GNU Mailutils |
|
General-Purpose Mail Package |
Official GNU Software |
GNU imap4d
is a daemon implementing IMAP4 rev1 protocol
for accessing and handling electronic mail messages on a server. It can
be run either as a standalone program or from inetd.conf file.
GNU imap4d
supports a notion of namespaces defined
in RFC 2342. A namespace can be regarded as a list of entities,
defining locations to which the user has certain access rights. Each
entity includes the prefix, under which the mailboxes can be
found, hierarchy delimiter, a character used to delimit parts of
a path to a mailbox, and a directory on the file system on the
server, which actually holds the mailboxes. Among these three values,
only first two are visible to the client using the IMAP
‘NAMESPACE’ command.
There are three namespaces:
A namespace that is within the personal scope of the authenticated user on a particular connection. The user has all permissions on this namespace.
By default, this namespace contains a single prefix:
prefix: "" delimiter: / directory: home directory of the user
A namespace that consists of mailboxes from the “Personal Namespaces”
of other users. The user can read and list mailboxes from this
namespace. However, he is not allowed to use ‘%’ and ‘*’
wildcards with LIST
command, that is he can access a
mailbox only if he knows exactly its location.
By default, this namespace is empty.
A namespace that consists of mailboxes that are intended to be shared amongst users and do not exist within a user’s Personal Namespace. The user has all permissions on this namespace.
By default, this namespace is empty.
The default values ensure that each user is able to see or otherwise access mailboxes residing in the directories other than his own home.
These defaults can be changed using the namespace
block
statement:
namespace name { mailbox-mode mode; prefix pfx { directory path; delimiter chr; mailbox-type type; } }
The name argument to the namespace
statement declares
which namespace is being configured. Allowed values are:
‘personal’, ‘other’, and ‘shared’.
The mailbox-mode
statement configures the file mode for the
mailboxes created within that namespace (provided that the directory
permissions allow the user to create mailboxes). The mode
argument is a comma-delimited list of symbolic mode settings, similar
to that used by chmod
. Each setting begins with a
letter ‘g’, which means set mode bits for file group, or
‘o’, which means set mode bits for other users (note, that there
is no ‘u’ specifier, since user ownership of his mailbox cannot
be changed). This letter is followed by an ‘=’ (or ‘+’), and
a list of modes to be set. This list can contain only two letters:
‘r’ to set read permission, and ‘w’ to set write permission.
For example, the following statement sets read and write permissions for the group:
mailbox-mode g=rw;
The prefix
statement configures available prefixes and
determines their mappings to the server’s file system. The pfx
argument defines the prefix which will be visible to the IMAP client.
The directory
statement defines the directory in the file
system to which pfx is mapped. Exactly one directory
statement must be present in each prefix
block. The
inerpretation of its argument depends on the namespace in which it
occurs.
When used in the ‘namespace shared’ block, the argument to this statement is interpreted verbatim, as an absolute pathname.
When used in ‘namespace personal’ the argument to
directory
statement can contain references to the following
variables (see Variables):
Login name of the user.
Home directory of the user.
For example, the following statement maps the default personal namespace to the directory ‘imap’ in the user’s home directory:
namespace personal { prefix ""; directory "$home/imap"; }
If the ‘directory’ statement is used within the ‘namespace other’ block, its value can contain the ‘$user’ and ‘$home’ variables as well, but their meaning is different. For the ‘other’ namespace, the ‘$user’ variable is expanded to the part of the actual reference contained between the prefix and first hierarchy delimiter (or the end of the reference, if no delimiter occurs to the right of the prefix). Correspondingly, ‘$home’ expands to the home directory of that user. Consider, for example, the following statement:
namespace other { prefix "~"; directory "/var/imap/$user"; }
If the client issues the following statement:
1 LIST "~smith" "%"
then ‘$user’ will expand to the string ‘smith’ and the server will look for all mailboxes in the directory /var/imap/smith.
The delimiter
statement defines the folder hierarchy delimiter
for that prefix. It is optional, the default value being ‘"/"’.
The mailbox-type
statement declares the type of the mailboxes
within that prefix. If present, its argument must be a valid mailbox
type (e.g. ‘mailbox’, ‘maildir’, or ‘mh’). The IMAP
LIST
command will display only mailboxes of that type. The
CREATE
command will create mailboxes of that type.
In the absence of the mailbox-type
statement, the IMAP
LIST
command will display mailboxes of any type supported by
Mailutils. The type of newly-created mailboxes is then determined by
the mailbox-type
statement (see mailbox-type).
