname  where  to  store  the  xapian  search  indexes of
1864              searchtier for mailboxes of partition name. This must be config‐
1865              ured  for  the  defaultsearchtier and any additional search tier
1866              (see squatter for details).
1867
1868              For  example:  if  defaultpartition  is  defined  as  part1  and
1869              defaultsearchtier  as  tier1 then the configuration must contain
1870              an entry tier1searchpartition-part1 that defines the path  where
1871              to store this tier1's search index for the part1 partition.
1872
1873              This option MUST be specified for xapian search.
1874
1875          seenstate_db: twoskip
1876              The cyrusdb backend to use for the seen state.
1877
1878              Allowed values: flat, skiplist, twoskip, lmdb
1879
1880          sendmail: /usr/lib/sendmail
1881              The pathname of the sendmail executable.  Sieve invokes sendmail
1882              for sending rejections, redirects and vacation responses.
1883
1884          serverlist: <none>
1885              Whitespace separated list of backend  server  names.   Used  for
1886              finding  server  with the most available free space for proxying
1887              CREATE.
1888
1889          serverlist_select_mode: freespace-most
1890              Server selection mode.
1891
1892              random (pseudo-)random selection
1893
1894              freespace-most
1895                     backend with the most (total) free space (KiB)
1896
1897              freespace-percent-most
1898                     backend whose partition has the most free space (%)
1899
1900              freespace-percent-weighted
1901                     same as for partition selection, comparing the free space
1902                     (%) of the least used partition of each backend
1903
1904              freespace-percent-weighted-delta
1905                     same as for partition selection, comparing the free space
1906                     (%) of the least used partition of each backend.
1907
1908                     Allowed values:  random,  freespace-most,  freespace-per‐
1909                     cent-most,   freespace-percent-weighted,   freespace-per‐
1910                     cent-weighted-delta
1911
1912          serverlist_select_usage_reinit: 0
1913              For a given session, number of operations (e.g.  backend  selec‐
1914              tion) for which backend usage data are cached.
1915
1916          serverlist_select_soft_usage_limit: 0
1917              Limit  of backend usage (%): if a backend is over that limit, it
1918              is automatically excluded from selection mode.
1919
1920              If all backends are over that limit, this feature  is  not  used
1921              anymore.
1922
1923          servername: <none>
1924              This  is  the  hostname  visible in the greeting messages of the
1925              POP, IMAP and LMTP daemons. If it  is  unset,  then  the  result
1926              returned  from  gethostname(2)  is used.  This is also the value
1927              used by murder clusters to identify the host name.  It should be
1928              resolvable  by  DNS  to  the  correct host, and unique within an
1929              active cluster.  If you are using low  level  replication  (e.g.
1930              drbd)  then  it should be the same on each copy and the DNS name
1931              should also be moved to the new master on failover.
1932
1933          serverinfo: on
1934              The server information to display in the greeting and capability
1935              responses. Information is displayed as follows:
1936                 "off" = no server information in the greeting or capabilities
1937
1938                 "min"  = servername in the greeting; no server information in
1939                 the capabilities
1940
1941                 "on" = servername and product version in the greeting;  prod‐
1942                 uct version in the capabilities
1943
1944                 Allowed values: off, min, on
1945
1946          sharedprefix: Shared Folders
1947              If using the alternate IMAP namespace, the prefix for the shared
1948              namespace.   The  hierarchy  delimiter  will  be   automatically
1949              appended.
1950
1951          sieve_allowreferrals: 1
1952              If  enabled,  timsieved will issue referrals to clients when the
1953              user's scripts reside on a remote server (in a Murder).   Other‐
1954              wise, timsieved will proxy traffic to the remote server.
