bionic (5) kopano-gateway.cfg.5.gz

Provided by: kopano-gateway_8.5.5-0ubuntu1_amd64 bug

NAME

       kopano-gateway.cfg - The Kopano gateway configuration file

SYNOPSIS

       gateway.cfg

DESCRIPTION

       The gateway.cfg is a configuration file for the Kopano Gateway.  gateway.cfg contains instructions for
       the software to set up the logging system and to enable or disable the POP3, POP3S, IMAP or IMAPS part of
       the service.

FILE FORMAT

       The file consists of one big section, but parameters can be grouped by functionality.

       The parameters are written in the form:

       name = value

       The file is line-based. Each newline-terminated line represents either a comment, nothing, a parameter or
       a directive. A line beginning with `#' is considered a comment, and will be ignored by Kopano. Parameter
       names are case sensitive. Lines beginning with `!' are directives.

       Directives are written in the form:

       !directive [argument(s)]

       The following directives exist:

       include
           Include and process argument

           Example: !include common.cfg

EXPLANATION OF EACH PARAMETER

   server_bind
       IP address to bind to. Leave empty to bind to all addresses.

       Default: (empty)

   server_hostname
       Hostname of the server to print to a client in the logon greeting. Leave empty to use DNS to find the
       hostname.

       Default:

   server_hostname_greeting
       Whether to show the hostname in the logon greeting to clients. This config option is reloadable using the
       HUP signal.

       Default: no

   pop3_enable
       Enable POP3 service with value yes. All other values disable the service.

       Default: yes

   pop3_port
       The POP3 service will listen on this port for incoming connections.

       Default: 110

   pop3s_enable
       Enable POP3S service with value yes. All other values disable the service.

       Default: yes

   pop3s_port
       The POP3S service will listen on this port for incoming connections.

       Default: 995

   imap_enable
       Enable IMAP service with value yes. All other values disable the service.

       Default: yes

   imap_port
       The IMAP service will listen on this port for incoming connections.

       Default: 143

   imaps_enable
       Enable IMAPS service with value yes. All other values disable the service.

       Default: yes

   imaps_port
       The IMAPS service will listen on this port for incoming connections.

       Default: 993

   server_socket
       The http address of the storage server.

       Default: http://localhost:236/

       It is not advised to specify the UNIX socket here, but the http address instead. In default configuration
       the gateway will then be trusted by the storage server (as set in its local_admin_users configuration
       setting). Unless is run as an untrusted user, by specifying the run_as_user, the gateway always
       authenticates users even if they provide no or wrong credentials!

   run_as_user
       After correctly starting, the gateway process will become this user, dropping root privileges. Note that
       the log file needs to be writeable by this user, and the directory too to create new logfiles after
       logrotation. This can also be achieved by setting the correct group and permissions.

       Default value is empty, not changing the user after starting.

   run_as_group
       After correctly starting, the gateway process will become this group, dropping root privileges.

       Default value is empty, not changing the group after starting.

   pid_file
       Write the process ID number to this file. This is used by the init.d script to correctly stop/restart the
       service.

       Default: /var/run/kopano/gateway.pid

   running_path
       Change directory to this path when running in daemonize mode. When using the -F switch to run in the
       foreground the directory will not be changed.

       Default: /

   coredump_enabled
       When a crash occurs or an assertion fails, a coredump file can be generated.  This file should be sent
       along with the crash report. It is turned on by default in Kopano, but your system may have it disabled.
       For details, see the kopano-coredump(5) manpage.

   process_model
       You can change the process model between fork and thread. The forked model uses somewhat more resources,
       but if a crash is triggered, this will only affect one user. In the threaded model, a crash means all
       users are affected, and will not be able to use the service.

       Default: thread

   bypass_auth
       This parameter can be used to skip password verification when connecting over the UNIX socket. Connecting
       through the UNIX socket can have a big performance gain, compared to the TCP socket of kopano-server. As
       kopano-gateway is usually running as the user kopano (which is a local_admin_user in kopano-server) this
       would normally mean that kopano-gateway would only verify usernames and no password (because its running
       as an administrator). When set to no (default value) forces verification of passwords, even when running
       as an administrator. For migrations you will want to set yes.

       Default: no

   imap_only_mailfolders
       Enable the IMAP and IMAPS service to only show the mailfolders. This is the default behaviour. When this
       option is set to 'no', you will also be able to select you calendar and contacts and such. These views
       will not contain all information, since these items cannot be converted to a rfc-822 mail item.

       Default: yes

   imap_public_folders
       Enable the IMAP and IMAPS service to also show the public store with subfolders. This is the default
       behaviour. When this option is set to 'no', IMAP clients will only see the users' folder.

