· 6 years ago · Mar 18, 2020, 05:06 PM
1[sudo] password for mike:
2# ------------------------------
3# mailcow web ui configuration
4# ------------------------------
5# example.org is _not_ a valid hostname, use a fqdn here.
6# Default admin user is "admin"
7# Default password is "moohoo"
8
9MAILCOW_HOSTNAME=mail.FQDN.TLD
10
11# ------------------------------
12# SQL database configuration
13# ------------------------------
14
15DBNAME=mailcow
16DBUSER=mailcow
17
18# Please use long, random alphanumeric strings (A-Za-z0-9)
19
20DBPASS=
21DBROOT=
22
23# ------------------------------
24# HTTP/S Bindings
25# ------------------------------
26
27# You should use HTTPS, but in case of SSL offloaded reverse proxies:
28# Might be important: This will also change the binding within the container.
29# If you use a proxy within Docker, point it to the ports you set below.
30
31HTTP_BIND=127.0.0.1
32HTTP_PORT=8080
33HTTPS_BIND=127.0.0.1
34HTTPS_PORT=8443
35
36#HTTP_PORT=80
37#HTTP_BIND=0.0.0.0
38
39#HTTPS_PORT=443
40#HTTPS_BIND=0.0.0.0
41
42# ------------------------------
43# Other bindings
44# ------------------------------
45# You should leave that alone
46# Format: 11.22.33.44:25 or 0.0.0.0:465 etc.
47# Do _not_ use IP:PORT in HTTP(S)_BIND or HTTP(S)_PORT
48
49SMTP_PORT=25
50SMTPS_PORT=465
51SUBMISSION_PORT=587
52IMAP_PORT=143
53IMAPS_PORT=993
54POP_PORT=110
55POPS_PORT=995
56SIEVE_PORT=4190
57DOVEADM_PORT=127.0.0.1:19991
58SQL_PORT=127.0.0.1:13306
59SOLR_PORT=127.0.0.1:18983
60
61# Your timezone
62
63TZ=Europe/Oslo
64
65# Fixed project name
66
67COMPOSE_PROJECT_NAME=mailcowdockerized
68
69# Set this to "allow" to enable the anyone pseudo user. Disabled by default.
70# When enabled, ACL can be created, that apply to "All authenticated users"
71# This should probably only be activated on mail hosts, that are used exclusivly by one organisation.
72# Otherwise a user might share data with too many other users.
73ACL_ANYONE=disallow
74
75# Garbage collector cleanup
76# Deleted domains and mailboxes are moved to /var/vmail/_garbage/timestamp_sanitizedstring
77# How long should objects remain in the garbage until they are being deleted? (value in minutes)
78# Check interval is hourly
79
80MAILDIR_GC_TIME=1440
81
82# Additional SAN for the certificate
83#
84# You can use wildcard records to create specific names for every domain you add to mailcow.
85# Example: Add domains "example.com" and "example.net" to mailcow, change ADDITIONAL_SAN to a value like:
86#ADDITIONAL_SAN=imap.*,smtp.*
87# This will expand the certificate to "imap.example.com", "smtp.example.com", "imap.example.net", "imap.example.net"
88# plus every domain you add in the future.
89#
90# You can also just add static names...
91#ADDITIONAL_SAN=srv1.example.net
92# ...or combine wildcard and static names:
93#ADDITIONAL_SAN=imap.*,srv1.example.com
94#
95
96ADDITIONAL_SAN=
97
98# Skip running ACME (acme-mailcow, Let's Encrypt certs) - y/n
99
100SKIP_LETS_ENCRYPT=y
101
102# Create seperate certificates for all domains - y/n
103# this will allow adding more than 100 domains, but some email clients will not be able to connect with alternative hostnames
104# see https://wiki.dovecot.org/SSL/SNIClientSupport
105ENABLE_SSL_SNI=n
106
107# Skip IPv4 check in ACME container - y/n
108
109SKIP_IP_CHECK=n
110
111# Skip HTTP verification in ACME container - y/n
112
113SKIP_HTTP_VERIFICATION=n
114
115# Skip ClamAV (clamd-mailcow) anti-virus (Rspamd will auto-detect a missing ClamAV container) - y/n
116
117SKIP_CLAMD=n
118
119# Skip Solr on low-memory systems or if you do not want to store a readable index of your mails in solr-vol-1.
120
121SKIP_SOLR=n
122
123# Solr heap size in MB, there is no recommendation, please see Solr docs.
124# Solr is a prone to run OOM and should be monitored. Unmonitored Solr setups are not recommended.
125
126SOLR_HEAP=1024
127
128# Enable watchdog (watchdog-mailcow) to restart unhealthy containers (experimental)
129
130USE_WATCHDOG=n
131
132# Allow admins to log into SOGo as email user (without any password)
133
134ALLOW_ADMIN_EMAIL_LOGIN=n
135
136# Send notifications by mail (sent from watchdog@MAILCOW_HOSTNAME)
137# CAUTION:
138# 1. You should use external recipients
139# 2. Mails are sent unsigned (no DKIM)
140# 3. If you use DMARC, create a separate DMARC policy ("v=DMARC1; p=none;" in _dmarc.MAILCOW_HOSTNAME)
141# Multiple rcpts allowed, NO quotation marks, NO spaces
142
143#WATCHDOG_NOTIFY_EMAIL=a@example.com,b@example.com,c@example.com
144#WATCHDOG_NOTIFY_EMAIL=
145
146# Notify about banned IP (includes whois lookup)
147WATCHDOG_NOTIFY_BAN=y
148
149# Checks if mailcow is an open relay. Requires a SAL. More checks will follow.
150# https://www.servercow.de/mailcow?lang=en
151# https://www.servercow.de/mailcow?lang=de
152# No data is collected. Opt-in and anonymous.
153# Will only work with unmodified mailcow setups.
154WATCHDOG_EXTERNAL_CHECKS=n
155
156# Max log lines per service to keep in Redis logs
157
158LOG_LINES=9999
159
160# Internal IPv4 /24 subnet, format n.n.n (expands to n.n.n.0/24)
161
162IPV4_NETWORK=172.22.1
163
164# Internal IPv6 subnet in fc00::/7
165
166IPV6_NETWORK=fd4d:6149:6t63:6f72::/64
167
168# Use this IPv4 for outgoing connections (SNAT)
169
170#SNAT_TO_SOURCE=
171
172# Use this IPv6 for outgoing connections (SNAT)
173
174#SNAT6_TO_SOURCE=
175
176# Create or override API key for web ui
177# You _must_ define API_ALLOW_FROM, which is a comma separated list of IPs
178# API_KEY allowed chars: a-z, A-Z, 0-9, -
179
180#API_KEY=
181#API_ALLOW_FROM=172.22.1.1,127.0.0.1
182
183# mail_home is ~/Maildir
184MAILDIR_SUB=Maildir
185
186# SOGo session timeout in minutes
187SOGO_EXPIRE_SESSION=480