1955
1956          sieve_extensions:    fileinto   reject   vacation   vacation-seconds
1957          imapflags notify envelope  relational  regex  subaddress  copy  date
1958          index imap4flags mailbox mboxmetadata servermetadata variables
1959              Space-separated  list  of Sieve extensions allowed to be used in
1960              sieve scripts, enforced at submission by timsieved(8).  Any pre‐
1961              viously  installed  script will be unaffected by this option and
1962              will continue to execute  regardless  of  the  extensions  used.
1963              This  option  has no effect on options that are disabled at com‐
1964              pile time (e.g., "regex").  Allowed  values:  fileinto,  reject,
1965              vacation,  vacation-seconds,  imapflags,  notify, include, enve‐
1966              lope, body, relational, regex, subaddress,  copy,  date,  index,
1967              imap4flags, mailbox, mboxmetadata, servermetadata, variables
1968
1969          sieve_maxscriptsize: 32
1970              Maximum size (in kilobytes) any sieve script can be, enforced at
1971              submission by timsieved(8).
1972
1973          sieve_maxscripts: 5
1974              Maximum number of sieve scripts any user may have,  enforced  at
1975              submission by timsieved(8).
1976
1977          sieve_utf8fileinto: 0
1978              If  enabled,  the  sieve  engine  expects  folder  names for the
1979              fileinto action in scripts to  use  UTF8  encoding.   Otherwise,
1980              modified UTF7 encoding should be used.
1981
1982          sieve_sasl_send_unsolicited_capability: 0
1983              If  enabled,  timsieved  will emit a capability response after a
1984              successful   SASL   authentication,   per   draft-martin-manage‐
1985              sieve-12.txt .
1986
1987          sieve_vacation_min_response: 259200 /* 3 days */
1988              Minimum  time interval (in seconds) between consecutive vacation
1989              responses, per draft-ietf-vacation-seconds.txt .
1990
1991          sieve_vacation_max_response: 7776000 /* 90 days */
1992              Maximum time interval (in seconds) between consecutive  vacation
1993              responses, per draft-ietf-vacation-seconds.txt .
1994
1995          sievedir: /usr/sieve
1996              If  sieveusehomedir  is  false,  this  directory is searched for
1997              Sieve scripts.
1998
1999          sievenotifier: <none>
2000              Notifyd(8) method to use for "SIEVE" notifications.  If not set,
2001              "SIEVE" notifications are disabled.
2002
2003              This  method  is  only  used  when no method is specified in the
2004              script.
2005
2006          sieveusehomedir: 0
2007              If enabled, lmtpd will look for Sieve  scripts  in  user's  home
2008              directories: ~user/.sieve.
2009
2010          anysievefolder: 0
2011              It  must  be  "yes"  in  order to permit the autocreation of any
2012              INBOX  subfolder  requested  by  a  sieve  filter,  through  the
2013              "fileinto" action. (default = no)
2014
2015          singleinstancestore: 1
2016              If  enabled,  imapd,  lmtpd  and nntpd attempt to only write one
2017              copy of a message per partition and create hard links, resulting
2018              in a potentially large disk savings.
2019
2020          skiplist_always_checkpoint: 1
2021              If  enabled,  this option forces the skiplist cyrusdb backend to
2022              always checkpoint when doing a recovery.  This  causes  slightly
2023              more  IO,  but  on  the other hand leads to more efficient data‐
2024              bases, and the entire file is already "hot".
2025
2026          skiplist_unsafe: 0
2027              If enabled, this option forces the skiplist cyrusdb  backend  to
2028              not sync writes to the disk.  Enabling this option is NOT RECOM‐
2029              MENDED.
2030
2031          soft_noauth: 1
2032              If enabled, lmtpd returns temporary failures if the client  does
2033              not  successfully  authenticate.  Otherwise lmtpd returns perma‐
2034              nent failures (causing the mail to bounce immediately).
