##
## Settings for the Sieve interpreter
-##
+##
# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf
# by adding it to the respective mail_plugins= settings.
+# The Sieve interpreter can retrieve Sieve scripts from several types of
+# locations. The default `file' location type is a local filesystem path
+# pointing to a Sieve script file or a directory containing multiple Sieve
+# script files. More complex setups can use other location types such as
+# `ldap' or `dict' to fetch Sieve scripts from remote databases.
+#
+# All settings that specify the location of one ore more Sieve scripts accept
+# the following syntax:
+#
+# location = [<type>:]path[;<option>[=<value>][;...]]
+#
+# If the type prefix is omitted, the script location type is 'file' and the
+# location is interpreted as a local filesystem path pointing to a Sieve script
+# file or directory. Refer to Pigeonhole wiki or INSTALL file for more
+# information.
+
plugin {
- # The path to the user's main active script. If ManageSieve is used, this the
- # location of the symbolic link controlled by ManageSieve.
- sieve = ~/.dovecot.sieve
-
- # The default Sieve script when the user has none. This is a path to a global
- # sieve script file, which gets executed ONLY if user's private Sieve script
- # doesn't exist. Be sure to pre-compile this script manually using the sievec
- # command line tool.
- # --> See sieve_before fore executing scripts before the user's personal
+ # The location of the user's main Sieve script or script storage. The LDA
+ # Sieve plugin uses this to find the active script for Sieve filtering at
+ # delivery. The "include" extension uses this location for retrieving
+ # :personal" scripts. This is also where the ManageSieve service will store
+ # the user's scripts, if supported.
+ #
+ # Currently only the 'file:' location type supports ManageSieve operation.
+ # Other location types like 'dict:' and 'ldap:' can currently only
+ # be used as a read-only script source ().
+ #
+ # For the 'file:' type: use the ';active=' parameter to specify where the
+ # active script symlink is located.
+ # For other types: use the ';name=' parameter to specify the name of the
+ # default/active script.
+ sieve = file:~/sieve;active=~/.dovecot.sieve
+
+ # The default Sieve script when the user has none. This is the location of a
+ # global sieve script file, which gets executed ONLY if user's personal Sieve
+ # script doesn't exist. Be sure to pre-compile this script manually using the
+ # sievec command line tool if the binary is not stored in a global location.
+ # --> See sieve_before for executing scripts before the user's personal
# script.
- #sieve_global_path = /var/lib/dovecot/sieve/default.sieve
+ #sieve_default = /var/lib/dovecot/sieve/default.sieve
- # Directory for :personal include scripts for the include extension. This
- # is also where the ManageSieve service stores the user's scripts.
- sieve_dir = ~/sieve
+ # The name by which the default Sieve script (as configured by the
+ # sieve_default setting) is visible to the user through ManageSieve.
+ #sieve_default_name =
- # Directory for :global include scripts for the include extension.
- #sieve_global_dir =
+ # Location for ":global" include scripts as used by the "include" extension.
+ #sieve_global =
- # Path to a script file or a directory containing script files that need to be
- # executed before the user's script. If the path points to a directory, all
- # the Sieve scripts contained therein (with the proper .sieve extension) are
- # executed. The order of execution is determined by the file names, using a
- # normal 8bit per-character comparison.
- #sieve_before =
+ # Location Sieve of scripts that need to be executed before the user's
+ # personal script. If a 'file' location path points to a directory, all the
+ # Sieve scripts contained therein (with the proper `.sieve' extension) are
+ # executed. The order of execution within that directory is determined by the
+ # file names, using a normal 8bit per-character comparison.
+ #
+ # Multiple script locations can be specified by appending an increasing number
+ # to the setting name. The Sieve scripts found from these locations are added
+ # to the script execution sequence in the specified order. Reading the
+ # numbered sieve_before settings stops at the first missing setting, so no
+ # numbers may be skipped.
+ #sieve_before = /var/lib/dovecot/sieve.d/
+ #sieve_before2 = ldap:/etc/sieve-ldap.conf;name=ldap-domain
+ #sieve_before3 = (etc...)
