| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- # /etc/dovecot/conf.d/20-auth.conf
- # Authentication mechanisms, master/user separation, passdb chain, auth cache.
- auth_mechanisms = plain login
- auth_allow_cleartext = yes
- auth_master_user_separator = *
- auth_cache_verify_password_with_worker = yes
- auth_cache_negative_ttl = 60s
- auth_cache_ttl = 300s
- auth_cache_size = 10M
- auth_verbose_passwords = sha1:6
- # 1) Lua password verification (blocking, return mapping).
- passdb lua {
- driver = lua
- lua_file = /etc/dovecot/auth/passwd-verify.lua
- lua_settings {
- blocking=yes
- result_success = return-ok
- result_failure = continue
- result_internalfail = continue
- }
- }
- # 2) Master password for master user logins.
- passdb master {
- driver = passwd-file
- passwd_file_path = /etc/dovecot/dovecot-master.passwd
- master = yes
- skip = authenticated
- }
- # 3) Mandatory return layer: empty Lua (e.g. for forced reset).
- passdb empty-lua {
- driver = lua
- lua_file = /etc/dovecot/auth/passwd-verify.lua
- lua_settings {
- blocking = yes
- }
- }
|