2035
2036          sortcache_db: twoskip
2037              The cyrusdb backend to use for caching sort  results  (currently
2038              only used for xconvmultisort) Allowed values: skiplist, twoskip,
2039              lmdb
2040
2041          specialuse_extra: <none>
2042              Whitespace separated list of extra special-use  attributes  that
2043              can  be  set  on  a  mailbox. RFC 6154 currently lists what spe‐
2044              cial-use attributes can be set. This allows extending that  list
2045              in the future or adding your own if needed.
2046
2047          specialusealways: 0
2048              If  enabled,  this  option causes LIST and LSUB output to always
2049              include the XLIST "special-use" flags
2050
2051          sphinx_text_excludes_odd_headers: 0
2052              If enabled, Sphinx will perform a TEXT search as if  it  matches
2053              FROM, TO, CC, BCC or SUBJECT but not any other headers.  This is
2054              contrary to the RFC but a more useful behaviour for most  users.
2055              Default: disabled.
2056
2057          sphinx_socket: {configdirectory}/socket/sphinx
2058              Unix domain socket that the Sphinx searchd daemons listens on.
2059
2060          sphinx_pidfile: /var/run/sphinx.pid
2061              File where the Sphinx searchd daemon writes its pid.
2062
2063          sql_database: <none>
2064              Name of the database which contains the cyrusdb table(s).
2065
2066          sql_engine: <none>
2067              Name of the SQL engine to use.
2068
2069              Allowed values: mysql, pgsql, sqlite
2070
2071          sql_hostnames: <empty string>
2072              Comma separated list of SQL servers (in host[:port] format).
2073
2074          sql_passwd: <none>
2075              Password to use for authentication to the SQL server.
2076
2077          sql_user: <none>
2078              Username to use for authentication to the SQL server.
2079
2080          sql_usessl: 0
2081              If enabled, a secure connection will be made to the SQL server.
2082
2083          srvtab: <empty string>
2084              The pathname of srvtab file containing the server's private key.
2085              This option is passed to the  SASL  library  and  overrides  its
2086              default setting.
2087
2088          submitservers: <none>
2089              A  list  of  users  and  groups  that  are  allowed  to  resolve
2090              "urlauth=submit+" IMAP URLs,  separated  by  spaces.   Any  user
2091              listed  in  this  will  be  allowed to fetch the contents of any
2092              valid "urlauth=submit+" IMAP URL: use with caution.
2093
2094          subscription_db: flat
2095              The cyrusdb backend to use for the subscriptions list.
2096
2097              Allowed values: flat, skiplist, twoskip, lmdb
2098
2099          suppress_capabilities: <none>
2100              Suppress the named capabilities from  any  capability  response.
2101              Use  the  exact  case as it appears in the response, e.g.  "sup‐
2102              press_capabilities: ESEARCH QRESYNC WITHIN XLIST  LIST-EXTENDED"
2103              if  you have a murder with 2.3.x backends and don't want clients
2104              being confused by new capabilities that some backends don't sup‐
2105              port.
2106
2107          statuscache: 0
2108              Enable/disable the imap status cache.
2109
2110          statuscache_db: twoskip
2111              The cyrusdb backend to use for the imap status cache.
2112
2113              Allowed values: skiplist, sql, twoskip, lmdb
2114
2115          statuscache_db_path: <none>
2116              The absolute path to the statuscache db file.  If not specified,
2117              will be confdir/statuscache.db
2118
2119          sync_authname: <none>
2120              The authentication name to use when  authenticating  to  a  sync
2121              server.  Prefix with a channel name to only apply for that chan‐
2122              nel
2123
2124          sync_batchsize: 8192
2125              the number of messages to upload in a  single  mailbox  replica‐
2126              tion.   Default  is 8192.  If there are more than this many mes‐
2127              sages appended to the  mailbox,  generate  a  synthetic  partial
2128              state and send that.
2129
2130          sync_host: <none>
2131              Name  of  the  host  (replica  running  sync_server(8)) to which
2132              replication actions will be sent by sync_client(8).  Prefix with
2133              a channel name to only apply for that channel
2134
2135          sync_log: 0
2136              Enable   replication   action  logging  by  lmtpd(8),  imapd(8),
2137              pop3d(8), and nntpd(8).  The log  {configdirectory}/sync/log  is
2138              used by sync_client(8) for "rolling" replication.
