1IMAPD.CONF(5)                     Cyrus IMAP                     IMAPD.CONF(5)
2
3
4

NAME

6       imapd.conf - Cyrus IMAP documentation
7
8       IMAP configuration file
9

DESCRIPTION

11          /etc/imapd.conf is the configuration file for the Cyrus IMAP server.
12          It defines local parameters for IMAP.
13
14          Each line of the /etc/imapd.conf file has the form
15                 option: value
16
17          where option is the name of the configuration option being  set  and
18          value is the value that the configuration option is being set to.
19
20          Although  there  is no limit to the length of a line, a ``\'' (back‐
21          slash) character may be used as the last  character  on  a  line  to
22          force  it  to continue on the next one.  No additional whitespace is
23          inserted before or after the ``\''.  Note that a line that is  split
24          using ``\'' character(s) is still considered a single line.
25
26          For example
27                 option:\
28                     value1 value2 \
29                        value3
30
31          is equivalent to
32                 option: value1 value2   value3
33
34          Blank lines and lines beginning with ``#'' are ignored.
35
36          For  boolean  and  enumerated  options,  the values ``yes'', ``on'',
37          ``t'', ``true'' and ``1'' turn the option  on,  the  values  ``no'',
38          ``off'', ``f'', ``false'' and ``0'' turn the option off.
39

FIELD DESCRIPTIONS

41          The  sections  below  detail  options  that  can  be  placed  in the
42          /etc/imapd.conf file, and show each option's  default  value.   Some
43          options   have  no  default  value,  these  are  listed  with  ``<no
44          default>''.  Some options default to the  empty  string,  these  are
45          listed with ``<none>''.
46
47          addressbookprefix: #addressbooks
48              The prefix for the addressbook mailboxes hierarchies.  The hier‐
49              archy delimiter will  be  automatically  appended.   The  public
50              addressbook  hierarchy  will  be  at  the toplevel of the shared
51              namespace.  A user's personal addressbook hierarchy  will  be  a
52              child of their Inbox.
53
54          admins: <empty string>
55              The  list  of userids with administrative rights.  Separate each
56              userid with a space.  Sites using  Kerberos  authentication  may
57              use separate "admin" instances.
58
59              Note  that  accounts used by users should not be administrators.
60              Administrative accounts should not receive mail.   That  is,  if
61              user "jbRo" is a user reading mail, he should not also be in the
62              admins line.  Some problems may occur  otherwise,  most  notably
63              the ability of administrators to create top-level mailboxes vis‐
64              ible to users, but not writable by users.
65
66          afspts_localrealms: <none>
67              The list of realms which are to be treated as  local,  and  thus
68              stripped  during  identifier  canonicalization  (for  the AFSPTS
69              ptloader module).  This is different from loginrealms in that it
70              occurs  later  in  the  authorization process (as the user id is
71              canonified for PTS lookup)
72
73          afspts_mycell: <none>
74              Cell to use for AFS PTS lookups.  Defaults to the local cell.
75
76          allowallsubscribe: 0
77              Allow subscription to nonexistent  mailboxes.   This  option  is
78              typically  used on backend servers in a Murder so that users can
79              subscribe to mailboxes that don't reside on their "home" server.
80              This  option  can  also be used as a workaround for IMAP clients
81              which don't play well with nonexistent or unselectable mailboxes
82              (e.g., Microsoft Outlook).
83
84          allowanonymouslogin: 0
85              Permit  logins by the user "anonymous" using any password.  Also
86              allows use of the SASL ANONYMOUS mechanism.
87
88          allowapop: 1
89              Allow use of the POP3 APOP authentication command.
90
91              Note that this command requires that SASL is compiled with  APOP
92              support,  that  the  plaintext passwords are available in a SASL
93              auxprop backend (e.g., sasldb), and that the system can  provide
94              enough  entropy  (e.g., from /dev/urandom) to create a challenge
95              in the banner.
96
97          allownewnews: 0
98              Allow use of the NNTP NEWNEWS command.
99
100              Note that this is a very expensive command and  should  only  be
101              enabled when absolutely necessary.
102
103          allowplaintext: 0
104              If enabled, allows the use of cleartext passwords on the wire.
105
106              By  default,  the  use of cleartext passwords requires a TLS/SSL
107              encryption layer to be negotiated prior to any cleartext authen‐
108              tication  mechanisms  being advertised or allowed.  To require a
109              TLS/SSL encryption layer to be negotiated prior to ANY authenti‐
110              cation, see the tls_required option.
111
112          allowusermoves: 0
113              Allow  moving  user  accounts  (with  associated  meta-data) via
114              RENAME or XFER.
115
116              Note that measures should be taken to make sure  that  the  user
117              being  moved is not logged in, and cannot login during the move.
118              Failure to do so may result in the user's meta-data (seen state,
119              subscriptions, etc) being corrupted or out of date.
120
121          altnamespace: 1
122              Use  the alternate IMAP namespace, where personal folders reside
123              at the same level in the hierarchy as INBOX.
124
125              This option ONLY applies where interaction takes place with  the
126              client/user.   Currently  this  is  limited to the IMAP protocol
127              (imapd) and Sieve scripts (lmtpd).  This option does  NOT  apply
128              to admin tools such as cyradm (admins ONLY), reconstruct, quota,
129              etc., NOR does it affect LMTP delivery of messages  directly  to
130              mailboxes  via plus-addressing.  The default changed in 3.0 from
131              off to on.
132
133          altprefix: Alt Folders
134              Alternative INBOX spellings that can't be accessed in  altnames‐
135              pace otherwise go under here
136
137          annotation_db: twoskip
138              The cyrusdb backend to use for mailbox annotations.
139
140              Allowed values: skiplist, twoskip, lmdb
141
142          annotation_db_path: <none>
143              The absolute path to the annotations db file.  If not specified,
144              will be configdirectory/annotations.db
145
146          anyoneuseracl: 1
147              Should non-admin users be allowed to set ACLs for  the  'anyone'
148              user on their mailboxes?  In a large organization this can cause
149              support problems, but it's enabled by default.
150
151          annotation_allow_undefined: 0
152              Allow clients to store values for entries which are not  defined
153              either by Cyrus or in the annotations_definitions file.
154
155          annotation_definitions: <none>
156              File containing external (third-party) annotation definitions.
157
158              Each  line of the file specifies the properties of an annotation
159              and has the following form:
160                 name, scope, attrib-type, proxy-type, attrib-names, acl
161
162              name   is the hierarchical name as in RFC 5257 or RFC  5464  (in
163                     the  latter  case,  without  the leading /shared or /pri‐
164                     vate).  For example, /vendor/acme/blurdybloop.
165
166              scope  specifies whether the annotation is  for  the  server,  a
167                     mailbox, or a message.
168
169              attrib-type
170                        specifies  the attribute data type, which is used only
171                        to check the string value passed by clients when  set‐
172                        ting annotations.  The attrib-type is one of:
173
174                     string any value is accepted.
175
176                     content-type
177                            this  obsolete  data  type,  which  was useful for
178                            early drafts of  the  standard,  is  accepted  but
179                            silently translated to string.
180
181                     boolean
182                            only  the  strings "true" or "false" are accepted.
183                            Checking is  case-insensitive  but  the  value  is
184                            forced to lowercase.
185
186                     int    integers are accepted.
187
188                     uint   non-negative integers are accepted.
189
190              proxy-type
191                     specifies  whether  this  attribute is for the backend or
192                     proxy servers or both (proxy_and_backend)
193
194              attrib-names
195                     is the space-separated list of available  attributes  for
196                     the    annotation.    Possible    attribute   names   are
197                     value.shared, value.priv, and value (which  permits  both
198                     value.priv  and value.shared).  The attribute names size,
199                     size.shared, and  size.priv  are  accepted  but  ignored;
200                     these attributes are automatically provided by the server
201                     if the corresponding value attribute is specified.   Some
202                     obsolete  attributes,  which were defined early drafts of
203                     the standard, are accepted and ignored with a warning.
204
205              extra-permissions
206                     is the extra ACL permission  bits  required  for  setting
207                     this  annotation,  in  standard  IMAP  ACL permission bit
208                     string format.  Note that this is in addition to the per‐
209                     mission bits specified in RFC 5257 and RFC 5464, so leav‐
210                     ing this field empty is harmless.  Note also  that  there
211                     is  no  way to specify that an annotation can only be set
212                     by an admin user; in particular the a permission bit does
213                     not achieve this.
214
215                     Blank lines and lines beginning with ``#'' are ignored.
216
217          annotation_callout: <none>
218              The  pathname of a callout to be used to automatically add anno‐
219              tations or flags to a message when it is appended to a  mailbox.
220              The  path can be either an executable (including a script), or a
221              UNIX domain socket.
222
223          aps_topic: <none>
224              Topic for Apple Push Service registration.
225
226          aps_topic_caldav: <none>
227              Topic for Apple Push Service registration for CalDAV.
228
229          aps_topic_carddav: <none>
230              Topic for Apple Push Service registration for CardDAV.
231
232          archive_enabled: 0
233              Is archiving enabled for this server.  You also need to have  an
234              archivepartition  for the mailbox.  Archiving allows older email
235              to be stored on slower, cheaper disks -  even  within  the  same
236              mailbox, as distinct from partitions.
237
238          archive_days: 7
239              The  number  of days after which to move messages to the archive
240              partition if archiving is enabled
241
242          archive_maxsize: 1024
243              The size in kilobytes of  the  largest  message  that  won't  be
244              archived immediately.  Default is 1Mb
245
246          archive_keepflagged: 0
247              If  set,  messages  with  the  \Flagged  system  flag  won't  be
248              archived, provided they are smaller than archive_maxsize.
249
250          archivepartition-name: <none>
251              The pathname of the archive  partition  name,  corresponding  to
252              spool  partition  partition-name.  For any mailbox residing in a
253              directory on  partition-name,  the  archived  messages  will  be
254              stored  in  a  corresponding directory on archivepartition-name.
255              Note that not every partition-name option is  strictly  required
256              to  have  a corresponding archivepartition-name option, but that
257              without one there's no benefit to enabling archiving.
258
259          auditlog: 0
260              Should cyrus output log entries for every action taken on a mes‐
261              sage  file  or  mailboxes list entry?  It's noisy so disabled by
262              default, but can be very useful for tracking down what  happened
263              if things look strange
264
265          auth_mech: unix
266              The authorization mechanism to use.
267
268              Allowed values: unix, pts, krb, krb5
269
270          autocreateinboxfolders: <none>
271              Deprecated in favor of autocreate_inbox_folders.
272
273          autocreatequota: 0
274              Deprecated in favor of autocreate_quota.
275
276          autocreatequotamsg: -1
277              Deprecated in favor of autocreate_quota_messages.
278
279          autosievefolders: <none>
280              Deprecated in favor of autocreate_sieve_folders.
281
282          generate_compiled_sieve_script: 0
283              Deprecated in favor of autocreate_sieve_script_compile.
284
285          autocreate_sieve_compiled_script: <none>
286              Deprecated in favor of autocreate_sieve_script_compiled.
287
288          autosubscribeinboxfolders: <none>
289              Deprecated in favor of autocreate_subscribe_folders.
290
291          autosubscribesharedfolders: <none>
292              Deprecated in favor of autocreate_subscribe_sharedfolders.
293
294          autosubscribe_all_sharedfolders: 0
295              Deprecated in favor of autocreate_subscribe_sharedfolders_all.
296
297          autocreate_inbox_folders: <none>
298              If a user does not have an INBOX already, and the INBOX is to be
299              created, create the list of folders in  this  setting  as  well.
300              autocreate_inbox_folders  is  a list of INBOX's subfolders sepa‐
301              rated by a "|", that are automatically  created  by  the  server
302              under  the  following two scenarios. Leading and trailing white‐
303              space is stripped, so "Junk | Trash"  results  in  two  folders:
304              "Junk" and "Trash".  See also the xlist-flag option, for setting
305              special-use flags on autocreated folders.
306
307              INBOX folders are created under both the following conditions:
308
309              1. The user logins via the IMAP or the POP3 protocol.   autocre‐
310                 ate_quota option must have a value of zero or greater.
311
312              2. A   message  arrives  for  the  user  through  the  lmtpd(8).
313                 autocreate_post option must be enabled.
314
315          autocreate_post: 0
316              If enabled, when lmtpd(8) receives an incoming mail for an INBOX
317              that  does not exist, then the INBOX is automatically created by
318              lmtpd(8) and delivery of the message continues.
319
320          autocreate_quota: -1
321              If set to a value of zero or  higher,  users  have  their  INBOX
322              folders  created  upon a successful login event or upon lmtpd(8)
323              message delivery if autocreate_post is enabled,  provided  their
324              INBOX did not yet already exist.
325
326              The user's quota is set to the value if it is greater than zero,
327              otherwise the user has unlimited quota.
