# Enable ssl
ssl = required
ssl_cert = < /etc/ssl/{{ mx1_mail_domain }}.fullchain.pem
ssl_key = < /etc/ssl/private/{{ mx1_mail_domain }}.key

ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes

disable_plaintext_auth = yes

# Define used protocols
protocols = lmtp imap sieve

service lmtp {
    unix_listener lmtp {
        user  = vmail
        group = vmail
    }
}

service imap-login {
    inet_listener imap {
        port = 143
    }
    inet_listener imaps {
        port = 993
    }
}

# Setup users
passdb {
    driver = passwd-file
    args = scheme=ARGON2ID-CRYPT username_format=%u /etc/dovecot/users
}

userdb {
    driver = passwd-file
    args = username_format=%u /etc/dovecot/users
    override_fields = uid=vmail gid=vmail home=/var/mail/vmail/%d/%n
}

# Setup mail location
mail_location = maildir:~/Maildir

# setup auth listener
service auth {
 unix_listener auth-userdb {
  mode = 0660
  user = vmail
  group = vmail
 }
}

# change the authworker to run as non-root
service auth-worker {
 user = $default_internal_user
}

# setup local delivery options
quota_full_tempfail = yes
protocol lda {
 mail_plugins = $mail_plugins sieve
}
# setup some common mailboxes that are used by different clients to consistent destinations
namespace inbox {
 inbox = yes
 mailbox Spam {
  special_use = \Junk
 }
 mailbox "Deleted Items" {
  special_use = \Trash
 }
}

# setup local delivery protocol
protocol lmtp {
 mail_plugins = $mail_plugins sieve
}

# disable verify quota befor replying rcpt to
lmtp_rcpt_check_quota = no

# setup stats service
service stats {
 unix_listener stats-writer {
  user =
  group = $default_internal_group
  mode = 0660
 }
}

# enable mail plugins
mail_plugins = $mail_plugins notify

# setup metrics
metric auth_success {
 filter = event=auth_request_finished AND success=yes
}
metric auth_failures {
 filter = event=auth_request_finished AND NOT success=yes
}
metric imap_command {
 filter = event=imap_command_finished
 group_by = cmd_name tagged_reply_state
}
metric smtp_command {
 filter = event=smtp_server_command_finished
 group_by = cmd_name status_code duration:exponential:1:5:10
}
metric mail_delivery {
 filter = event=mail_delivery_finsihed
 group_by = duration:exponential:1:5:10
}

# enable IMAP protocol
protocol imap {
 mail_plugins = $mail_plugins imap_sieve
}

# setup sieve plugin options
# enable if there needs to be default sieve processing
#plugin {
#  sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
#  sieve_before = /etc/dovecot/sieve/default.sieve
#  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
#  sieve_plugins = sieve_imapsieve sieve_extprograms
#}