Any number of prefix
blocks can be present.
Consider, for example, the following configuration:
namespace personal { prefix "" { directory "$home/mailfolder"; } prefix "#MH:" { directory "$home/Mail"; delimiter "/"; mailbox-type "mh"; } }
It defines the personal namespace containing two prefixes. The empty prefix is mapped to the directory mailfolder in the home directory of the currently authenticated user. Any type of mailboxes is supported within that prefix.
The prefix ‘#MH:’ is mapped to the directory Mail in the home directory of the user, and is limited to contain only mailboxes in MH format.
Note that if the prefixes ‘""’ is not defined in the personal namespace, the following default will be automatically created:
prefix "" { directory "$home"; }
imap4d
.The behavior of imap4d
is altered by the following
configuration statements:
Statement | Reference |
---|---|
debug | See debug statement. |
tls | See tls statement. |
tls-file-checks | See tls-file-checks statement. |
mailbox | See mailbox statement. |
locking | See locking statement. |
logging | See logging statement. |
pam | See pam statement. |
sql | See sql statement. |
virtdomain | See virtdomain statement. |
radius | See radius statement. |
ldap | See ldap statement. |
auth | See auth statement. |
server | See Server Settings. |
acl | See acl statement. |
tcp-wrappers | See tcp-wrappers statement. |
Configures namespace. The argument is one of: ‘personal’,
‘other’, ‘shared’. The following statements (described
below) are allowed within curly braces: mailbox-mode
and
prefix
.
See Namespace.
Configures the file mode for the mailboxes created within that namespace. The syntax for mode is:
g(+|=)[wr]+,o(+|=)[wr]+
See mailbox-mode.
Configures a prefix and determines its mapping to the server’s file
system. The pfx argument is the prefix which will be
visible to the IMAP client. Available sub-statements are:
directory
, delimiter
, and mailbox-type
.
See prefix.
Defines the directory in the file system to which the prefix is mapped.
See directory.
Defines the folder hierarchy delimiter for the prefix. Argument must be a single character.
See delimiter.
Defines the type of the mailboxes inside that prefix.
See mailbox-type.
Disable LOGIN
command, if bool is ‘true’.
Create nonexistent user home directories. See also home-dir-mode, below.
Set file mode for created user home directories. Mode is specified in octal.
The default value for mode is ‘700’ (‘drwx------’ in
ls
terms).
Configure PREAUTH mode. Valid arguments are:
Imap4d
invokes an external program to authenticate the
connection. The command line is obtained from the supplied string,
by expanding the following meta-variables:
${client_address}
Remote IP address in dotted-quad notation;
${client_port}
Remote port number;
${server_address}
Local IP address;
${server_port}
Local port number.
If the connection is authenticated, the program should print the user name, followed by a newline character, on its standard output and exit with code ‘0’.
Otherwise, it should exit with a non-zero exit code.
The remote machine is asked about the requester identity using the identification protocol (RFC 1413). Both plaintext and DES encrypted replies are understood. Optional port specifies the port to use, if it differs from the default ‘113’. It can be either a decimal port number or a symbolic name of a service, listed in /etc/services.
PREAUTH mode is enabled automatically if imap4d is started from command line in interactive mode (-i command line option). The current login name is used as the user name.
If bool is ‘true’, use only preauth mode. If unable to setup it, disconnect immediately.
Set DES keyfile for decoding encrypted ident responses. Used with ‘ident://’ preauth mode.
Use only encrypted IDENT responses.
Set list of fields to return in response to ID command.
Valid field names are:
Package name (‘GNU Mailutils’).
Package version (‘3.14’).
Vendor name (‘GNU’).
The string ‘http://www.gnu.org/software/mailutils’
The string ‘51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA’.
OS name.
OS version number.
Name of the imap4d
binary.
Invocation command line.
List of environment variables with their values.
imap4d
imap4d
may run either in standalone or in inetd
operation modes. When run in “standalone” mode, the server disconnects
from the terminal and runs as a daemon, forking a child for each new
connection.
The “inetd” mode allows to start the server from /etc/inetd.conf file. This is the default operation mode.
imap4 stream tcp nowait root /usr/local/sbin/imap4d imap4d
Run in standalone mode. An optional number specifies the maximum number of child processes the daemon is allowed to fork. When it is omitted, it defaults to 20 processes. Please note, that there should be no whitespace between the -d and its parameter.
Run in inetd mode.
Run in foreground.
Start in preauth mode
Run in test mode.
See also Common Options.
This document was generated on January 2, 2022 using makeinfo.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.