# Identical to sieve_before, only the specified scripts are executed after the
- # user's script (only when keep is still in effect!).
+ # user's script (only when keep is still in effect!). Multiple script
+ # locations can be specified by appending an increasing number.
#sieve_after =
-
- # Which Sieve language extensions are available to users. By default, all
+ #sieve_after2 =
+ #sieve_after2 = (etc...)
+
+ # Which Sieve language extensions are available to users. By default, all
# supported extensions are available, except for deprecated extensions or
# those that are still under development. Some system administrators may want
# to disable certain Sieve extensions or enable those that are not available
# by default. This setting can use '+' and '-' to specify differences relative
# to the default. For example `sieve_extensions = +imapflags' will enable the
- # deprecated imapflags extension in addition to all extensions thatwere
- # already enabled by default.
+ # deprecated imapflags extension in addition to all extensions were already
+ # enabled by default.
#sieve_extensions = +notify +imapflags
+ # Which Sieve language extensions are ONLY available in global scripts. This
+ # can be used to restrict the use of certain Sieve extensions to administrator
+ # control, for instance when these extensions can cause security concerns.
+ # This setting has higher precedence than the `sieve_extensions' setting
+ # (above), meaning that the extensions enabled with this setting are never
+ # available to the user's personal script no matter what is specified for the
+ # `sieve_extensions' setting. The syntax of this setting is similar to the
+ # `sieve_extensions' setting, with the difference that extensions are
+ # enabled or disabled for exclusive use in global scripts. Currently, no
+ # extensions are marked as such by default.
+ #sieve_global_extensions =
+
# The Pigeonhole Sieve interpreter can have plugins of its own. Using this
# setting, the used plugins can be specified. Check the Dovecot wiki
# (wiki2.dovecot.org) or the pigeonhole website
# (http://pigeonhole.dovecot.org) for available plugins.
+ # The sieve_extprograms plugin is included in this release.
#sieve_plugins =
- # The separator that is expected between the :user and :detail
- # address parts introduced by the subaddress extension. This may
- # also be a sequence of characters (e.g. '--'). The current
- # implementation looks for the separator from the left of the
- # localpart and uses the first one encountered. The :user part is
+ # The separator that is expected between the :user and :detail
+ # address parts introduced by the subaddress extension. This may
+ # also be a sequence of characters (e.g. '--'). The current
+ # implementation looks for the separator from the left of the
+ # localpart and uses the first one encountered. The :user part is
# left of the separator and the :detail part is right. This setting
# is also used by Dovecot's LMTP service.
#recipient_delimiter = +
- # The maximum size of a Sieve script. The compiler will refuse to
- # compile any script larger than this limit.
+ # The maximum size of a Sieve script. The compiler will refuse to compile any
+ # script larger than this limit. If set to 0, no limit on the script size is
+ # enforced.
#sieve_max_script_size = 1M
- # The maximum number of actions that can be performed during a single
- # script execution.
+ # The maximum number of actions that can be performed during a single script
+ # execution. If set to 0, no limit on the total number of actions is enforced.
#sieve_max_actions = 32
- # The maximum number of redirect actions that can be performed during
- # a single script execution.
+ # The maximum number of redirect actions that can be performed during a single
+ # script execution. If set to 0, no redirect actions are allowed.
#sieve_max_redirects = 4
- # The maximum number of personal Sieve scripts a single user can have.
+ # The maximum number of personal Sieve scripts a single user can have. If set
+ # to 0, no limit on the number of scripts is enforced.
# (Currently only relevant for ManageSieve)
#sieve_quota_max_scripts = 0
- # The maximum amount of disk storage a single user's scripts may occupy.
- # (Currently only relevant for ManageSieve)
+ # The maximum amount of disk storage a single user's scripts may occupy. If
+ # set to 0, no limit on the used amount of disk storage is enforced.
+ # (Currently only relevant for ManageSieve)
#sieve_quota_max_storage = 0
}