wildduck/config/imap.toml

# If enabled then WildDuck exposes an IMAP interface for listing and fetching emails
enabled=true
port=9993
host="0.0.0.0"

# Use `true` for port 993 and `false` for 143. If connection is not secured
# on connection then WildDuck enables STARTTLS extension
secure=true

# Max size for messages uploaded via APPEND
maxMB=25

# delete messages from \Trash and \Junk after retention days
retention=30

# Default max donwload bandwith per day in megabytes
# Replaced by 'const:max:imap:download' setting
maxDownloadMB=10240

# Default max upload bandwith per day in  megabytes
# Replaced by 'const:max:imap:upload' setting
maxUploadMB=10240

# Default max concurrent connections per service per client
maxConnections=15

# if `true` then do not autodelete expired messages
disableRetention=false

# If true, then disables STARTTLS support
disableSTARTTLS=false

# If true, then advertises COMPRESS=DEFLATE capability
enableCompression=false

# If true, then expect HAProxy PROXY header as the first line of data
useProxy=false
# useProxy=true # expect PROXY from all conections
# useProxy=['*'] # expect PROXY from all conections
# useProxy=['1.2.3.4', '1.2.3.5'] # expect PROXY only from connections from listed IP addresses

# an array of IP addresses to ignore (not logged)
ignoredHosts=[]

#name="WildDuck IMAP"
#version="1.0.0"
#vendor="WildDuck"

# Add extra IMAP interfaces
#[[interface]]
#enabled=true
#port=9143
#host="0.0.0.0"
#secure=false
#ignoreSTARTTLS=true

[setup]
# Public configuration for IMAP
hostname="localhost"
secure=true
# port defaults to imap.port
#port=9993

[tls]
## If certificate path is not defined, use global or built-in self-signed certs
#key="/path/to/server/key.pem"
#cert="/path/to/server/cert.pem"
#dhparam="/path/to/server/dhparam.pem"

## You can also define extra options for specific TLS settings:

#ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"

#secureProtocol="SSLv23_server_method"

## constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_TLSv1 => 100663296
#secureOptions=100663296


#[[interface]]
#enabled=true
#port=9143
#host="0.0.0.0"
#secure=false
#ignoreSTARTTLS=false
Rename Wild Duck to WildDuck 2018-01-02 21:04:01 +08:00			`# If enabled then WildDuck exposes an IMAP interface for listing and fetching emails`
Updated config handler 2017-08-15 21:41:18 +08:00			`enabled=true`
			`port=9993`
Added PROXY support for IMAP, POP3 2017-10-12 03:43:10 +08:00			`host="0.0.0.0"`
Updated config handler 2017-08-15 21:41:18 +08:00
			# Use `true` for port 993 and `false` for 143. If connection is not secured
Rename Wild Duck to WildDuck 2018-01-02 21:04:01 +08:00			`# on connection then WildDuck enables STARTTLS extension`
Updated config handler 2017-08-15 21:41:18 +08:00			`secure=true`

			`# Max size for messages uploaded via APPEND`
			`maxMB=25`

			`# delete messages from \Trash and \Junk after retention days`
			`retention=30`

do not return blank content type values in bodystructure 2017-12-04 22:52:20 +08:00			`# Default max donwload bandwith per day in megabytes`
bunch of fixes 2022-07-05 16:57:57 +08:00			`# Replaced by 'const:max:imap:download' setting`
			`maxDownloadMB=10240`
Limit maximum message size 2017-11-10 21:04:58 +08:00
do not return blank content type values in bodystructure 2017-12-04 22:52:20 +08:00			`# Default max upload bandwith per day in megabytes`
bunch of fixes 2022-07-05 16:57:57 +08:00			`# Replaced by 'const:max:imap:upload' setting`
			`maxUploadMB=10240`
Limit maximum message size 2017-11-10 21:04:58 +08:00
do not return blank content type values in bodystructure 2017-12-04 22:52:20 +08:00			`# Default max concurrent connections per service per client`
Limit maximum message size 2017-11-10 21:04:58 +08:00			`maxConnections=15`

Updated config handler 2017-08-15 21:41:18 +08:00			# if `true` then do not autodelete expired messages
			`disableRetention=false`

Allow disabling STARTTLS 2017-09-11 03:53:12 +08:00			`# If true, then disables STARTTLS support`
			`disableSTARTTLS=false`

v1.12.2 2019-01-09 04:37:36 +08:00			`# If true, then advertises COMPRESS=DEFLATE capability`
			`enableCompression=false`

Added PROXY support for IMAP, POP3 2017-10-12 03:43:10 +08:00			`# If true, then expect HAProxy PROXY header as the first line of data`
			`useProxy=false`
Allow TLS to be handled upstream 2017-12-01 16:02:40 +08:00			`# useProxy=true # expect PROXY from all conections`
			`# useProxy=['*'] # expect PROXY from all conections`
			`# useProxy=['1.2.3.4', '1.2.3.5'] # expect PROXY only from connections from listed IP addresses`
Added PROXY support for IMAP, POP3 2017-10-12 03:43:10 +08:00
Allow disabling logging for specific source IPs 2017-10-12 21:01:27 +08:00			`# an array of IP addresses to ignore (not logged)`
			`ignoredHosts=[]`

Rename Wild Duck to WildDuck 2018-01-02 21:04:01 +08:00			`#name="WildDuck IMAP"`
Allow disabling STARTTLS 2017-09-11 03:53:12 +08:00			`#version="1.0.0"`
Rename Wild Duck to WildDuck 2018-01-02 21:04:01 +08:00			`#vendor="WildDuck"`
Allow disabling STARTTLS 2017-09-11 03:53:12 +08:00
allow multiple imap interfaces 2017-11-07 00:00:09 +08:00			`# Add extra IMAP interfaces`
			`#[[interface]]`
			`#enabled=true`
			`#port=9143`
			`#host="0.0.0.0"`
			`#secure=false`
			`#ignoreSTARTTLS=true`

Updated config handler 2017-08-15 21:41:18 +08:00			`[setup]`
			`# Public configuration for IMAP`
			`hostname="localhost"`
			`secure=true`
			`# port defaults to imap.port`
			`#port=9993`

			`[tls]`
added example for defining extra tls options 2017-10-05 21:04:39 +08:00			`## If certificate path is not defined, use global or built-in self-signed certs`
Updated config handler 2017-08-15 21:41:18 +08:00			`#key="/path/to/server/key.pem"`
			`#cert="/path/to/server/cert.pem"`
Allow using SNI TLS certificates with IMAP/POP3 2021-05-13 22:08:14 +08:00			`#dhparam="/path/to/server/dhparam.pem"`
added example for defining extra tls options 2017-10-05 21:04:39 +08:00
			`## You can also define extra options for specific TLS settings:`

			#ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"

			`#secureProtocol="SSLv23_server_method"`

			`## constants.SSL_OP_NO_SSLv3 \| constants.SSL_OP_NO_TLSv1 => 100663296`
			`#secureOptions=100663296`
v1.23.4 2020-03-09 19:50:41 +08:00

Disable default extra imap interface 2020-03-24 20:16:55 +08:00			`#[[interface]]`
			`#enabled=true`
			`#port=9143`
			`#host="0.0.0.0"`
			`#secure=false`
			`#ignoreSTARTTLS=false`