       Default: yes

   imap_capability_idle
       Allow IMAP clients to issue the IDLE command. When an IMAP client is idle, it may receive notifications
       from the server about changes of the selected folder. This may increase load on the server when many
       users are using the IMAP service.

       Default: yes

   imap_max_messagesize
       Limit the maximum message size (in bytes) which can be created by an IMAP client. The maximum of this
       value is 4GB although this is not recommended. If the value is too high it will cause a segmentation
       fault. This value may contain a k, m or g multiplier.

       Default: 128M

   imap_expunge_on_delete
       Normally when you delete an e-mail in an IMAP client, it will only be marked as deleted, and not removed
       from the folder. The client should send the EXPUNGE command to actually remove the item from the folder
       (where Kopano will place it in the soft-delete system). When this option is set to yes, the
       kopano-gateway will issue the expunge command itself directly after a 'mark as delete' command was
       received.

       Default: no

   imap_max_fail_commands
       Maximum of failed commands before forcibly closing connection of client. This makes sure that a client
       which does repeatedly fails on a specific connection (like opening folders over and over again which do
       not exist) does not affect the overall performance of the gateway process. With the default value set to
       10, normal operation will work for most productionenvironments. With IMAP migrations, this value should
       be set higher as many traditional IMAP migration tools try to fetch folders which do not necessarily
       exist before, so in a migration scenario this value should be set higher, at minimum to the number of
       folders to be migrated from the largest mailbox.

       Default: 10

   imap_ignore_command_idle
       Some MUAs are sending commands via idle causing the connection to reach imap_max_fail_commands and leaves
       the client in a broken state. The clients include Apple Mail. If you experience problems or uses Apple
       Mail set this option to yes.

       Default: no

   disable_plaintext_auth
       Disable all plaintext POP3 and IMAP authentications unless SSL/TLS is used (except for connections
       originating from localhost, to allow saslauthd with rimap). Obviously, this requires at least
       ssl_private_key_file and ssl_certificate_file to take effect.

       Default: no

   ssl_private_key_file
       The gateway will use this file as private key for SSL TLS. This file can be created with: openssl genrsa
       -out /etc/kopano/gateway/privkey.pem 2048.

       Default: /etc/kopano/gateway/privkey.pem

   ssl_certificate_file
       The gateway will use this file as certificate for SSL TLS. A self-signed certificate can be created with:
       openssl req -new -x509 -key /etc/kopano/gateway/privkey.pem -out /etc/kopano/gateway/cert.pem -days 1095.

       Default: /etc/kopano/gateway/cert.pem

   ssl_verify_client
       Enable client certificate verification with value yes. All other values disable the verification.

       Default: no

   ssl_verify_file
       The file to verify the clients certificates with.

       Default: value not set.

   ssl_verify_path
       The path with the files to verify the clients certificates with.

       Default: value not set.

   ssl_protocols
       Disabled or enabled protocol names. Supported protocol names are SSLv3 and TLSv1. If Kopano was linked
       against OpenSSL 1.0.1 or later there is additional support for the new protocols TLSv1.1 and TLSv1.2. To
       exclude both SSLv3 and TLSv1, set server_ssl_protocols to !SSLv3 !TLSv1.

       Default: SSLv2 being disabled

   ssl_ciphers
       SSL ciphers to use, set to ALL for backward compatibility.

       Default: ALL:!LOW:!SSLv2:!EXP:!aNULL

   ssl_prefer_server_ciphers
       Prefer the server's order of SSL ciphers over client's.

       Default: no

   log_method
       The method which should be used for logging. Valid values are:

       syslog Use the Linux system log. All messages will be written to the mail facility. See also
              syslog.conf(5).

       file   Log to a file. The filename will be specified in log_file.

       Default: file

   log_file
       When logging to a file, specify the filename in this parameter. Use - (minus sign) for stderr output.

       Default: /var/log/kopano/gateway.log

   log_level
       The level of output for logging in the range from 0 to 5. 0=no logging, 5=full logging.

       Default: 2

   log_timestamp
       Specify whether to prefix each log line with a timestamp in 'file' logging mode.

       Default: 1

   log_buffer_size
       Buffer logging in what sized blocks. The special value 0 selects line buffering.

       Default: 0

RELOADING

       The following options are reloadable by sending the kopano-gateway process a HUP signal:

       log_level

FILES

       /etc/kopano/gateway.cfg
           The Kopano gateway configuration file.

AUTHOR

       Written by Kopano.

SEE ALSO

       kopano-gateway(8)