2139
2140          sync_log_chain: 0
2141              Enable replication action logging by sync_server as well, allow‐
2142              ing chaining of replicas.  Use this on 'B'  for  A  =>  B  =>  C
2143              replication layout
2144
2145          sync_log_channels: <none>
2146              If  specified,  log all events to multiple log files in directo‐
2147              ries specified by each "channel".  Each channel can then be pro‐
2148              cessed separately, such as by multiple sync_client(8)s in a mesh
2149              replication scheme, or by squatter(8) for rolling  search  index
2150              updates.
2151
2152              You  can use "" (the two-character string U+22 U+22) to mean the
2153              default sync channel.
2154
2155          sync_log_unsuppressable_channels: squatter
2156              If specified, the named channels are exempt from the  effect  of
2157              setting  sync_log_chain:off,  i.e.  they are always logged to by
2158              the sync_server process.  This is only really  useful  to  allow
2159              rolling search indexing on a replica.
2160
2161          sync_password: <none>
2162              The  default  password  to  use  when  authenticating  to a sync
2163              server.  Prefix with a channel name to only apply for that chan‐
2164              nel
2165
2166          sync_port: <none>
2167              Name  of the service (or port number) of the replication service
2168              on replica host.  Prefix with a channel name to only  apply  for
2169              that  channel.  If not specified, and if sync_try_imap is set to
2170              "yes" (the default), then the replication client will first  try
2171              "imap"  (port 143) to check if imapd supports replication.  oth‐
2172              erwise it will default to "csync" (usually port 2005).
2173
2174          sync_realm: <none>
2175              The authentication realm to use when authenticating  to  a  sync
2176              server.  Prefix with a channel name to only apply for that chan‐
2177              nel
2178
2179          sync_repeat_interval: 1
2180              Minimum  interval  (in  seconds)  between  replication  runs  in
2181              rolling replication mode. If a replication run takes longer than
2182              this time, we repeat immediately.  Prefix with a channel name to
2183              only apply for that channel
2184
2185          sync_shutdown_file: <none>
2186              Simple  latch  used  to  tell sync_client(8) that it should shut
2187              down at the next opportunity. Safer than sending signals to run‐
2188              ning  processes.   Prefix  with a channel name to only apply for
2189              that channel
2190
2191          sync_timeout: 1800
2192              Number of seconds to wait for  a  response  before  returning  a
2193              timeout  failure  when  talking to a replication peer (client or
2194              server).
2195
2196          sync_try_imap: 1
2197              Whether sync_client should try to  perform  an  IMAP  connection
2198              before  falling  back  to  csync.   If  this  is  set  to  "no",
2199              sync_client will only use csync.  Prefix with a channel name  to
2200              apply only for that channel
2201
2202          syslog_prefix: <none>
2203              String to be prepended to the process name in syslog entries.
2204
2205          syslog_facility: <none>
2206              Configure  a  syslog  facility.  The default is whatever is com‐
2207              piled in.  Allowed values are: DAEMON,  MAIL,  NEWS,  USER,  and
2208              LOCAL0 through to LOCAL7
2209
2210          tcp_keepalive: 0
2211              Enable keepalive on TCP connections
2212
2213          tcp_keepalive_cnt: 0
2214              Number of TCP keepalive probes to send before declaring the con‐
2215              nection dead (0 == system default)
2216
2217          tcp_keepalive_idle: 0
2218              Number of seconds a connection must  be  idle  before  keepalive
2219              probes are sent (0 == system default)
2220
2221          tcp_keepalive_intvl: 0
2222              Number of seconds between keepalive probes (0 == system default)
2223
2224          temp_path: /tmp
2225              The pathname to store temporary files in
2226
2227          telemetry_bysessionid: 0
2228              If true, log by sessionid instead of PID for telemetry
2229
2230          timeout: 32
2231              The  length of the IMAP server's inactivity autologout timer, in
2232              minutes.  The minimum value is 30.  The default is 32 to allow a
2233              bit of leeway for clients that try to NOOP every 30 minutes.
