mirror of
https://bitbucket.org/jsuto/piler.git
synced 2025-01-12 10:10:12 +01:00
5d479b732a
Signed-off-by: Janos SUTO <sj@acts.hu>
258 lines
8.3 KiB
Plaintext
258 lines
8.3 KiB
Plaintext
; This is an example config with default values
|
|
; Attention: do _not_ use whitespace between keys and values
|
|
|
|
; verbosity level. The more logging the greater load
|
|
; 1: normal
|
|
; 3: info
|
|
; 5: debug
|
|
verbosity=1
|
|
|
|
; unique server id. If you have more than 1 piler hosts combined,
|
|
; then assign a unique value to each host. Possible values: 0-255
|
|
server_id=0
|
|
|
|
|
|
; piler daemon will use this user (and its group)
|
|
; it it was started by root
|
|
username=piler
|
|
|
|
; by default (unless a specific retention rule applies),
|
|
; preserve an email for this many days. The purge utility
|
|
; won't harm the message until its retention days are gone.
|
|
; The default is 7 years + 2 days (=7*365+2=2557 days)
|
|
default_retention_days=2557
|
|
|
|
; The initialization vector for encryption.
|
|
; By now it has become obsolete. Don't use it for
|
|
; new installations. However, if you used it before
|
|
; then you must keep it as it is.
|
|
;iv=
|
|
|
|
; whether to encrypt messages (1) or not (0).
|
|
; Make sure to set this value to your needs right after installing piler,
|
|
; and don't change it after you got the first email. Otherwise
|
|
; you'll have half the archive encrypted, the other half unencrypted
|
|
; which will cause problems.
|
|
encrypt_messages=1
|
|
|
|
; number of worker processes, ie. the number of simultaneous smtp connections to piler.
|
|
; This value should be the number of cpus + 1, ie. 2 for a single cpu host
|
|
number_of_worker_processes=2
|
|
|
|
; max. number of parallel connections piler-smtp can handle.
|
|
; Important! If you want to change this value, then you must first
|
|
; stop piler-smtp, change the value, then start piler-smtp.
|
|
; I don't suggest to go under 10 or above 1000.
|
|
max_connections=64
|
|
|
|
; number of processed emails per each piler process
|
|
max_requests_per_child=10000
|
|
|
|
; SMTP HELO identification string
|
|
; this should be the FQDN part of the email address
|
|
; where you copy emails, eg. archive@piler.yourdomain.com -> piler.yourdomain.com
|
|
hostid=piler.yourdomain.com
|
|
|
|
; whether to process rcpt to addresses and add them to rcpt table (1) or not (0)
|
|
process_rcpt_to_addresses=0
|
|
|
|
; write pid file
|
|
pidfile=/var/run/piler/piler.pid
|
|
|
|
; piler will listen here
|
|
; if you have postfix, exim, ... installed on localhost
|
|
; then make sure to set the listen_addr parameter for piler
|
|
listen_addr=0.0.0.0
|
|
listen_port=25
|
|
|
|
clamd_socket=/tmp/clamd
|
|
|
|
; check for client timeout interval. Default: 20 sec
|
|
check_for_client_timeout_interval=20
|
|
|
|
; smtp timeout. Default: 60 sec
|
|
smtp_timeout=60
|
|
|
|
helper_timeout=20
|
|
|
|
; whether to run external attachment extractors (1) or not (0)
|
|
extract_attachments=1
|
|
|
|
; the 2nd parameter of the listen() system call. Please note that this is set
|
|
; when piler starts up and you should restart piler if you change this variable.
|
|
; Please also note that the meaning of this variable depends on your Unix implementation
|
|
backlog=20
|
|
|
|
workdir=/var/piler/tmp
|
|
|
|
; whether to enable writing folder_message table (1) or not (0)
|
|
enable_folders=0
|
|
|
|
; discard a message if it's shorter than this value (in bytes)
|
|
min_message_size=100
|
|
|
|
;
|
|
; starttls stuff
|
|
;
|
|
|
|
; whether to enable (1) or disable (0) starttls support
|
|
tls_enable=0
|
|
|
|
; PEM file containing both the certificate and the private key.
|
|
; Make sure to create this file (and secure it with chmod 600 /usr/local/etc/piler.pem)
|
|
; before turning on starttls support!
|
|
pemfile=
|
|
|
|
; cipher list to use, see 'man SSL_CTX_set_cipher_list' for more details
|
|
cipher_list=ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
|
|
|
|
|
|
; set the minimum TLS protocol version for piler-smtp daemon
|
|
;
|
|
; Valid values: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
|
|
; TLSv1 and TLSv1.1 are not recommended for security reasons
|
|
tls_min_version=TLSv1.2
|
|
|
|
|
|
; piler's own header to indicate previously archived messages
|
|
piler_header_field=X-piler-id:
|
|
|
|
; extra header field to treat as To:
|
|
;
|
|
; to make postfix to insert the envelope recipient address to the email
|
|
; header, do the following:
|
|
;
|
|
; /etc/postfix/main.cf:
|
|
;
|
|
; smtpd_recipient_restrictions = reject_non_fqdn_recipient, ... check_recipient_access pcre:$config_directory/x-add-envelope-to, ...