328
329              Note that quota is specified in kilobytes.
330
331          autocreate_quota_messages: -1
332              If set to a value of zero or higher, users who have their  INBOX
333              folders  created  upon  a  successful  login event (see autocre‐
334              ate_quota), or upon lmtpd(8) message delivery if autocreate_post
335              is enabled, receive the message quota configured in this option.
336
337              The default of -1 disables assigning message quota.
338
339              For  consistency  with  autocreate_quota,  a  value  of  zero is
340              treated as unlimited message quota, rather than a message  quota
341              of zero.
342
343          autocreate_sieve_folders: <none>
344              A  "|"  separated list of subfolders of INBOX that will be auto‐
345              matically created, if requested by a sieve filter,  through  the
346              "fileinto" action. The default is to create no folders automati‐
347              cally.
348
349              Leading and trailing whitespace is stripped from each folder, so
350              a  setting of "Junk | Trash" will create two folders: "Junk" and
351              "Trash".
352
353          autocreate_sieve_script: <none>
354              The full path of a file  that  contains  a  sieve  script.  This
355              script automatically becomes a user's initial default sieve fil‐
356              ter script.
357
358              When this option is not defined, no default sieve filter is cre‐
359              ated.  The file must be readable by the Cyrus daemon.
360
361          autocreate_sieve_script_compile: 0
362              If  set  to  yes  and  no compiled sieve script file exists, the
363              sieve script which is compiled on the fly will be saved  in  the
364              file name that autocreate_sieve_compiledscript option points to.
365              In  order  a  compiled  script   to   be   generated,   autocre‐
366              ate_sieve_script  and  autocreate_sieve_compiledscript must have
367              valid values
368
369          autocreate_sieve_script_compiled: <none>
370              The full path of a file that contains  a  compiled  in  bytecode
371              sieve script. This script automatically becomes a user's initial
372              default sieve filter script.  If this option is  not  specified,
373              or  the  filename  doesn't  exist  then  the  script  defined by
374              autocreate_sieve_script is compiled on the fly and installed  as
375              the user's default sieve script
376
377          autocreate_subscribe_folders: <none>
378              A  list  of  folder  names, separated by "|", that the users get
379              automatically subscribed to, when their INBOX is created.  These
380              folder names must have been included in the autocreateinboxfold‐
381              ers option of the imapd.conf.
382
383          autocreate_subscribe_sharedfolders: <none>
384              A list of shared folders (bulletin boards),  separated  by  "|",
385              that  the  users  get  automatically  subscribed to, after their
386              INBOX is created. The shared folder must have been  created  and
387              the user must have the required permissions to get subscribed to
388              it. Otherwise, subscribing to the shared folder fails.
389
390          autocreate_subscribe_sharedfolders_all: 0
391              If set to yes, the  user  is  automatically  subscribed  to  all
392              shared folders, one has permission to subscribe to.
393
394          autocreate_users: anyone
395              A  space  separated list of users and/or groups that are allowed
396              their INBOX to be automatically created.
397
398          backuppartition-name: <none>
399              The pathname of the backup partition name.  At least one  backup
400              partition  pathname  MUST  be  specified  if backups are in use.
401              Note that there is no relationship between spool partitions  and
402              backup partitions.
403
404          backup_compact_minsize: 0
405              The  minimum  size  in  kilobytes of chunks in each backup.  The
406              compact tool will  try  to  combine  adjacent  chunks  that  are
407              smaller than this.
408
409              Setting  this  value  to  zero or negative disables combining of
410              chunks.
411
412          backup_compact_maxsize: 0
413              The maximum size in kilobytes of chunks  in  each  backup.   The
414              compact  tool  will  try  to  split chunks larger than this into
415              smaller chunks.
416
417              Setting this value to zero or  negative  disables  splitting  of
418              chunks.
419
420          backup_compact_work_threshold: 1
421              The  number of chunks that must obviously need compaction before
422              the compact tool will go ahead with the compaction.  If  set  to
423              less than one, the value is treated as being one.
424
425          backup_staging_path: <none>
426              The absolute path of the backup staging area.  If not specified,
427              will be temp_path/backup
428
429          backup_retention_days: 7
430              The number of days to keep content in backup after it  has  been
431              deleted  from  the  source.  If set to a negative value or zero,
432              deleted content will be kept indefinitely.
433
434          backup_db: twoskip
435              The cyrusdb backend to use for the backup locations database.
436
437              Allowed values: skiplist, sql, twoskip, lmdb
438
439          backup_db_path: <none>
440              The absolute path to the backup db file.  If not specified, will
441              be configdirectory/backups.db
442
443          backup_keep_previous: 0
444              Whether the ctl_backups compact and ctl_backups reindex commands
445              should preserve the original file.  The original  file  will  be
446              named  with  a  timestamped  suffix.   This is mostly useful for
447              debugging.
448
449              Note that with this enabled, compacting a backup  will  actually
450              increase the disk used by it (because there will now be an extra
451              copy: the original version, and the compacted version).
452
453          boundary_limit: 1000
454              messages are parsed recursively and a deep enough MIME structure
455              can  cause a stack overflow.  Do not parse deeper than this many
456              layers of MIME structure.  The default of 1000  is  much  higher
457              than any sane message should have.
458
459          caldav_allowattach: 1
460              Enable managed attachments support on the caldav server.
461
462          caldav_allowscheduling: on
463              Enable  calendar  scheduling  operations. If set to "apple", the
464              server will emulate Apple CalendarServer behavior as closely  as
465              possible.  Allowed values: off, on, apple
466
467          caldav_create_attach: 1
468              Create the 'Attachments' calendar if it doesn't already exist
469
470          caldav_create_default: 1
471              Create the 'Default' calendar if it doesn't already exist
472
473          caldav_create_sched: 1
474              Create  the 'Inbox' and 'Outbox' calendars if they don't already
475              exist
476
477          caldav_maxdatetime: 20380119T031407Z
478              The latest date and time accepted by the  server  (ISO  format).
479              This value is also used for expanding non-terminating recurrence
480              rules.
481
482              Note that increasing this value will require the  DAV  databases
483              for calendars to be reconstructed with the dav_reconstruct util‐
484              ity in order to see its effect on serer-side time-based queries.
485
486          caldav_mindatetime: 19011213T204552Z
487              The earliest date and time accepted by the server (ISO format).
488
489          caldav_realm: <none>
490              The  realm  to  present  for  HTTP  authentication   of   CalDAV
491              resources.   If not set (the default), the value of the "server‐
492              name" option will be used.
493
494          calendarprefix: #calendars
495              The prefix for the calendar mailboxes hierarchies.  The  hierar‐
496              chy delimiter will be automatically appended.  The public calen‐
497              dar hierarchy will be at the toplevel of the  shared  namespace.
498              A  user's  personal  calendar hierarchy will be a child of their
499              Inbox.
500
501          calendar_user_address_set: <none>
502              Space-separated list of domains corresponding to  calendar  user
503              addresses  for which the server is responsible.  If not set (the
504              default), the value of the "servername" option will be used.
505
506          carddav_realm: <none>
507              The  realm  to  present  for  HTTP  authentication  of   CardDAV
508              resources.   If not set (the default), the value of the "server‐
509              name" option will be used.
510
511          carddav_repair_vcard: 0
512              If enabled, VCARDs with invalid  content  are  attempted  to  be
513              repaired during creation.
514
515          chatty: 0
516              If  yes,  syslog tags and commands for every IMAP command, mail‐
517              boxes for every lmtp connection, every POP3 command, etc
518
519          client_bind: 0
520              If enabled, a specific IP will be bound when performing a client
521              connection.   client_bind_name  is  used if it is set, otherwise
522              servername is used.  This is useful on multi-homed servers where
523              Cyrus should not use other services' interfaces.
524
525              If not enabled (the default), no bind will be performed.  Client
526              connections will use an IP chosen by the operating system.
527
528          client_bind_name: <none>
529              IPv4, IPv6 address or hostname to bind  for  client  connections
530              when  client_bind is enabled.  If not set (the default), server‐
531              name will be used.
532
533          client_timeout: 10
534              Number of seconds to wait before  returning  a  timeout  failure
535              when  performing a client connection (e.g., in a murder environ‐
536              ment)
537
538          commandmintimer: <none>
539              Time in seconds. Any imap command that takes  longer  than  this
540              time is logged.
541
542          configdirectory: <none>
543              The pathname of the IMAP configuration directory.  This field is
544              required.
545
546          createonpost: 0
547              Deprecated in favor of autocreate_post.
548
549          conversations: 0
550              Enable  the  XCONVERSATIONS  extensions.   Extract  conversation
551              tracking  information  from  incoming messages and track them in
552              per-user databases.
553
554          conversations_counted_flags: <none>
555              space-separated list of flags for which per-conversation  counts
556              will  be  kept.  Note that you need to reconstruct the conversa‐
557              tions database  with  ctl_conversationsdb  if  you  change  this
558              option on a running server, or the counts will be wrong.
559
560          conversations_db: skiplist
561              The  cyrusdb backend to use for the per-user conversations data‐
562              base.
563
564              Allowed values: skiplist, sql, twoskip, lmdb
565
566          conversations_expire_days: 90
567              How long the conversations database keeps the  message  tracking
568              information  needed  for receiving new messages in existing con‐
569              versations, in days.
570
571          crossdomains: 0
572              Enable cross domain sharing.  This works best with alt namespace
573              and   unix   hierarchy   separators   on,   so   you  get  Other
574              Users/foo@example.com/...
575
576          crossdomains_onlyother: 0
577              only show the domain for users in other domains  than  your  own
578              (for backwards compatibility if you're already sharing
579
580          cyrus_group: <none>
581              The  name  of the group Cyrus services will run as.  If not con‐
582              figured, the primary group of cyrus_user will be  used.  Can  be
583              further overridden by setting the $CYRUS_GROUP environment vari‐
584              able.
585
586          cyrus_user: <none>
587              The username to use as the 'cyrus' user.  If not configured, the
588              compile  time default will be used. Can be further overridden by
589              setting the $CYRUS_USER environment variable.
590
591          davdriveprefix: #drive
592              The prefix for the DAV storage mailboxes hierarchies.  The hier‐
593              archy  delimiter  will  be  automatically  appended.  The public
594              storage hierarchy will be at the toplevel of the  shared  names‐
595              pace.   A  user's  personal storage hierarchy will be a child of
596              their Inbox.
597
598          davnotificationsprefix: #notifications
599              The prefix for the DAV notifications hierarchy.   The  hierarchy
600              delimiter  will be automatically appended.  The public notifica‐
601              tions hierarchy will be at the toplevel of the shared namespace.
602              A  user's  personal  notifications  hierarchy will be a child of
603              their Inbox.
604
605          dav_realm: <none>
606              The realm to present for  HTTP  authentication  of  generic  DAV
607              resources  (principals).  If not set (the default), the value of
608              the "servername" option will be used.
609
610          debug_command: <none>
611              Debug command to be used by processes started  with  -D  option.
612              The  string  is a C format string that gets 3 options: the first
613              is the name of the executable (without path).  The second is the
614              pid  (integer)  and  the  third  is  the  service  ID.  Example:
615              /usr/local/bin/gdb /usr/cyrus/bin/%s %d
616
617          defaultacl: anyone lrs
618              The  Access  Control  List  (ACL)  placed  on  a   newly-created
619              (non-user) mailbox that does not have a parent mailbox.
620
621          defaultdomain: internal
622              The default domain for virtual domain support
623
624          defaultpartition: <none>
625              The  partition  name  used by default for new mailboxes.  If not
626              specified, the partition with the most free space will  be  used
627              for new mailboxes.
628
629              Note  that  the  partition specified by this option must also be
630              specified as partition-name, where you substitute 'name' for the
631              alphanumeric string you set defaultpartition to.
632
633          defaultsearchtier: <empty string>
634              Name  of  the  default  tier  that  messages will be indexed to.
635              Search indexes can be organized in tiers to allow index  storage
636              in different directories and physical media. See the man page of
637              squatter for details. The default search tier also requires  the
638              definition of an according searchtierpartition-name entry.
639
640              This option MUST be specified for xapian search.
641
642          defaultserver: <none>
643              The  backend  server name used by default for new mailboxes.  If
644              not specified, the server with the most free space will be  used
645              for new mailboxes.
646
647          deletedprefix: DELETED
648              With  delete_mode  set  to  delayed,  the  deletedprefix setting
649              defines the prefix for the hierarchy of deleted mailboxes.
650
651              The hierarchy delimiter will be automatically appended.
652
653          delete_mode: delayed
654              The manner in  which  mailboxes  are  deleted.  In  the  default
655              delayed  mode, mailboxes that are being deleted are renamed to a
656              special mailbox hierarchy under the deletedprefix, to be removed
657              later by cyr_expire(8).
658
659              In  immediate  mode,  the mailbox is removed from the filesystem
660              immediately.