2234
2235          imapidletimeout: 0
2236              Timeout for idling clients (RFC 2177) in minutes. If set to zero
2237              (the default) or less, the  value  of  "timeout"  will  be  used
2238              instead.
2239
2240          tls_ca_file: <none>
2241              Deprecated in favor of tls_client_ca_file.
2242
2243          tls_ca_path: <none>
2244              Deprecated in favor of tls_client_ca_dir.
2245
2246          tlscache_db: twoskip
2247              Deprecated in favor of tls_sessions_db.
2248
2249          tlscache_db_path: <none>
2250              Deprecated in favor of tls_sessions_db_path.
2251
2252          tls_cert_file: <none>
2253              Deprecated in favor of tls_server_cert.
2254
2255          tls_cipher_list: DEFAULT
2256              Deprecated in favor of tls_ciphers.
2257
2258          tls_ciphers: DEFAULT
2259              The  list of SSL/TLS ciphers to allow.  The format of the string
2260              (and definition of "DEFAULT") is described in ciphers(1).
2261
2262              See also Mozilla's server-side TLS recommendations:
2263
2264              https://wiki.mozilla.org/Security/Server_Side_TLS
2265
2266          tls_client_ca_dir: <none>
2267              Path to a directory containing the CA certificates used to  ver‐
2268              ify client SSL certificates used for authentication.
2269
2270          tls_client_ca_file: <none>
2271              Path  to  a file containing the CA certificate(s) used to verify
2272              client SSL certificates used for authentication.
2273
2274          tls_client_cert: <none>
2275              File containing  the  certificate  presented  to  a  server  for
2276              authentication  during STARTTLS. A value of "disabled" will dis‐
2277              able this server's use of certificate-based authentication.
2278
2279          tls_client_certs: optional
2280              Disable  ("off"),  allow  ("optional",   default)   or   require
2281              ("require")  the use of SSL certificates by clients to authenti‐
2282              cate themselves.  Allowed values: off, optional, require
2283
2284          tls_client_key: <none>
2285              File containing the private key belonging to the tls_client_cert
2286              certificate.  A  value  of "disabled" will disable this server's
2287              use of certificate-based authentication.
2288
2289          tls_eccurve: prime256v1
2290              The elliptic curve used for  ECDHE.  Default  is  NIST  Suite  B
2291              prime256.   See 'openssl ecparam -list_curves' for possible val‐
2292              ues.
2293
2294          tls_key_file: <none>
2295              Deprecated in favor of tls_server_key.
2296
2297          tls_required: 0
2298              If enabled, require a TLS/SSL encryption layer to be  negotiated
2299              prior  to  ANY  authentication  mechanisms  being  advertised or
2300              allowed.
2301
2302          tls_prefer_server_ciphers: 0
2303              Prefer the ciphers on the server side instead of client side.
2304
2305          tls_server_ca_dir: <none>
2306              Path to a directory with CA certificates used to verify certifi‐
2307              cates  offered  when this server connects to other servers. This
2308              directory must have filenames with the hashed value of the  cer‐
2309              tificates (see openssl(1)).
2310
2311          tls_server_ca_file: <none>
2312              Path  to  a  file containing CA certificates used to verify cer‐
2313              tificates offered when this server connects to other servers.
2314
2315          tls_server_cert: <none>
2316              File containing the certificate presented to clients.
2317
2318          tls_server_key: <none>
2319              File containing the private key belonging to the certificate  in
2320              tls_server_cert.