|
|
;
|
|
; /etc/postfix/x-add-envelope-to:
|
|
;
|
|
; /(.*)/ prepend X-Envelope-To: $1
|
|
;
|
|
extra_to_field=X-Envelope-To:
|
|
|
|
; whether to archive an email not having a Message-ID header line (1)
|
|
; or not (0).
|
|
; If enabled then piler will assign piler_id as the message-id
|
|
; to messages without message-id.
|
|
archive_emails_not_having_message_id=0
|
|
|
|
; whether to archive each and every single email received (0) or
|
|
; only those on the mydomains list (1). The default is to archive
|
|
; everything
|
|
archive_only_mydomains=0
|
|
|
|
; whether to syslog the recipients of the email in the following format:
|
|
; 400000.....xxxxx: rcpt=recipient1@domain.com
|
|
; 400000.....xxxxx: rcpt=recipient2@domain.com
|
|
syslog_recipients=0
|
|
|
|
; minimum word length in mail body to index
|
|
min_word_len=1
|
|
|
|
; whether to enable CJK (=Chinese, Japanese, and Korean) "characters".
|
|
; the text piler can see with CJK languages may have extremely long
|
|
; sequences without any whitespace. To prevent the parser to drop
|
|
; these very long sequences, enable (1) this feature. By default it's
|
|
; disabled (0).
|
|
enable_cjk=0
|
|
|
|
; whether to enable the CHUNKING / BDAT feature (1) or not (0)
|
|
; You may read about the feature at https://tools.ietf.org/html/rfc3030)
|
|
enable_chunking=0
|
|
|
|
; if piler detects this line in the mail header, then it will assume
|
|
; the message is a spam. You should include your own antispam solution's
|
|
; specific line.
|
|
;
|
|
; If you use SpamAssassin you may use
|
|
;
|
|
; spam_header_line=X-Spam-Status: Yes
|
|
;
|
|
; OR
|
|
;
|
|
; spam_header_line=X-Spam-Level: ********
|
|
;
|
|
; The default value is empty.
|
|
spam_header_line=
|
|
|
|
;
|
|
; memcached stuff
|
|
;
|
|
|
|
; memcached server to use. Currently piler supports only 1 memcached server
|
|
memcached_servers=127.0.0.1
|
|
|
|
; ttl (in secs) of a stored object
|
|
; 0 means records don't expire
|
|
memcached_ttl=86400
|
|
|
|
; whether to update counters to memcached (1) or to the database (0)
|
|
update_counters_to_memcached=0
|
|
|
|
; interval to sync memcached data (eg. counters) to database
|
|
; this setting is only effective if you have update_counters_to_memcached=1
|
|
;
|
|
; hint: if you are using a mysql replicated environment and you do _not_ want
|
|
; piler to write to the replicated database (because you do sync it some other
|
|
; way to the master database or you are not interested in keeping the counters
|
|
; persistantly at all), then specify a big number here, that fits to the
|
|
; "long int" size, eg. 2147483647
|
|
memcached_to_db_interval=900
|
|
|
|
|
|
;
|
|
; mysql stuff
|
|
;
|
|
|
|
// this can be either utf8 or utf8mb4. Make sure to match the value
|
|
// to the charset of the piler database! Also, make sure to set this
|
|
// value in sphinx.conf
|
|
mysqlcharset=utf8mb4
|
|
;mysqlhost=127.0.0.1
|
|
;mysqlport=3306
|
|
mysqlsocket=/var/run/mysqld/mysqld.sock
|
|
mysqluser=piler
|
|
mysqlpwd=verystrongpassword
|
|
mysqldb=piler
|
|
mysql_connect_timeout=2
|
|
|
|
|
|
|
|
; if you want to change the 'sent' time as you archive the message
|
|
; set this in seconds. This can be a postive or negative value.
|
|
; By default this feature is not enabled, use --tweak-sent-time
|
|
; configure option to enable it.
|
|
tweak_sent_time_offset=0
|
|
|
|
; whether to enable (1) or not (0) the extra mmap dedup test feature
|
|
; if you change it, be sure to stop, then start piler
|
|
mmap_dedup_test=0
|
|
|
|
; security header that must be present in the first mail header of
|
|
; the message. If the security_header value is not empty, then the
|
|
; parser checks for this header line. Unless it's found it will discard
|
|
; the given email. Note that this feature is supposed to be a security
|
|
; mechanism against unwanted email in the archive if limiting smtp
|
|
; clients via an IP-address list is not feasible.
|
|
security_header=
|
|
|
|
; By default the archive accepts any envelope recipient addresses.
|
|
; If your archive's port 25 is wide open to the Internet (which it
|
|
; shouldn't be, then spammers may find it, and fill it with spam.
|
|
;
|
|
; By setting this variable you may restrict the envelope address
|
|
; to a single email address, eg. some-random-address-12345@archive.yourdomain.com
|
|
; Then the archive will reject any other envelope recipients
|
|
archive_address=
|
|
|
|
; whether to enable (1) or not (0) an smtp access list similar to
|
|
; postfix's postscreen. Valid actions in the acl file are "permit"
|
|
; and "reject" (without quotes). See smtp.acl.example for more.
|
|
;
|
|
; Important! There's an implicit default deny at the end of the
|
|
; rules. In other words if you decide to use the acl file, then
|
|
; everyone is not explicitly permitted is denied.
|
|
smtp_access_list=0
|