661
662              Allowed values: immediate, delayed
663
664          delete_unsubscribe: 0
665              Whether  to  also  unsubscribe  from  mailboxes  when  they  are
666              deleted.   Note that this behaviour contravenes RFC 3501 section
667              6.3.9, but may be useful for avoiding user/client software  con‐
668              fusion.  The default is 'no'.
669
670          deleteright: c
671              Deprecated - only used for backwards compatibility with existing
672              installations.  Lists the old RFC 2086 right which was  used  to
673              grant  the  user the ability to delete a mailbox.  If a user has
674              this right, they will automatically be given the new 'x' right.
675
676          disable_user_namespace: 0
677              Preclude list command on user namespace.  If set to  'yes',  the
678              LIST  response  will  never  include  any  other user's mailbox.
679              Admin users will always see all mailboxes.  The default is 'no'
680
681          disable_shared_namespace: 0
682              Preclude list command on shared namespace.  If set to 'yes', the
683              LIST  response will never include any non-user mailboxes.  Admin
684              users will always see all mailboxes.  The default is 'no'
685
686          disconnect_on_vanished_mailbox: 0
687              If enabled, IMAP/POP3/NNTP clients will be disconnected  by  the
688              server if the currently selected mailbox is (re)moved by another
689              session.  Otherwise, the missing mailbox  is  treated  as  empty
690              while in use by the client.
691
692          ischedule_dkim_domain: <none>
693              The domain to be reported as doing iSchedule DKIM signing.
694
695          ischedule_dkim_key_file: <none>
696              File containing the private key for iSchedule DKIM signing.
697
698          ischedule_dkim_selector: <none>
699              Name  of  the  selector  subdividing the domain namespace.  This
700              specifies the actual key used for iSchedule DKIM signing  within
701              the domain.
702
703          duplicate_db: twoskip
704              The  cyrusdb  backend to use for the duplicate delivery suppres‐
705              sion and sieve.  Allowed values: skiplist, sql, twoskip, lmdb
706
707          duplicate_db_path: <none>
708              The absolute path to the duplicate db file.  If  not  specified,
709              will be configdirectory/deliver.db
710
711          duplicatesuppression: 1
712              If enabled, lmtpd will suppress delivery of a message to a mail‐
713              box if a message with the same message-id (or resent-message-id)
714              is  recorded  as  having  already been delivered to the mailbox.
715              Records the mailbox and message-id/resent-message-id of all suc‐
716              cessful deliveries.
717
718          event_content_inclusion_mode: standard
719              The  mode  in  which  message  content may be included with Mes‐
720              sageAppend and MessageNew. "standard" mode is the default behav‐
721              ior in which message is included up to a size with the notifica‐
722              tion. In "message" mode, the message  is  included  and  may  be
723              truncated to a size. In "header" mode, it includes headers trun‐
724              cated to a size. In "body" mode, it includes body truncated to a
725              size.  In  "headerbody"  mode, it includes full headers and body
726              truncated to a size Allowed values: standard,  message,  header,
727              body, headerbody
728
729          event_content_size: 0
730              Truncate  the  message  content  that  may be included with Mes‐
731              sageAppend and MessageNew. Set 0 to include the  entire  message
732              itself
733
734          event_exclude_flags: <none>
735              Don't send event notification for given IMAP flag(s)
736
737          event_exclude_specialuse: \Junk
738              Don't  send event notification for folder with given special-use
739              attributes.  Set ALL for any folder
740
741          event_extra_params: timestamp
742              Space-separated list of extra parameters to add to any appropri‐
743              ated event.
744
745              Allowed    values:   bodyStructure,   clientAddress,   diskUsed,
746              flagNames, messageContent, messageSize, messages,  modseq,  ser‐
747              vice,  timestamp,  uidnext,  vnd.cmu.midset,  vnd.cmu.unseenMes‐
748              sages, vnd.cmu.envelope, vnd.cmu.sessionId,  vnd.cmu.mailboxACL,
749              vnd.cmu.mbtype,  vnd.cmu.davFilename,  vnd.cmu.davUid, vnd.fast‐
750              mail.clientId, vnd.fastmail.sessionId,  vnd.fastmail.convExists,
751              vnd.fastmail.convUnseen, vnd.fastmail.cid, vnd.fastmail.counters
752
753          event_groups: message mailbox
754              Space-separated  list  of  groups  of  related events to turn on
755              notification
756
757              Allowed values: message, quota,  flags,  access,  mailbox,  sub‐
758              scription, calendar, applepushservice
759
760          event_notifier: <none>
761              Notifyd(8)  method  to  use  for "EVENT" notifications which are
762              based on the RFC 5423.  If not set,  "EVENT"  notifications  are
763              disabled.
764
765          expunge_mode: delayed
766              The  mode  in  which  messages  (and  their  corresponding cache
767              entries) are expunged.  "default" mode is the  old  behavior  in
768              which  the  message files are purged at the time of the EXPUNGE,
769              but index and cache records are retained to facilitate  QRESYNC.
770              (Note  that  this  behaviour is no longer the default, but is so
771              named for historical reasons.)  In "delayed" mode, which is  the
772              default  since Cyrus 2.5.0, the message files are also retained,
773              allowing unexpunge to rescue them.  In  "immediate"  mode,  both
774              the  message  files and the index records are removed as soon as
775              possible.  In all cases, nothing will be  finally  purged  until
776              all other processes have closed the mailbox to ensure they never
777              see data disappear under them.  In "default" or "delayed"  mode,
778              a  later run of "cyr_expire" will clean out the retained records
779              (and possibly message files).  This reduces the  amount  of  I/O
780              that  takes  place  at  the time of EXPUNGE and should result in
781              greater responsiveness for the client, especially when expunging
782              a large number of messages.  Allowed values: default, immediate,
783              delayed
784
785          failedloginpause: 3
786              Number of seconds to pause after a failed login.
787
788          flushseenstate: 1
789              Deprecated. No longer used
790
791          foolstupidclients: 0
792              If enabled, only list the personal namespace when a LIST "*"  is
793              performed (it changes the request to a LIST "INBOX*").
794
795          force_sasl_client_mech: <none>
796              Force preference of a given SASL mechanism for client side oper‐
797              ations (e.g., murder environments).  This is separate from  (and
798              overridden  by)  the  ability  to use the <host shortname>_mechs
799              option to set preferred mechanisms for a specific host
800
801          fulldirhash: 0
802              If enabled, uses an  improved  directory  hashing  scheme  which
803              hashes  on  the  entire username instead of using just the first
804              letter as the hash.  This changes hash algorithm used for  quota
805              and user directories and if hashimapspool is enabled, the entire
806              mail spool.
807
808              Note that this option CANNOT be changed on a live  system.   The
809              server  must be quiesced and then the directories moved with the
810              rehash utility.
811
812          hashimapspool: 0
813              If enabled, the partitions will also be hashed, in  addition  to
814              the  hashing  done on configuration directories.  This is recom‐
815              mended if one partition has a very bushy mailbox tree.
816
817          debug: 0
818              If enabled, allow syslog() to pass LOG_DEBUG messages.
819
820          hostname_mechs: <none>
821              Force a particular list of  SASL  mechanisms  to  be  used  when
822              authenticating to the backend server hostname (where hostname is
823              the short hostname of the server in  question).  If  it  is  not
824              specified  it will query the server for available mechanisms and
825              pick one to use. - Cyrus Murder
826
827          hostname_password: <none>
828              The password to use for authentication  to  the  backend  server
829              hostname  (where hostname is the short hostname of the server) -
830              Cyrus Murder
831
832          httpallowcompress: 1
833              If enabled, the server will compress response  payloads  if  the
834              client  indicates  that  it can accept them.  Note that the com‐
835              pressed data will appear in telemetry  logs,  leaving  only  the
836              response headers as human-readable.
837
838          httpallowcors: <none>
839              A  wildmat  pattern  specifying  a  list of origin URIs ( scheme
840              "://" host [ ":" port ] ) that are allowed to make  Cross-Origin
841              Resource  Sharing  (CORS)  requests  on the server.  By default,
842              CORS requests are disabled.
843
844              Note that the scheme and host should both be lowercase, the port
845              should  be  omitted  if using the default for the scheme (80 for
846              http, 443 for https), and there should be no trailing '/' (e.g.:
847              "http://www.example.com:8080", "https://example.org").
848
849          httpallowtrace: 0
850              Allow use of the TRACE method.
851
852              Note that sensitive data might be disclosed by the response.
853
854          httpallowedurls: <none>
855              Space-separated  list  of relative URLs (paths) rooted at "http‐
856              docroot" (see below) to be served by httpd.  If set, this option
857              will  limit  served static content to only those paths specified
858              (returning "404 Not Found" to any other client requested  URLs).
859              Otherwise, httpd will serve any content found in "httpdocroot".
860
861              Note  that  any  path specified by "rss_feedlist_template" is an
862              exception to this rule.
863
864          httpcontentmd5: 0
865              If enabled, HTTP responses will include a Content-MD5 header for
866              the  purpose  of providing an end-to-end message integrity check
867              (MIC) of the payload body.  Note that enabling this option  will
868              use  additional  CPU  to  generate  the MD5 digest, which may be
869              ignored by clients anyways.
870
871          httpdocroot: <none>
872              If set, http will serve the static  content  (html/text/jpeg/gif
873              files, etc) rooted at this directory.  Otherwise, httpd will not
874              serve any static content.
875
876          httpkeepalive: 20
877              Set the length of the HTTP server's keepalive heartbeat in  sec‐
878              onds.   The  default  is 20.  The minimum value is 0, which will
879              disable the keepalive heartbeat.  When  enabled,  if  a  request
880              takes  longer  than httpkeepalive seconds to process, the server
881              will send the client provisional responses  every  httpkeepalive
882              seconds until the final response can be sent
883
884          httpmodules: <empty string>
885              Space-separated  list  of  HTTP  modules that will be enabled in
886              httpd(8).  This option has no effect on modules  that  are  dis‐
887              abled  at  compile  time due to missing dependencies (e.g. libi‐
888              cal).
889
890              Note that "domainkey" depends on "ischedule" being enabled,  and
891              that  both  "freebusy"  and "ischedule" depend on "caldav" being
892              enabled.  Allowed values:  admin,  caldav,  carddav,  domainkey,
893              freebusy, ischedule, rss, tzdist, webdav
894
895          httpprettytelemetry: 0
896              If  enabled,  HTTP  response payloads including server-generated
897              markup languages (HTML, XML) will utilize line breaks and inden‐
898              tation  to  promote  better human-readability in telemetry logs.
899              Note that enabling this option will increase the amount of  data
900              sent across the wire.
901
902          httptimeout: 5
903              Set the length of the HTTP server's inactivity autologout timer,
904              in minutes.  The default is 5.  The minimum value  is  0,  which
905              will disable persistent connections.
906
907          idlesocket: {configdirectory}/socket/idle
908              Unix domain socket that idled listens on.
909
910          ignorereference: 0
911              For  backwards  compatibility  with  Cyrus 1.5.10 and earlier --
912              ignore the reference argument in LIST or LSUB commands.
913
914          imapidlepoll: 60
915              The interval (in seconds) for polling for  mailbox  changes  and
916              ALERTs while running the IDLE command.  This option is used when
917              idled is not enabled or cannot be contacted.  The minimum  value
918              is 1.  A value of 0 will disable IDLE.
919
920          imapidresponse: 1
921              If  enabled, the server responds to an ID command with a parame‐
922              ter list containing: version, vendor, support-url,  os,  os-ver‐
923              sion,  command,  arguments,  environment.   Otherwise the server
924              returns NIL.
925
926          imapmagicplus: 0
927              Only list a restricted  set  of  mailboxes  via  IMAP  by  using
928              userid+namespace  syntax as the authentication/authorization id.
929              Using userid+ (with an empty  namespace)  will  list  only  sub‐
930              scribed mailboxes.
931
932          imipnotifier: <none>
933              Notifyd(8)  method  to  use  for  "IMIP" notifications which are
934              based on the RFC 6047.  If not  set,  "IMIP"  notifications  are
935              disabled.
936
937          implicit_owner_rights: lkxa
938              The  implicit Access Control List (ACL) for the owner of a mail‐
939              box.
940
941          @include: <none>
942              Directive which includes the specified file as part of the  con‐
943              figuration.  If the path to the file is not absolute, CYRUS_PATH
944              is prepended.
945
946          improved_mboxlist_sort: 0
947              If enabled, a special comparator will be used  which  will  cor‐
948              rectly  sort  mailbox  names that contain characters such as ' '
949              and '-'.
950
951              Note that this option SHOULD NOT be changed on  a  live  system.
952              The  mailboxes  database  should be dumped (ctl_mboxlist) before
953              the option is changed, removed, and then undumped after changing
954              the  option.   When  not  using flat files for the subscriptions
955              databases the same has to be done  (cyr_dbtool)  for  each  sub‐
956              scription database See improved_mboxlist_sort.html.