2321
2322          tls_sessions_db: twoskip
2323              The cyrusdb backend to use for the TLS cache.
2324
2325              Allowed values: skiplist, sql, twoskip, lmdb
2326
2327          tls_sessions_db_path: <none>
2328              The absolute path to the TLS sessions db file. If not specified,
2329              will be confdir/tls_sessions.db
2330
2331          tls_session_timeout: 1440
2332              The length of time (in minutes)  that  a  TLS  session  will  be
2333              cached  for  later reuse.  The maximum value is 1440 (24 hours),
2334              the default.  A value of 0 will disable session caching.
2335
2336          tls_versions: tls1_0 tls1_1 tls1_2
2337              A list of SSL/TLS versions to not disable.  Cyrus  IMAP  SSL/TLS
2338              starts  with all protocols, and substracts protocols not in this
2339              list. Newer versions of SSL/TLS will need to be  added  here  to
2340              allow them to get disabled.
2341
2342          uidl_format: cyrus
2343              Choose  the  format  for  UIDLs  in  pop3.   Possible values are
2344              "uidonly", "cyrus", "dovecot" and "courier".   "uidonly"  forces
2345              the  old default of UID, "cyrus" is UIDVALIDITY.UID.  Dovecot is
2346              8 digits of leading  hex  (lower  case)  each  UID  UIDVALIDITY.
2347              Courier  is  UIDVALIDITY-UID.   Allowed  values: uidonly, cyrus,
2348              dovecot, courier
2349
2350          umask: 077
2351              The umask value used by various Cyrus IMAP programs.
2352
2353          userdeny_db: flat
2354              The cyrusdb backend to use for the user access list.
2355
2356              Allowed values: flat, skiplist, sql, twoskip, lmdb
2357
2358          userdeny_db_path: <none>
2359              The absolute path to the userdeny db file.   If  not  specified,
2360              will be confdir/user_deny.db
2361
2362          username_tolower: 1
2363              Convert  usernames to all lowercase before login/authentication.
2364              This is useful with authentication backends  which  ignore  case
2365              during username lookups (such as LDAP).
2366
2367          userprefix: Other Users
2368              If  using the alternate IMAP namespace, the prefix for the other
2369              users namespace.  The hierarchy delimiter will be  automatically
2370              appended.
2371
2372          unix_group_enable: 1
2373              Should  we  look up groups when using auth_unix (disable this if
2374              you are not using groups in ACLs for your IMAP server,  and  you
2375              are  using auth_unix with a backend (such as LDAP) that can make
2376              getgrent() calls very slow)
2377
2378          unixhierarchysep: 1
2379              Use the UNIX separator character '/' for  delimiting  levels  of
2380              mailbox  hierarchy.  Turn off to use the netnews separator char‐
2381              acter '.'. Note that with the newnews  separator,  no  dots  may
2382              occur in mailbox names.  The default switched in 3.0 from off to
2383              on.
2384
2385          virtdomains: off
2386              Enable virtual domain support.  If enabled,  the  user's  domain
2387              will  be determined by splitting a fully qualified userid at the
2388              last '@' or '%' symbol.  If the userid is unqualified,  and  the
2389              virtdomains  option  is  set  to  "on",  then the domain will be
2390              determined by doing a reverse lookup on the IP  address  of  the
2391              incoming  network interface, otherwise the user is assumed to be
2392              in the default domain (if set).  Allowed values: off, userid, on
2393
2394          xbackup_enabled: 0
2395              Enable support for the XBACKUP command in  imapd.   If  enabled,
2396              admin  users  can  use  this command to provoke a replication of
2397              specified users to the named backup channel.
2398
2399          xlist-flag: <none>
2400              Set the special-use flag flag on the specified folder when it is
2401              autocreated  (see  the  autocreate_inbox_folders  option).   For
2402              example, if xlist-junk: Spam is set,  and  the  folder  Spam  is
2403              autocreated, the special-use flag \Junk will be set on it.