957
958          internaldate_heuristic: standard
959              Mechanism  to  determine  email internaldates on delivery/recon‐
960              struct.  "standard" uses time() when delivering a message, mtime
961              on reconstruct.  "receivedheader" looks at the top most Received
962              header  or  time/mtime  otherwise  Allowed   values:   standard,
963              receivedheader
964
965          iolog: 0
966              Should cyrus output I/O log entries
967
968          ldap_authz: <none>
969              SASL authorization ID for the LDAP server
970
971          ldap_base: <empty string>
972              Contains the LDAP base dn for the LDAP ptloader module
973
974          ldap_bind_dn: <none>
975              Bind DN for the connection to the LDAP server (simple bind).  Do
976              not use for anonymous simple binds
977
978          ldap_deref: never
979              Specify how aliases dereferencing is handled during search.
980
981              Allowed values: search, find, always, never
982
983          ldap_domain_base_dn: <empty string>
984              Base DN to search for domain name spaces.
985
986          ldap_domain_filter:  (&(objectclass=domainrelatedobject)(associated‐
987          domain=%s))
988              Filter to use searching for domains
989
990          ldap_domain_name_attribute: associateddomain
991              The attribute name for domains.
992
993          ldap_domain_scope: sub
994              Search scope
995
996              Allowed values: sub, one, base
997
998          ldap_domain_result_attribute: inetdomainbasedn
999              Result attribute
1000
1001          ldap_filter: (uid=%u)
1002              Specify  a filter that searches user identifiers.  The following
1003              tokens can be used in the filter string:
1004
1005              %%   = % %u   = user %U   = user portion of %u (%U =  test  when
1006              %u  =  test@domain.tld) %d   = domain portion of %u if available
1007              (%d = domain.tld when %u = %test@domain.tld), otherwise same  as
1008              %r %D   = user dn.  (use when ldap_member_method: filter) %1-9 =
1009              domain tokens (%1 = tld, %2 = domain when %d = domain.tld)
1010
1011              ldap_filter is not used when ldap_sasl is enabled.
1012
1013          ldap_group_base: <empty string>
1014              LDAP base dn for ldap_group_filter.
1015
1016          ldap_group_filter: (cn=%u)
1017              Specify a filter  that  searches  for  group  identifiers.   See
1018              ldap_filter for more options.
1019
1020          ldap_group_scope: sub
1021              Specify search scope for ldap_group_filter.
1022
1023              Allowed values: sub, one, base
1024
1025          ldap_id: <none>
1026              SASL authentication ID for the LDAP server
1027
1028          ldap_mech: <none>
1029              SASL mechanism for LDAP authentication
1030
1031          ldap_user_attribute: <none>
1032              Specify LDAP attribute to use as canonical user id
1033
1034          ldap_member_attribute: <none>
1035              See ldap_member_method.
1036
1037          ldap_member_base: <empty string>
1038              LDAP base dn for ldap_member_filter.
1039
1040          ldap_member_filter: (member=%D)
1041              Specify   a   filter   for  "ldap_member_method:  filter".   See
1042              ldap_filter for more options.
1043
1044          ldap_member_method: attribute
1045              Specify a group method.  The "attribute" method retrieves groups
1046              from   a   multi-valued   attribute   specified   in   ldap_mem‐
1047              ber_attribute.
1048
1049              The "filter" method uses a filter, specified by ldap_member_fil‐
1050              ter,  to  find  groups;  ldap_member_attribute is a single-value
1051              attribute group name.  Allowed values: attribute, filter
1052
1053          ldap_member_scope: sub
1054              Specify search scope for ldap_member_filter.
1055
1056              Allowed values: sub, one, base
1057
1058          ldap_password: <none>
1059              Password for the connection to the LDAP server (SASL and  simple
1060              bind).  Do not use for anonymous simple binds
1061
1062          ldap_realm: <none>
1063              SASL realm for LDAP authentication
1064
1065          ldap_referrals: 0
1066              Specify whether or not the client should follow referrals.
1067
1068          ldap_restart: 1
1069              Specify  whether  or  not  LDAP I/O operations are automatically
1070              restarted if they abort prematurely.
1071
1072          ldap_sasl: 1
1073              Use SASL for LDAP binds in the LDAP PTS module.
1074
1075          ldap_sasl_authc: <none>
1076              Deprecated.  Use ldap_id
1077
1078          ldap_sasl_authz: <none>
1079              Deprecated.  Use ldap_authz
1080
1081          ldap_sasl_mech: <none>
1082              Deprecated.  Use ldap_mech
1083
1084          ldap_sasl_password: <none>
1085              Deprecated.  User ldap_password
1086
1087          ldap_sasl_realm: <none>
1088              Deprecated.  Use ldap_realm
1089
1090          ldap_scope: sub
1091              Specify search scope.
1092
1093              Allowed values: sub, one, base
1094
1095          ldap_servers: ldap://localhost/
1096              Deprecated.  Use ldap_uri
1097
1098          ldap_size_limit: 1
1099              Specify a number of entries for a search request to return.
1100
1101          ldap_start_tls: 0
1102              Use transport layer security for ldap:// using STARTTLS. Do  not
1103              use ldaps:// in 'ldap_uri' with this option enabled.
1104
1105          ldap_time_limit: 5
1106              Specify a number of seconds for a search request to complete.
1107
1108          ldap_timeout: 5
1109              Specify a number of seconds a search can take before timing out.
1110
1111          ldap_ca_dir: <none>
1112              Path  to  a  directory  with CA (Certificate Authority) certifi‐
1113              cates.
1114
1115          ldap_ca_file: <none>
1116              Patch to a file containing CA (Certificate  Authority)  certifi‐
1117              cate(s).
1118
1119          ldap_ciphers: <none>
1120              List  of  SSL/TLS ciphers to allow.  The format of the string is
1121              described in ciphers(1).
1122
1123          ldap_client_cert: <none>
1124              File containing the client certificate.
1125
1126          ldap_client_key: <none>
1127              File containing the private client key.
1128
1129          ldap_verify_peer: 0
1130              Require and verify server certificate.  If this option  is  yes,
1131              you must specify ldap_ca_file or ldap_ca_dir.
1132
1133          ldap_tls_cacert_dir: <none>
1134              Deprecated in favor of ldap_ca_dir.
1135
1136          ldap_tls_cacert_file: <none>
1137              Deprecated in favor of ldap_ca_file.
1138
1139          ldap_tls_cert: <none>
1140              Deprecated in favor of ldap_client_cert.
1141
1142          ldap_tls_key: <none>
1143              Deprecated in favor of ldap_client_key.
1144
1145          ldap_tls_check_peer: 0
1146              Deprecated in favor of ldap_verify_peer.
1147
1148          ldap_tls_ciphers: <none>
1149              Deprecated in favor of ldap_ciphers.
1150
1151          ldap_uri: <none>
1152              Contains  a  list of the URLs of all the LDAP servers when using
1153              the LDAP PTS module.
1154
1155          ldap_version: 3
1156              Specify the LDAP protocol  version.   If  ldap_start_tls  and/or
1157              ldap_use_sasl  are  enabled,  ldap_version will be automatically
1158              set to 3.
1159
1160          literalminus: 0
1161              if enabled, CAPABILITIES will reply with  LITERAL-  rather  than
1162              LITERAL+  (RFC  7888).   Doesn't  actually size-restrict uploads
1163              though
1164
1165          lmtp_downcase_rcpt: 1
1166              If enabled, lmtpd will convert the recipient addresses to lower‐
1167              case (up to a '+' character, if present).
1168
1169          lmtp_fuzzy_mailbox_match: 0
1170              If  enabled, and the mailbox specified in the detail part of the
1171              recipient (everything after the '+') does not exist, lmtpd  will
1172              try  to  find  the closest match (ignoring case, ignoring white‐
1173              space, falling back to parent) to the specified mailbox name.
1174
1175          lmtp_over_quota_perm_failure: 0
1176              If enabled, lmtpd returns a permanent failure code when a user's
1177              mailbox  is  over  quota.  By default, the failure is temporary,
1178              causing the MTA to queue the message and retry later.
1179
1180          lmtp_strict_quota: 0
1181              If enabled, lmtpd returns a failure code when the incoming  mes‐
1182              sage  will  cause  the  user's  mailbox to exceed its quota.  By
1183              default, the failure won't occur until the  mailbox  is  already
1184              over quota.
1185
1186          lmtp_strict_rfc2821: 1
1187              By  default, lmtpd will be strict (per RFC 2821) with regards to
1188              which envelope addresses are allowed.  If this option is set  to
1189              false,  8bit  characters in the local-part of envelope addresses
1190              are changed to 'X' instead.  This is useful to avoid  generating
1191              backscatter  with certain MTAs like Postfix or Exim which accept
1192              such messages.
1193
1194          lmtpsocket: {configdirectory}/socket/lmtp
1195              Unix domain socket that lmtpd listens on,  used  by  deliver(8).
1196              This should match the path specified in cyrus.conf(5).
1197
1198          lmtptxn_timeout: 300
1199              Timeout  (in seconds) used during a lmtp transaction to a remote
1200              backend (e.g. in a murder environment).  Can be used to  prevent
1201              hung  lmtpds  on proxy hosts when a backend server becomes unre‐
1202              sponsive during a lmtp transaction.  The default is 300 - change
1203              to zero for infinite.
1204
1205          loginrealms: <empty string>
1206              The  list  of  remote  realms whose users may authenticate using
1207              cross-realm authentication  identifiers.   Separate  each  realm
1208              name  by  a  space.   (A  cross-realm identity is considered any
1209              identity returned by SASL with an "@" in it.).
1210
1211          loginuseacl: 0
1212              If enabled, any authentication identity which has a rights on  a
1213              user's INBOX may log in as that user.
1214
1215          logtimestamps: 0
1216              Include  notations in the protocol telemetry logs indicating the
1217              number of seconds since the last command or response.
1218
1219          mailbox_default_options: 0
1220              Default "options" field for the mailbox on create.  You'll  want
1221              to  know what you're doing before setting this, but it can apply
1222              some default annotations like duplicate supression
1223
1224          mailbox_initial_flags: <none>
1225              space-separated list of permanent flags which will be pre-set in
1226              every  newly created mailbox.  If you know you will require par‐
1227              ticular flag names then this avoids a  possible  race  condition
1228              against  a  client  that  fills  the entire 128 available slots.
1229              Default is NULL, which is no flags.   Example:  $Label1  $Label2
1230              $Label3 NotSpam Spam
1231
1232          mailnotifier: <none>
1233              Notifyd(8)  method to use for "MAIL" notifications.  If not set,
1234              "MAIL" notifications are disabled.
1235
1236          maxheaderlines: 1000
1237              Maximum number of lines of header that will  be  processed  into
1238              cache  records.  Default 1000.  If set to zero, it is unlimited.
1239              If a message hits the limit, an error will  be  logged  and  the
1240              rest  of  the  lines  in the header will be skipped.  This is to
1241              avoid malformed messages causing giant cache records
1242
1243          maxlogins_per_host: 0
1244              Maximum number of logged in  sessions  allowed  per  host,  zero
1245              means no limit
1246
1247          maxlogins_per_user: 0
1248              Maximum  number  of  logged  in  sessions allowed per user, zero
1249              means no limit
1250
1251          maxmessagesize: 0
1252              Maximum incoming LMTP message size.   If  non-zero,  lmtpd  will
1253              reject  messages larger than maxmessagesize bytes.  If set to 0,
1254              this will allow messages of any size (the default).
1255
1256          maxquoted: 131072
1257              Maximum size of a single quoted string for the parser.   Default
1258              128k
1259
1260          maxword: 131072
1261              Maximum size of a single word for the parser.  Default 128k
1262
1263          mboxkey_db: twoskip
1264              The cyrusdb backend to use for mailbox keys.
1265
1266              Allowed values: skiplist, twoskip, lmdb
1267
1268          mboxlist_db: twoskip
1269              The cyrusdb backend to use for the mailbox list.
1270
1271              Allowed values: flat, skiplist, sql, twoskip, lmdb
1272
1273          mboxlist_db_path: <none>
1274              The  absolute  path  to the mailboxes db file.  If not specified
1275              will be configdirectory/mailboxes.db
1276
1277          mboxname_lockpath: <none>
1278              Path to mailbox name lock files (default $conf/lock)
1279
1280          metapartition_files: <empty string>
1281              Space-separated list of metadata files to be stored on  a  meta‐
1282              partition rather than in the mailbox directory on a spool parti‐
1283              tion.  Allowed values: header,  index,  cache,  expunge,  squat,
1284              annotations, lock, dav, archivecache
1285
1286          metapartition-name: <none>
1287              The  pathname  of  the metadata partition name, corresponding to
1288              spool partition partition-name.  For any mailbox residing  in  a
1289              directory  on partition-name, the metadata files listed in meta‐
1290              partition_files will be stored in a corresponding  directory  on
1291              metapartition-name.    Note that not every partition-name option
1292              is required to have a corresponding  metapartition-name  option,
1293              so  that  you can selectively choose which spool partitions will
1294              have separate metadata partitions.