2404
2405              (This  option  is  so  named for backward compatibility with old
2406              config files.)
2407
2408          lmtp_catchall_mailbox: <none>
2409              Mail sent to mailboxes which do not exist, will be delivered  to
2410              this  user.  NOTE: This must be an existing local user name with
2411              an INBOX, NOT an email address!
2412
2413          zoneinfo_db: twoskip
2414              The cyrusdb backend to use for zoneinfo.
2415
2416              Allowed values: flat, skiplist, twoskip, lmdb
2417
2418          zoneinfo_db_path: <none>
2419              The absolute path to the zoneinfo db file.   If  not  specified,
2420              will be confdir/zoneinfo.db
2421
2422          object_storage_enabled: 0
2423              Is  Object  storage  enabled  for this server.  You also need to
2424              have archiving enabled and  archivepartition  for  the  mailbox.
2425              Only email files will be stored on object Storage archive parti‐
2426              tion will be used to store any other files
2427
2428          object_storage_dummy_spool: <none>
2429              Dummy object storage spool; this is for test only.  Spool  where
2430              user  directory  (container) will be created to store all emails
2431              in a flat structure
2432
2433          openio_namespace: <none>
2434              The OpenIO namespace used to store archived  email  messages.  A
2435              namespace  identifies  the physical platform cyrus must contact.
2436              This directive is used by the OpenIO's SDK to locate  its  plat‐
2437              form entry point.
2438
2439          openio_account: <none>
2440              The  OpenIO  account used to account for stored emails. Accounts
2441              are unique in their namespace. They provides virtual partitions,
2442              with quotas and QoS features.
2443
2444          openio_rawx_timeout: 30
2445              The  OpenIO  timeout  to  query to the RAWX services (default 30
2446              sec).
2447
2448          openio_proxy_timeout: 5
2449              The OpenIO timeout to query to the  PROXY  services  (default  5
2450              sec).
2451
2452          openio_autocreate: 0
2453              Allow  the  OpenIO SDK to autocreate containers. Mainly destined
2454              to be turned on development  environments.  In  production,  the
2455              container should have been provisioned with the mailboxes.
2456
2457          openio_verbosity: <none>
2458              Sets  the  logging  verbosity of the OpenIO's internal behavior.
2459              Admissible values are:  "warning",  "notice",  "info",  "debug",
2460              "trace",  "quiet".   The  default verbosity is "warning". Set to
2461              "notice" for a few lines on a per-client basis.  Set  to  "info"
2462              for  a  few  lines on a per-request basis. Set to "debug" Set to
2463              "trace"  to  activate  the  underlying  libcurl  debug   output.
2464              Enabling  a  verbosity higher to equal than "debug" requires the
2465              cyrus to be set in debug mode. The special  "quiet"  value  dis‐
2466              ables all kinds of logging at the GLib level.
2467
2468          caringo_hostname: <none>
2469              The  Caringo  hostname  used to store archived email messages. A
2470              hostname identifies the physical platform  cyrus  must  contact.
2471              This  directive is used by the Caringo's SDK (CastorSDK: Caringo
2472              Simple Content Storage Protocol (SCSP) on HTTP 1.1 using a REST‐
2473              ful architecture
2474
2475          caringo_port: 80
2476              The  port  of  the caringo server (caringo_hostname); default is
2477              80.
2478
2479          fastmailsharing: 0
2480              If enabled, use FastMail style sharing  (oldschool  full  server
2481              paths)
2482

SEE ALSO

2484          imapd(8),  pop3d(8),  nntpd(8),  lmtpd(8),  httpd(8),  timsieved(8),
2485          idled(8), notifyd(8), deliver(8), cyrus-master(8), ciphers(1)
2486

AUTHOR

2488       The Cyrus Team
2489
2491       1993-2017, The Cyrus Team
2492
2493
2494
2495
24963.0.7                            May 18, 2018                    IMAPD.CONF(5)
Impressum