1295
1296          mupdate_authname: <none>
1297              The SASL username (Authentication Name) to use when authenticat‐
1298              ing to the mupdate server (if needed).
1299
1300          mupdate_config: standard
1301              The  configuration  of  the mupdate servers in the Cyrus Murder.
1302              The "standard" config is one in which there are  discreet  fron‐
1303              tend  (proxy)  and backend servers.  The "unified" config is one
1304              in which a server can be  both  a  frontend  and  backend.   The
1305              "replicated" config is one in which multiple backend servers all
1306              share the same mailspool, but each have their  own  "replicated"
1307              copy of mailboxes.db.  Allowed values: standard, unified, repli‐
1308              cated
1309
1310          munge8bit: 1
1311              If enabled, lmtpd munges messages with 8-bit characters  in  the
1312              headers.    The   8-bit  characters  are  changed  to  `X'.   If
1313              reject8bit is enabled, setting  munge8bit  has  no  effect.   (A
1314              proper solution to non-ASCII characters in headers is offered by
1315              RFC 2047 and its predecessors.)
1316
1317          mupdate_connections_max: 128
1318              The max number of connections that a mupdate process will allow,
1319              this is related to the number of file descriptors in the mupdate
1320              process.  Beyond this number  connections  will  be  immediately
1321              issued a BYE response.
1322
1323          mupdate_password: <none>
1324              The  SASL password (if needed) to use when authenticating to the
1325              mupdate server.
1326
1327          mupdate_port: 3905
1328              The port of the mupdate server for the Cyrus Murder
1329
1330          mupdate_realm: <none>
1331              The SASL realm (if needed) to use  when  authenticating  to  the
1332              mupdate server.
1333
1334          mupdate_retry_delay: 20
1335              The  base time to wait between connection retries to the mupdate
1336              server.
1337
1338          mupdate_server: <none>
1339              The mupdate server for the Cyrus Murder
1340
1341          mupdate_username: <empty string>
1342              The SASL username (Authorization Name) to use when  authenticat‐
1343              ing to the mupdate server
1344
1345          mupdate_workers_max: 50
1346              The maximum number of mupdate worker threads (overall)
1347
1348          mupdate_workers_maxspare: 10
1349              The maximum number of idle mupdate worker threads
1350
1351          mupdate_workers_minspare: 2
1352              The minimum number of idle mupdate worker threads
1353
1354          mupdate_workers_start: 5
1355              The number of mupdate worker threads to start
1356
1357          netscapeurl: <none>
1358              If  enabled  at compile time, this specifies a URL to reply when
1359              Netscape asks the server  where  the  mail  administration  HTTP
1360              server is.  Administrators should set this to a local resource.
1361
1362          newsaddheaders: to
1363              Space-separated  list  of headers to be added to incoming usenet
1364              articles.   Added  To:  headers  will  contain  email   delivery
1365              addresses  corresponding  to  each  newsgroup in the Newsgroups:
1366              header.  Added Reply-To: headers  will  contain  email  delivery
1367              addresses corresponding to each newsgroup in the Followup-To: or
1368              Newsgroups: header.  If the specified header(s) already exist in
1369              an article, the email delivery addresses will be appended to the
1370              original header body(s).
1371
1372              This option applies if and only if the  newspostuser  option  is
1373              set.  Allowed values: to, replyto
1374
1375          newsgroups: *
1376              A wildmat pattern specifying which mailbox hierarchies should be
1377              treated as newsgroups.  Only mailboxes matching the wildmat will
1378              accept  and/or  serve  articles via NNTP.  If not set, a default
1379              wildmat of "*" (ALL shared mailboxes)  will  be  used.   If  the
1380              newsprefix  option  is  also  set,  the  default wildmat will be
1381              translated to "<newsprefix>.*"
1382
1383          newsmaster: news
1384              Userid that is used for checking access controls when  executing
1385              Usenet  control messages.  For instance, to allow articles to be
1386              automatically deleted by cancel messages, give the  "news"  user
1387              the  'd' right on the desired mailboxes.  To allow newsgroups to
1388              be automatically created, deleted and renamed by the correspond‐
1389              ing  control messages, give the "news" user the 'c' right on the
1390              desired mailbox hierarchies.
1391
1392          newspeer: <none>
1393              A list of whitespace-separated  news  server  specifications  to
1394              which  articles  should  be fed.  Each server specification is a
1395              string of  the  form  [user[:pass]@]host[:port][/wildmat]  where
1396              'host'  is the fully qualified hostname of the server, 'port' is
1397              the port on which the server is listening, 'user' and 'pass' are
1398              the  authentication  credentials and 'wildmat' is a pattern that
1399              specifies which groups should be fed.  If no  'port'  is  speci‐
1400              fied,  port  119  is  used.   If  no 'wildmat' is specified, all
1401              groups are fed.  If 'user' is specified (even  if  empty),  then
1402              the  NNTP  POST  command will be used to feed the article to the
1403              server, otherwise the IHAVE command will be used.
1404
1405              A '@' may be used in place of '!'  in  the  wildmat  to  prevent
1406              feeding  articles  cross-posted  to  the  given group, otherwise
1407              cross-posted articles  are  fed  if  any  part  of  the  wildmat
1408              matches.   For  example,  the  string  "peer.example.com:*,!con‐
1409              trol.*,@local.*" would feed all groups except  control  messages
1410              and   local   groups   to  peer.example.com.   In  the  case  of
1411              cross-posting to local groups, these articles would not be fed.
1412
1413          newspostuser: <none>
1414              Userid used to deliver  usenet  articles  to  newsgroup  folders
1415              (usually  via  lmtp2nntp).  For example, if set to "post", email
1416              sent  to  "post+comp.mail.imap"  would  be  delivered   to   the
1417              "comp.mail.imap" folder.
1418
1419              When set, the Cyrus NNTP server will add the header(s) specified
1420              in the newsaddheaders option to each  incoming  usenet  article.
1421              The added header(s) will contain email delivery addresses corre‐
1422              sponding to each relevent newsgroup.  If not set, no headers are
1423              added to usenet articles.
1424
1425          newsprefix: <none>
1426              Prefix  to  be  prepended  to newsgroup names to make the corre‐
1427              sponding IMAP mailbox names.
1428
1429          newsrc_db_path: <none>
1430              The absolute path to the newsrc db file.  If not specified, will
1431              be configdirectory/fetchnews.db
1432
1433          nntptimeout: 3
1434              Set the length of the NNTP server's inactivity autologout timer,
1435              in minutes.  The minimum value is 3, the default.
1436
1437          notesmailbox: <none>
1438              The top level mailbox in each user's account which  is  used  to
1439              store * Apple-style Notes.  Default is blank (disabled)
1440
1441          notifysocket: {configdirectory}/socket/notify
1442              Unix domain socket that the mail notification daemon listens on.
1443
1444          notify_external: <none>
1445              Path  to  the external program that notifyd(8) will call to send
1446              mail notifications.
1447
1448              The external program will be called with the  following  command
1449              line options:
1450
1451                 -c class
1452
1453                 -p priority
1454
1455                 -u user
1456
1457                 -m mailbox
1458
1459                 And the notification message will be available on stdin.
1460
1461          partition-name: <none>
1462              The  pathname  of  the  partition  name.  At least one partition
1463              pathname MUST be specified.  If the defaultpartition  option  is
1464              used,  then its pathname MUST be specified.  For example, if the
1465              value of the defaultpartion option is  part1,  then  the  parti‐
1466              tion-part1 field is required.
1467
1468          outbox_sendlater: 0
1469              If  enabled,  any  message with a Draft flag will be sent at the
1470              time of its INTERNALDATE
1471
1472          partition_select_mode: freespace-most
1473              Partition selection mode.
1474
1475              random (pseudo-)random selection
1476
1477              freespace-most
1478                     partition with the most free space (KiB)
1479
1480              freespace-percent-most
1481                     partition with the most free space (%)
1482
1483              freespace-percent-weighted
1484                     each partition is weighted according to  its  free  space
1485                     (%);  the  more  free  space  the partition has, the more
1486                     chances it has to be selected
1487
1488              freespace-percent-weighted-delta
1489                     each partition is weighted according to its difference of
1490                     free  space  (%) compared to the most used partition; the
1491                     more the partition is lagging behind the most used parti‐
1492                     tion, the more chances it has to be selected
1493
1494                     Note that actually even the most used partition has a few
1495                     chances to be selected, and those chances  increase  when
1496                     other partitions get closer
1497
1498                     Allowed  values:  random,  freespace-most, freespace-per‐
1499                     cent-most,   freespace-percent-weighted,   freespace-per‐
1500                     cent-weighted-delta
1501
1502          partition_select_exclude: <none>
1503              List of partitions to exclude from selection mode.
1504
1505          partition_select_usage_reinit: 0
1506              For a given session, number of operations (e.g. partition selec‐
1507              tion) for which partitions usage data are cached.
1508
1509          partition_select_soft_usage_limit: 0
1510              Limit of partition usage (%): if a partition is over that limit,
1511              it is automatically excluded from selection mode.
1512
1513              If  all partitions are over that limit, this feature is not used
1514              anymore.
1515
1516          plaintextloginpause: 0
1517              Number of seconds to pause after a successful  plaintext  login.
1518              For  systems  that  support  strong authentication, this permits
1519              users to perceive a cost of using  plaintext  passwords.   (This
1520              does not affect the use of PLAIN in SASL authentications.)
1521
1522          plaintextloginalert: <none>
1523              Message to send to client after a successful plaintext login.
1524
1525          popexpiretime: -1
1526              The number of days advertised as being the minimum a message may
1527              be left on the POP server before it is  deleted  (via  the  CAPA
1528              command,  defined  in  the  POP3 Extension Mechanism, which some
1529              clients may support).  "NEVER", the default,  may  be  specified
1530              with  a  negative  number.   The Cyrus POP3 server never deletes
1531              mail, no matter what the value of this parameter  is.   However,
1532              if  a  site implements a less liberal policy, it needs to change
1533              this parameter accordingly.
1534
1535          popminpoll: 0
1536              Set the minimum amount of time the server forces users  to  wait
1537              between successive POP logins, in minutes.
1538
1539          popsubfolders: 0
1540              Allow   access   to  subfolders  of  INBOX  via  POP3  by  using
1541              userid+subfolder syntax as the authentication/authorization id.
1542
1543          poppollpadding: 1
1544              Create a softer minimum poll restriction.  Allows poppollpadding
1545              connections  before the minpoll restriction is triggered.  Addi‐
1546              tionally, one padding entry is recovered every  popminpoll  min‐
1547              utes.   This  allows for the occasional polling rate faster than
1548              popminpoll, (i.e., for clients that require  a  send/receive  to
1549              send  mail) but still enforces the rate long-term.  Default is 1
1550              (disabled).
1551
1552              The easiest way to think of it is a queue of  past  connections,
1553              with  one  slot  being filled for every connection, and one slot
1554              being cleared every popminpoll minutes. When the queue is  full,
1555              the  user  will  not be able to check mail again until a slot is
1556              cleared.  If the user waits a sufficient amount  of  time,  they
1557              will get back many or all of the slots.
1558
1559          poptimeout: 10
1560              Set  the length of the POP server's inactivity autologout timer,
1561              in minutes.  The minimum value is 10, the default.
1562
1563          popuseacl: 0
1564              Enforce IMAP ACLs in the pop server.  Due to the nature  of  the
1565              POP3  protocol, the only rights which are used by the pop server
1566              are 'r', 't', and 's' for the owner of  the  mailbox.   The  'r'
1567              right allows the user to open the mailbox and list/retrieve mes‐
1568              sages.  The 't' right allows the user to delete  messages.   The
1569              's'  right  allows  messages  retrieved  by the user to have the
1570              \Seen flag set (only if popuseimapflags is also enabled).
1571
1572          popuseimapflags: 0
1573              If enabled, the pop server will set and obey IMAP  flags.   Mes‐
1574              sages  having  the  \Deleted  flag are ignored as if they do not
1575              exist.  Messages that are retrieved by the client will have  the
1576              \Seen flag set.  All messages will have the \Recent flag unset.
1577
1578          postmaster: postmaster
1579              Username  that  is  used as the 'From' address in rejection MDNs
1580              produced by sieve.
1581
1582          postuser: <empty string>
1583              Userid used to deliver messages to shared folders.  For example,
1584              if  set  to "bb", email sent to "bb+shared.blah" would be deliv‐
1585              ered to the "shared.blah" folder.  By default, an email  address
1586              of "+shared.blah" would be used.
1587
1588          proc_path: <none>
1589              Path  to  proc directory.  Default is NULL - must be an absolute
1590              path if specified.  If not  specified,  the  path  $configdirec‐
1591              tory/proc/ will be used.
1592
1593          proxy_authname: proxy
1594              The  authentication name to use when authenticating to a backend
1595              server in the Cyrus Murder.
1596
1597          proxy_compress: 0
1598              Try to enable protocol-specific compression  when  performing  a
1599              client connection to a backend server in the Cyrus Murder.
1600
1601              Note  that  this should only be necessary over slow network con‐
1602              nections.  Also note that currently only IMAP and  MUPDATE  sup‐
1603              port compression.
1604
1605          proxy_password: <none>
1606              The  default  password  to  use when authenticating to a backend
1607              server in the Cyrus Murder.  May be overridden  on  a  host-spe‐
1608              cific basis using the hostname_password option.
1609
1610          proxy_realm: <none>
1611              The authentication realm to use when authenticating to a backend
1612              server in the Cyrus Murder
1613
1614          proxyd_allow_status_referral: 0
1615              Set to true to allow proxyd to issue referrals to  clients  that
1616              support  it when answering the STATUS command.  This is disabled
1617              by default since some clients issue many STATUS  commands  in  a
1618              row, and do not cache the connections that these referrals would
1619              cause, thus resulting in a higher  authentication  load  on  the
1620              respective backend server.
1621
1622          proxyd_disable_mailbox_referrals: 0
1623              Set to true to disable the use of mailbox-referrals on the proxy
1624              servers.
1625
1626          proxyservers: <none>
1627              A list of users and groups that are allowed to proxy  for  other
1628              users,  separated  by  spaces.   Any user listed in this will be
1629              allowed to login for any other user: use  with  caution.   In  a
1630              standard  murder this option should ONLY be set on backends.  DO
1631              NOT SET on frontends or things won't work properly.
1632
1633          pts_module: afskrb
1634              The PTS module to use.
1635
1636              Allowed values: afskrb, ldap
1637
1638          ptloader_sock: <none>
1639              Unix domain socket that ptloader listens on.  (defaults to  con‐
1640              figdirectory/ptclient/ptsock)
1641
1642          ptscache_db: twoskip
1643              The cyrusdb backend to use for the pts cache.
1644
1645              Allowed values: skiplist, twoskip, lmdb
1646
1647          ptscache_db_path: <none>
1648              The  absolute  path  to the ptscache db file.  If not specified,
1649              will be configdirectory/ptscache.db
1650
1651          ptscache_timeout: 10800
1652              The timeout (in seconds) for the PTS cache database  when  using
1653              the auth_krb_pts authorization method (default: 3 hours).
1654
1655          ptskrb5_convert524: 1
1656              When using the AFSKRB ptloader module with Kerberos 5 canonical‐
1657              ization, do the final 524 conversion to get a n AFS  style  name
1658              (using '.' instead of '/', and using short names
1659
1660          ptskrb5_strip_default_realm: 1
1661              When using the AFSKRB ptloader module with Kerberos 5 canonical‐
1662              ization, strip the default realm from the userid (this does  not
1663              affect  the  stripping  of realms specified by the afspts_local‐
1664              realms option)
1665
1666          qosmarking: cs0
1667              This specifies the Class  Selector  or  Differentiated  Services
1668              Code  Point  designation  on  IP  headers  (in  the  ToS field).
1669              Allowed values: cs0, cs1, cs2, cs3, cs4, cs5,  cs6,  cs7,  af11,
1670              af12,  af13,  af21,  af22,  af23,  af31, af32, af33, af41, af42,
1671              af43, ef
1672
1673          quota_db: quotalegacy
1674              The cyrusdb backend to use for quotas.
1675
1676              Allowed values: flat, skiplist, sql, quotalegacy, twoskip, lmdb
1677
1678          quota_db_path: <none>
1679              The absolute path for the quota database (if you choose  a  sin‐
1680              gle-file quota DB type - or the base path if you choose quotale‐
1681              gacy).  If not specified will  be  configdirectory/quotas.db  or
1682              configdirectory/quota/
1683
1684          quotawarn: 90
1685              The percent of quota utilization over which the server generates
1686              warnings.
1687
1688          quotawarnkb: 0
1689              The maximum amount of free space (in kB)  at  which  to  give  a
1690              quota  warning  (if  this value is 0, or if the quota is smaller
1691              than this amount, then warnings are always given).
1692
1693          quotawarnmsg: 0
1694              The maximum amount of messages at which to give a quota  warning
1695              (if  this  value  is  0,  or  if  the quota is smaller than this
1696              amount, then warnings are always given).
1697
1698          reject8bit: 0
1699              If enabled, lmtpd rejects messages with 8-bit characters in  the
1700              headers.
1701
1702          restore_authname: <none>
1703              The  authentication used by the restore tool when authenticating
1704              to an IMAP/sync server.
1705
1706          restore_password: <none>
1707              The password used by the restore tool when authenticating to  an
1708              IMAP/sync server.
1709
1710          restore_realm: <none>
1711              The authentication realm used by the restore tool when authenti‐
1712              cating to an IMAP/sync server.
1713
1714          reverseacls: 0
1715              At startup time, ctl_cyrusdb -r will check  this  value  and  it
1716              will either add or remove reverse ACL pointers from mailboxes.db
1717
1718          rfc2046_strict: 0
1719              If  enabled,  imapd  will be strict (per RFC 2046) when matching
1720              MIME boundary strings.  This means  that  boundaries  containing
1721              other  boundaries  as  substrings  will be treated as identical.
1722              Since enabling this option will break some messages  created  by
1723              Eudora 5.1 (and earlier), it is recommended that it be left dis‐
1724              abled unless there is good reason to do otherwise.
1725
1726          rfc2047_utf8: 0
1727              If enabled, imapd will parse any non-encoded character  sequence
1728              in  MIME header values as UTF8. This is useful for installations
1729              that either advertise  the  UTF8SMTP  (RFC  5335)  extension  or
1730              receive  mails  with improperly escaped UTF-8 byte sequences. It
1731              is recommended that this option is left disabled unless there is
1732              good reason to do otherwise.
1733
1734          rfc3028_strict: 1
1735              If  enabled, Sieve will be strict (per RFC 3028) with regards to
1736              which headers are allowed to be used  in  address  and  envelope
1737              tests.   This means that only those headers which are defined to
1738              contain addresses will be allowed in address tests and only "to"
1739              and  "from"  will  be allowed in envelope tests.  When disabled,
1740              ANY grammatically correct header will be allowed.
1741
1742          rss_feedlist_template: <none>
1743              File containing HTML that will be used as a  template  for  dis‐
1744              playing  the  list of available RSS feeds.  A single instance of
1745              the variable %RSS_FEEDLIST% should appear  in  the  file,  which
1746              will  be  replaced  by  a  nested  unordered list of feeds.  The
1747              toplevel unordered list will be tagged with an id of "feed" (<ul
1748              id='feed'>) which can be used by stylesheet(s) in your template.
1749              The dynamically created list of feeds based on the HTML template
1750              will be accessible at the "/rss" URL on the server.
1751
1752          rss_feeds: *
1753              A wildmat pattern specifying which mailbox hierarchies should be
1754              treated as RSS feeds.  Only mailboxes matching the wildmat  will
1755              have  their  messages  available via RSS.  If not set, a default
1756              wildmat of "*" (ALL mailboxes) will be used.
1757
1758          rss_maxage: 0
1759              Maximum age (in days) of items to display in an RSS channel.  If
1760              non-zero, httpd will only display items received within the last
1761              rss_maxage days.  If set to 0, all available items will be  dis‐
1762              played (the default).
1763
1764          rss_maxitems: 0
1765              Maximum  number  of  items  to  display  in  an RSS channel.  If
1766              non-zero, httpd will display no more than the rss_maxitems  most
1767              recent  items.   If  set  to 0, all available items will be dis‐
1768              played (the default).
1769
1770          rss_maxsynopsis: 0
1771              Maximum RSS item synopsis length.  If non-zero, httpd will  dis‐
1772              play  no  more  than  the first rss_maxsynopsis characters of an
1773              item's synopsis.  If set to 0, the entire synopsis will be  dis‐
1774              played (the default).
1775
1776          rss_realm: <none>
1777              The  realm  to present for HTTP authentication of RSS feeds.  If
1778              not set (the default), the value of the "servername" option will
1779              be used.
1780
1781          sasl_auto_transition: 0
1782              If enabled, the SASL library will automatically create authenti‐
1783              cation secrets when given a plaintext password.   See  the  SASL
1784              documentation.
1785
1786          sasl_maximum_layer: 256
1787              Maximum  SSF  (security  strength  factor)  that the server will
1788              allow a client to negotiate.
1789
1790          sasl_minimum_layer: 0
1791              The minimum SSF that the server will allow a client  to  negoti‐
1792              ate.   A  value  of  1 requires integrity protection; any higher
1793              value requires some amount of encryption.
1794
1795          sasl_option: 0
1796              Any SASL option can be set by preceding  it  with  sasl_.   This
1797              file overrides the SASL configuration file.
1798
1799          sasl_pwcheck_method: <none>
1800              The  mechanism used by the server to verify plaintext passwords.
1801              Possible values include "auxprop", "saslauthd", and "pwcheck".
1802
1803          search_batchsize: 20
1804              The number of messages to be indexed in one batch (default  20).
1805              Note that long batches may delay user commands or mail delivery.
1806
1807          search_normalisation_max: 1000
1808              A  resource  bound  for  the  combinatorial  explosion of search
1809              expression tree complexity  caused  by  normalising  expressions
1810              with  many  OR  nodes.   These can use more CPU time to optimise
1811              than they save IO time in scanning folders.
1812
1813          search_engine: none
1814              The indexing engine used to speed up searching.
1815
1816              Allowed values: none, squat, sphinx, xapian
1817
1818          search_fuzzy_always: 0
1819              Whether to enable RFC 6203 FUZZY search for all IMAP SEARCH.  If
1820              turned on, search attributes will be searched using FUZZY search
1821              by default.  If turned off, clients have to explicitly  use  the
1822              FUZZY  search key to enable fuzzy search for regular SEARCH com‐
1823              mands.
1824
1825          search_index_headers: 1
1826              Whether to index headers other than From, To, Cc, Bcc, and  Sub‐
1827              ject.   Experiment  shows that some headers such as Received and
1828              DKIM-Signature can contribute up to 2/3rds of the index size but
1829              almost nothing to the utility of searching.  Note that is header
1830              indexing  is  disabled,  headers  can  still  be  searched,  the
1831              searches will just be slower.
1832
1833          search_indexed_db: twoskip
1834              The  cyrusdb  backend  to  use for the search latest indexed uid
1835              state.
1836
1837              Allowed values: flat, skiplist, twoskip, lmdb
1838
1839          search_maxtime: <none>
1840              The maximum number of seconds to run a search for before  abort‐
1841              ing.   Default  of  no  value means search "forever" until other
1842              timeouts.
1843
1844          search_skipdiacrit: 1
1845              When searching, should diacriticals be stripped from the  search
1846              terms.   The  default  is  "true", a search for "hav" will match
1847              "Håvard".  This is not RFC 5051 complient, but it backwards com‐
1848              patible, and may be preferred by some sites.
1849
1850          search_skiphtml: 0
1851              If enabled, HTML parts of messages are skipped, i.e. not indexed
1852              and not searchable.  Otherwise, they're indexed.
1853
1854          search_whitespace: merge
1855              When searching, how whitespace should be handled.  Options  are:
1856              "skip"  (default in 2.3 and earlier series) - where a search for
1857              "equi" would  match  "the  quick  brown  fox".   "merge"  -  the
1858              default,  where "he  qu" would match "the quick   brownfox", and
1859              "keep", where whitespace must match  exactly.   The  default  of
1860              "merge"  is  recommended for most cases - it's a good compromise
1861              which keeps words separate.  Allowed values: skip, merge, keep
1862
1863          search_snippet_length: 255
1864              The maximum byte length of a snippet generated by the  XSNIPPETS
1865              command.  Only  supported  by  the  Xapian search backend, which
1866              attempts to always fill search_snippet_length bytes in the  gen‐
1867              erated snippet.
1868
1869          search_stopword_path: <none>
1870              The  absolute  base  path  to  the search stopword lists. If not
1871              specified, no stopwords will be taken into account during search
1872              indexing.  Currently,  the  only supported and default stop word
1873              file is english.list.
1874
1875          searchpartition-name: <none>
1876              The pathname  where  to  store  the  xapian  search  indexes  of
1877              searchtier for mailboxes of partition name. This must be config‐
1878              ured for the defaultsearchtier and any  additional  search  tier
1879              (see squatter for details).
1880
1881              For  example:  if  defaultpartition  is  defined  as  part1  and
1882              defaultsearchtier as tier1 then the configuration  must  contain
1883              an  entry tier1searchpartition-part1 that defines the path where
1884              to store this tier1's search index for the part1 partition.
1885
1886              This option MUST be specified for xapian search.
1887
1888          seenstate_db: twoskip
1889              The cyrusdb backend to use for the seen state.
1890
1891              Allowed values: flat, skiplist, twoskip, lmdb
1892
1893          sendmail: /usr/lib/sendmail
1894              The pathname of the sendmail executable.  Sieve invokes sendmail
1895              for sending rejections, redirects and vacation responses.
1896
1897          serverlist: <none>
1898              Whitespace  separated  list  of  backend server names.  Used for
1899              finding server with the most available free space  for  proxying
1900              CREATE.
1901
1902          serverlist_select_mode: freespace-most
1903              Server selection mode.
1904
1905              random (pseudo-)random selection
1906
1907              freespace-most
1908                     backend with the most (total) free space (KiB)
1909
1910              freespace-percent-most
1911                     backend whose partition has the most free space (%)
1912
1913              freespace-percent-weighted
1914                     same as for partition selection, comparing the free space
1915                     (%) of the least used partition of each backend
1916
1917              freespace-percent-weighted-delta
1918                     same as for partition selection, comparing the free space
1919                     (%) of the least used partition of each backend.
1920
1921                     Allowed  values:  random,  freespace-most, freespace-per‐
1922                     cent-most,   freespace-percent-weighted,   freespace-per‐
1923                     cent-weighted-delta
1924
1925          serverlist_select_usage_reinit: 0
1926              For  a  given session, number of operations (e.g. backend selec‐
1927              tion) for which backend usage data are cached.
1928
1929          serverlist_select_soft_usage_limit: 0
1930              Limit of backend usage (%): if a backend is over that limit,  it
1931              is automatically excluded from selection mode.
1932
1933              If  all  backends  are over that limit, this feature is not used
1934              anymore.
1935
1936          servername: <none>
1937              This is the hostname visible in the  greeting  messages  of  the
1938              POP,  IMAP  and  LMTP  daemons.  If it is unset, then the result
1939              returned from gethostname(2) is used.  This is  also  the  value
1940              used by murder clusters to identify the host name.  It should be
1941              resolvable by DNS to the correct  host,  and  unique  within  an
1942              active  cluster.   If  you are using low level replication (e.g.
1943              drbd) then it should be the same on each copy and the  DNS  name
1944              should also be moved to the new master on failover.
1945
1946          serverinfo: on
1947              The server information to display in the greeting and capability
1948              responses. Information is displayed as follows:
1949                 "off" = no server information in the greeting or capabilities
1950
1951                 "min" = servername in the greeting; no server information  in
1952                 the capabilities
1953
1954                 "on"  = servername and product version in the greeting; prod‐
1955                 uct version in the capabilities
1956
1957                 Allowed values: off, min, on
1958
1959          sharedprefix: Shared Folders
1960              If using the alternate IMAP namespace, the prefix for the shared
1961              namespace.    The  hierarchy  delimiter  will  be  automatically
1962              appended.
1963
1964          sieve_allowreferrals: 1
1965              If enabled, timsieved will issue referrals to clients  when  the
1966              user's  scripts reside on a remote server (in a Murder).  Other‐
1967              wise, timsieved will proxy traffic to the remote server.
1968
1969          sieve_extensions:   fileinto   reject   vacation    vacation-seconds
1970          imapflags  notify  envelope  relational  regex  subaddress copy date
1971          index imap4flags mailbox mboxmetadata servermetadata variables
1972              Space-separated list of Sieve extensions allowed to be  used  in
1973              sieve scripts, enforced at submission by timsieved(8).  Any pre‐
1974              viously installed script will be unaffected by this  option  and
1975              will  continue  to  execute  regardless  of the extensions used.
1976              This option has no effect on options that are disabled  at  com‐
1977              pile  time  (e.g.,  "regex").  Allowed values: fileinto, reject,
1978              vacation, vacation-seconds, imapflags,  notify,  include,  enve‐
1979              lope,  body,  relational,  regex, subaddress, copy, date, index,
1980              imap4flags, mailbox, mboxmetadata, servermetadata, variables
1981
1982          sieve_maxscriptsize: 32
1983              Maximum size (in kilobytes) any sieve script can be, enforced at
1984              submission by timsieved(8).
1985
1986          sieve_maxscripts: 5
1987              Maximum  number  of sieve scripts any user may have, enforced at
1988              submission by timsieved(8).
1989
1990          sieve_utf8fileinto: 0
1991              If enabled, the  sieve  engine  expects  folder  names  for  the
1992              fileinto  action  in  scripts  to use UTF8 encoding.  Otherwise,
1993              modified UTF7 encoding should be used.
1994
1995          sieve_sasl_send_unsolicited_capability: 0
1996              If enabled, timsieved will emit a capability  response  after  a
1997              successful   SASL   authentication,   per   draft-martin-manage‐
1998              sieve-12.txt .
1999
2000          sieve_vacation_min_response: 259200 /* 3 days */
2001              Minimum time interval (in seconds) between consecutive  vacation
2002              responses, per draft-ietf-vacation-seconds.txt .
2003
2004          sieve_vacation_max_response: 7776000 /* 90 days */
2005              Maximum  time interval (in seconds) between consecutive vacation
2006              responses, per draft-ietf-vacation-seconds.txt .
2007
2008          sievedir: /usr/sieve
2009              If sieveusehomedir is false,  this  directory  is  searched  for
2010              Sieve scripts.
2011
2012          sievenotifier: <none>
2013              Notifyd(8) method to use for "SIEVE" notifications.  If not set,
2014              "SIEVE" notifications are disabled.
2015
2016              This method is only used when no  method  is  specified  in  the
2017              script.
2018
2019          sieveusehomedir: 0
2020              If  enabled,  lmtpd  will  look for Sieve scripts in user's home
2021              directories: ~user/.sieve.
2022
2023          anysievefolder: 0
2024              It must be "yes" in order to  permit  the  autocreation  of  any
2025              INBOX  subfolder  requested  by  a  sieve  filter,  through  the
2026              "fileinto" action. (default = no)
2027
2028          singleinstancestore: 1
2029              If enabled, imapd, lmtpd and nntpd attempt  to  only  write  one
2030              copy of a message per partition and create hard links, resulting
2031              in a potentially large disk savings.
2032
2033          skiplist_always_checkpoint: 1
2034              If enabled, this option forces the skiplist cyrusdb  backend  to
2035              always  checkpoint  when doing a recovery.  This causes slightly
2036              more IO, but on the other hand leads  to  more  efficient  data‐
2037              bases, and the entire file is already "hot".
2038
2039          skiplist_unsafe: 0
2040              If  enabled,  this option forces the skiplist cyrusdb backend to
2041              not sync writes to the disk.  Enabling this option is NOT RECOM‐
2042              MENDED.
2043
2044          soft_noauth: 1
2045              If  enabled, lmtpd returns temporary failures if the client does
2046              not successfully authenticate.  Otherwise lmtpd  returns  perma‐
2047              nent failures (causing the mail to bounce immediately).
2048
2049          sortcache_db: twoskip
2050              The  cyrusdb  backend to use for caching sort results (currently
2051              only used for xconvmultisort) Allowed values: skiplist, twoskip,
2052              lmdb
2053
2054          specialuse_extra: <none>
2055              Whitespace  separated  list of extra special-use attributes that
2056              can be set on a mailbox. RFC  6154  currently  lists  what  spe‐
2057              cial-use  attributes can be set. This allows extending that list
2058              in the future or adding your own if needed.
2059
2060          specialusealways: 0
2061              If enabled, this option causes LIST and LSUB  output  to  always
2062              include the XLIST "special-use" flags
2063
2064          sphinx_text_excludes_odd_headers: 0
2065              If  enabled,  Sphinx will perform a TEXT search as if it matches
2066              FROM, TO, CC, BCC or SUBJECT but not any other headers.  This is
2067              contrary  to the RFC but a more useful behaviour for most users.
2068              Default: disabled.
2069
2070          sphinx_socket: {configdirectory}/socket/sphinx
2071              Unix domain socket that the Sphinx searchd daemons listens on.
2072
2073          sphinx_pidfile: /var/run/sphinx.pid
2074              File where the Sphinx searchd daemon writes its pid.
2075
2076          sql_database: <none>
2077              Name of the database which contains the cyrusdb table(s).
2078
2079          sql_engine: <none>
2080              Name of the SQL engine to use.
2081
2082              Allowed values: mysql, pgsql, sqlite
2083
2084          sql_hostnames: <empty string>
2085              Comma separated list of SQL servers (in host[:port] format).
2086
2087          sql_passwd: <none>
2088              Password to use for authentication to the SQL server.
2089
2090          sql_user: <none>
2091              Username to use for authentication to the SQL server.
2092
2093          sql_usessl: 0
2094              If enabled, a secure connection will be made to the SQL server.
2095
2096          srvtab: <empty string>
2097              The pathname of srvtab file containing the server's private key.
2098              This  option  is  passed  to  the SASL library and overrides its
2099              default setting.
2100
2101          submitservers: <none>
2102              A  list  of  users  and  groups  that  are  allowed  to  resolve
2103              "urlauth=submit+"  IMAP  URLs,  separated  by  spaces.  Any user
2104              listed in this will be allowed to  fetch  the  contents  of  any
2105              valid "urlauth=submit+" IMAP URL: use with caution.
2106
2107          subscription_db: flat
2108              The cyrusdb backend to use for the subscriptions list.
2109
2110              Allowed values: flat, skiplist, twoskip, lmdb
2111
2112          suppress_capabilities: <none>
2113              Suppress  the  named  capabilities from any capability response.
2114              Use the exact case as it appears in the  response,  e.g.   "sup‐
2115              press_capabilities:  ESEARCH QRESYNC WITHIN XLIST LIST-EXTENDED"
2116              if you have a murder with 2.3.x backends and don't want  clients
2117              being confused by new capabilities that some backends don't sup‐
2118              port.
2119
2120          statuscache: 0
2121              Enable/disable the imap status cache.
2122
2123          statuscache_db: twoskip
2124              The cyrusdb backend to use for the imap status cache.
2125
2126              Allowed values: skiplist, sql, twoskip, lmdb
2127
2128          statuscache_db_path: <none>
2129              The absolute path to the statuscache db file.  If not specified,
2130              will be configdirectory/statuscache.db
2131
2132          sync_authname: <none>
2133              The  authentication  name  to  use when authenticating to a sync
2134              server.  Prefix with a channel name to only apply for that chan‐
2135              nel
2136
2137          sync_batchsize: 8192
2138              the  number  of  messages to upload in a single mailbox replica‐
2139              tion.  Default is 8192.  If there are more than this  many  mes‐
2140              sages  appended  to  the  mailbox,  generate a synthetic partial
2141              state and send that.
2142
2143          sync_host: <none>
2144              Name of the  host  (replica  running  sync_server(8))  to  which
2145              replication actions will be sent by sync_client(8).  Prefix with
2146              a channel name to only apply for that channel
2147
2148          sync_log: 0
2149              Enable  replication  action  logging  by   lmtpd(8),   imapd(8),
2150              pop3d(8),  and  nntpd(8).  The log {configdirectory}/sync/log is
2151              used by sync_client(8) for "rolling" replication.
2152
2153          sync_log_chain: 0
2154              Enable replication action logging by sync_server as well, allow‐
2155              ing  chaining  of  replicas.   Use  this  on 'B' for A => B => C
2156              replication layout
2157
2158          sync_log_channels: <none>
2159              If specified, log all events to multiple log files  in  directo‐
2160              ries specified by each "channel".  Each channel can then be pro‐
2161              cessed separately, such as by multiple sync_client(8)s in a mesh
2162              replication  scheme,  or by squatter(8) for rolling search index
2163              updates.
2164
2165              You can use "" (the two-character string U+22 U+22) to mean  the
2166              default sync channel.
2167
2168          sync_log_unsuppressable_channels: squatter
2169              If  specified,  the named channels are exempt from the effect of
2170              setting sync_log_chain:off, i.e. they are always  logged  to  by
2171              the  sync_server  process.   This is only really useful to allow
2172              rolling search indexing on a replica.
2173
2174          sync_password: <none>
2175              The default password  to  use  when  authenticating  to  a  sync
2176              server.  Prefix with a channel name to only apply for that chan‐
2177              nel
2178
2179          sync_port: <none>
2180              Name of the service (or port number) of the replication  service
2181              on  replica  host.  Prefix with a channel name to only apply for
2182              that channel.  If not specified, and if sync_try_imap is set  to
2183              "yes"  (the default), then the replication client will first try
2184              "imap" (port 143) to check if imapd supports replication.   oth‐
2185              erwise it will default to "csync" (usually port 2005).
2186
2187          sync_realm: <none>
2188              The  authentication  realm  to use when authenticating to a sync
2189              server.  Prefix with a channel name to only apply for that chan‐
2190              nel
2191
2192          sync_repeat_interval: 1
2193              Minimum  interval  (in  seconds)  between  replication  runs  in
2194              rolling replication mode. If a replication run takes longer than
2195              this time, we repeat immediately.  Prefix with a channel name to
2196              only apply for that channel
2197
2198          sync_shutdown_file: <none>
2199              Simple latch used to tell sync_client(8)  that  it  should  shut
2200              down at the next opportunity. Safer than sending signals to run‐
2201              ning processes.  Prefix with a channel name to  only  apply  for
2202              that channel
2203
2204          sync_timeout: 1800
2205              Number  of  seconds  to  wait  for a response before returning a
2206              timeout failure when talking to a replication  peer  (client  or
2207              server).
2208
2209          sync_try_imap: 1
2210              Whether  sync_client  should  try  to perform an IMAP connection
2211              before  falling  back  to  csync.   If  this  is  set  to  "no",
2212              sync_client  will only use csync.  Prefix with a channel name to
2213              apply only for that channel
2214
2215          syslog_prefix: <none>
2216              String to be prepended to the process name in syslog entries.
2217
2218          syslog_facility: <none>
2219              Configure a syslog facility.  The default is  whatever  is  com‐
2220              piled  in.   Allowed  values  are: DAEMON, MAIL, NEWS, USER, and
2221              LOCAL0 through to LOCAL7
2222
2223          tcp_keepalive: 0
2224              Enable keepalive on TCP connections
2225
2226          tcp_keepalive_cnt: 0
2227              Number of TCP keepalive probes to send before declaring the con‐
2228              nection dead (0 == system default)
2229
2230          tcp_keepalive_idle: 0
2231              Number  of  seconds  a  connection must be idle before keepalive
2232              probes are sent (0 == system default)
2233
2234          tcp_keepalive_intvl: 0
2235              Number of seconds between keepalive probes (0 == system default)
2236
2237          temp_path: /tmp
2238              The pathname to store temporary files in
2239
2240          telemetry_bysessionid: 0
2241              If true, log by sessionid instead of PID for telemetry
2242
2243          timeout: 32
2244              The length of the IMAP server's inactivity autologout timer,  in
2245              minutes.  The minimum value is 30.  The default is 32 to allow a
2246              bit of leeway for clients that try to NOOP every 30 minutes.
2247
2248          imapidletimeout: 0
2249              Timeout for idling clients (RFC 2177) in minutes. If set to zero
2250              (the  default)  or  less,  the  value  of "timeout" will be used
2251              instead.
2252
2253          tls_ca_file: <none>
2254              Deprecated in favor of tls_client_ca_file.
2255
2256          tls_ca_path: <none>
2257              Deprecated in favor of tls_client_ca_dir.
2258
2259          tlscache_db: twoskip
2260              Deprecated in favor of tls_sessions_db.
2261
2262          tlscache_db_path: <none>
2263              Deprecated in favor of tls_sessions_db_path.
2264
2265          tls_cert_file: <none>
2266              Deprecated in favor of tls_server_cert.
2267
2268          tls_cipher_list: DEFAULT
2269              Deprecated in favor of tls_ciphers.
2270
2271          tls_ciphers: DEFAULT
2272              The list of SSL/TLS ciphers to allow.  The format of the  string
2273              (and definition of "DEFAULT") is described in ciphers(1).
2274
2275              See also Mozilla's server-side TLS recommendations:
2276
2277              https://wiki.mozilla.org/Security/Server_Side_TLS
2278
2279          tls_client_ca_dir: <none>
2280              Path  to a directory containing the CA certificates used to ver‐
2281              ify client SSL certificates used for authentication.
2282
2283          tls_client_ca_file: <none>
2284              Path to a file containing the CA certificate(s) used  to  verify
2285              client SSL certificates used for authentication.
2286
2287          tls_client_cert: <none>
2288              File  containing  the  certificate  presented  to  a  server for
2289              authentication during STARTTLS. A value of "disabled" will  dis‐
2290              able this server's use of certificate-based authentication.
2291
2292          tls_client_certs: optional
2293              Disable   ("off"),   allow   ("optional",  default)  or  require
2294              ("require") the use of SSL certificates by clients to  authenti‐
2295              cate themselves.  Allowed values: off, optional, require
2296
2297          tls_client_key: <none>
2298              File containing the private key belonging to the tls_client_cert
2299              certificate. A value of "disabled" will  disable  this  server's
2300              use of certificate-based authentication.
2301
2302          tls_eccurve: prime256v1
2303              The  elliptic  curve  used  for  ECDHE.  Default is NIST Suite B
2304              prime256.  See 'openssl ecparam -list_curves' for possible  val‐
2305              ues.
2306
2307          tls_key_file: <none>
2308              Deprecated in favor of tls_server_key.
2309
2310          tls_required: 0
2311              If  enabled, require a TLS/SSL encryption layer to be negotiated
2312              prior to  ANY  authentication  mechanisms  being  advertised  or
2313              allowed.
2314
2315          tls_prefer_server_ciphers: 0
2316              Prefer the ciphers on the server side instead of client side.
2317
2318          tls_server_ca_dir: <none>
2319              Path to a directory with CA certificates used to verify certifi‐
2320              cates offered when this server connects to other  servers.  This
2321              directory  must have filenames with the hashed value of the cer‐
2322              tificates (see openssl(1)).
2323
2324          tls_server_ca_file: <none>
2325              Path to a file containing CA certificates used  to  verify  cer‐
2326              tificates offered when this server connects to other servers.
2327
2328          tls_server_cert: <none>
2329              File containing the certificate presented to clients.
2330
2331          tls_server_key: <none>
2332              File  containing the private key belonging to the certificate in
2333              tls_server_cert.
2334
2335          tls_sessions_db: twoskip
2336              The cyrusdb backend to use for the TLS cache.
2337
2338              Allowed values: skiplist, sql, twoskip, lmdb
2339
2340          tls_sessions_db_path: <none>
2341              The absolute path to the TLS sessions db file. If not specified,
2342              will be configdirectory/tls_sessions.db
2343
2344          tls_session_timeout: 1440
2345              The  length  of  time  (in  minutes)  that a TLS session will be
2346              cached for later reuse.  The maximum value is 1440  (24  hours),
2347              the default.  A value of 0 will disable session caching.
2348
2349          tls_versions: tls1_0 tls1_1 tls1_2
2350              A  list  of  SSL/TLS versions to not disable. Cyrus IMAP SSL/TLS
2351              starts with all protocols, and substracts protocols not in  this
2352              list.  Newer  versions  of SSL/TLS will need to be added here to
2353              allow them to get disabled.
2354
2355          uidl_format: cyrus
2356              Choose the format  for  UIDLs  in  pop3.   Possible  values  are
2357              "uidonly",  "cyrus",  "dovecot" and "courier".  "uidonly" forces
2358              the old default of UID, "cyrus" is UIDVALIDITY.UID.  Dovecot  is
2359              8  digits  of  leading  hex  (lower  case) each UID UIDVALIDITY.
2360              Courier is UIDVALIDITY-UID.   Allowed  values:  uidonly,  cyrus,
2361              dovecot, courier
2362
2363          umask: 077
2364              The umask value used by various Cyrus IMAP programs.
2365
2366          userdeny_db: flat
2367              The cyrusdb backend to use for the user access list.
2368
2369              Allowed values: flat, skiplist, sql, twoskip, lmdb
2370
2371          userdeny_db_path: <none>
2372              The  absolute  path  to the userdeny db file.  If not specified,
2373              will be configdirectory/user_deny.db
2374
2375          username_tolower: 1
2376              Convert usernames to all lowercase before  login/authentication.
2377              This  is  useful  with authentication backends which ignore case
2378              during username lookups (such as LDAP).
2379
2380          userprefix: Other Users
2381              If using the alternate IMAP namespace, the prefix for the  other
2382              users  namespace.  The hierarchy delimiter will be automatically
2383              appended.
2384
2385          unix_group_enable: 1
2386              Should we look up groups when using auth_unix (disable  this  if
2387              you  are  not using groups in ACLs for your IMAP server, and you
2388              are using auth_unix with a backend (such as LDAP) that can  make
2389              getgrent() calls very slow)
2390
2391          unixhierarchysep: 1
2392              Use  the  UNIX  separator character '/' for delimiting levels of
2393              mailbox hierarchy.  Turn off to use the netnews separator  char‐
2394              acter  '.'.  Note  that  with the newnews separator, no dots may
2395              occur in mailbox names.  The default switched in 3.0 from off to
2396              on.
2397
2398          virtdomains: off
2399              Enable  virtual  domain  support.  If enabled, the user's domain
2400              will be determined by splitting a fully qualified userid at  the
2401              last  '@'  or '%' symbol.  If the userid is unqualified, and the
2402              virtdomains option is set to  "on",  then  the  domain  will  be
2403              determined  by  doing  a reverse lookup on the IP address of the
2404              incoming network interface, otherwise the user is assumed to  be
2405              in the default domain (if set).  Allowed values: off, userid, on
2406
2407          xbackup_enabled: 0
2408              Enable  support  for  the XBACKUP command in imapd.  If enabled,
2409              admin users can use this command to  provoke  a  replication  of
2410              specified users to the named backup channel.
2411
2412          xlist-flag: <none>
2413              Set the special-use flag flag on the specified folder when it is
2414              autocreated  (see  the  autocreate_inbox_folders  option).   For
2415              example,  if  xlist-junk:  Spam  is  set, and the folder Spam is
2416              autocreated, the special-use flag \Junk will be set on it.
2417
2418              (This option is so named for  backward  compatibility  with  old
2419              config files.)
2420
2421          lmtp_catchall_mailbox: <none>
2422              Mail  sent to mailboxes which do not exist, will be delivered to
2423              this user.  NOTE: This must be an existing local user name  with
2424              an INBOX, NOT an email address!
2425
2426          zoneinfo_db: twoskip
2427              The cyrusdb backend to use for zoneinfo.
2428
2429              Allowed values: flat, skiplist, twoskip, lmdb
2430
2431          zoneinfo_db_path: <none>
2432              The  absolute  path  to the zoneinfo db file.  If not specified,
2433              will be configdirectory/zoneinfo.db
2434
2435          object_storage_enabled: 0
2436              Is Object storage enabled for this server.   You  also  need  to
2437              have  archiving  enabled  and  archivepartition for the mailbox.
2438              Only email files will be stored on object Storage archive parti‐
2439              tion will be used to store any other files
2440
2441          object_storage_dummy_spool: <none>
2442              Dummy  object storage spool; this is for test only.  Spool where
2443              user directory (container) will be created to store  all  emails
2444              in a flat structure
2445
2446          openio_namespace: <none>
2447              The  OpenIO  namespace  used to store archived email messages. A
2448              namespace identifies the physical platform cyrus  must  contact.
2449              This  directive  is used by the OpenIO's SDK to locate its plat‐
2450              form entry point.
2451
2452          openio_account: <none>
2453              The OpenIO account used to account for stored  emails.  Accounts
2454              are unique in their namespace. They provides virtual partitions,
2455              with quotas and QoS features.
2456
2457          openio_rawx_timeout: 30
2458              The OpenIO timeout to query to the  RAWX  services  (default  30
2459              sec).
2460
2461          openio_proxy_timeout: 5
2462              The  OpenIO  timeout  to  query to the PROXY services (default 5
2463              sec).
2464
2465          openio_autocreate: 0
2466              Allow the OpenIO SDK to autocreate containers.  Mainly  destined
2467              to  be  turned  on  development environments. In production, the
2468              container should have been provisioned with the mailboxes.
2469
2470          openio_verbosity: <none>
2471              Sets the logging verbosity of the  OpenIO's  internal  behavior.
2472              Admissible  values  are:  "warning",  "notice", "info", "debug",
2473              "trace", "quiet".  The default verbosity is  "warning".  Set  to
2474              "notice"  for  a  few lines on a per-client basis. Set to "info"
2475              for a few lines on a per-request basis. Set to  "debug"  Set  to
2476              "trace"   to  activate  the  underlying  libcurl  debug  output.
2477              Enabling a verbosity higher to equal than "debug"  requires  the
2478              cyrus  to  be  set in debug mode. The special "quiet" value dis‐
2479              ables all kinds of logging at the GLib level.
2480
2481          caringo_hostname: <none>
2482              The Caringo hostname used to store archived  email  messages.  A
2483              hostname  identifies  the  physical platform cyrus must contact.
2484              This directive is used by the Caringo's SDK (CastorSDK:  Caringo
2485              Simple Content Storage Protocol (SCSP) on HTTP 1.1 using a REST‐
2486              ful architecture
2487
2488          caringo_port: 80
2489              The port of the caringo server  (caringo_hostname);  default  is
2490              80.
2491
2492          fastmailsharing: 0
2493              If  enabled,  use  FastMail style sharing (oldschool full server
2494              paths)
2495

SEE ALSO

2497          imapd(8),  pop3d(8),  nntpd(8),  lmtpd(8),  httpd(8),  timsieved(8),
2498          idled(8), notifyd(8), deliver(8), master(8), ciphers(1)
2499

AUTHOR

2501       The Cyrus Team
2502
2504       1993-2017, The Cyrus Team
2505
2506
2507
2508
25093.0.10                           May 27, 2019                    IMAPD.CONF(5)
Impressum