# Authentication for system users. Included from 10-auth.conf. # # # # PAM authentication. Preferred nowadays by most systems. # PAM is typically used with either userdb passwd or userdb static. # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM # authentication to actually work. passdb { driver = pam # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=] # [cache_key=] [] #args = dovecot } # System users (NSS, /etc/passwd, or similiar). # In many systems nowadays this uses Name Service Switch, which is # configured in /etc/nsswitch.conf. #passdb { #driver = passwd # [blocking=no] #args = #} # Shadow passwords for system users (NSS, /etc/shadow or similiar). # Deprecated by PAM nowadays. # #passdb { #driver = shadow # [blocking=no] #args = #} # PAM-like authentication for OpenBSD. # #passdb { #driver = bsdauth # [blocking=no] [cache_key=] #args = #} ## ## User databases ## # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this # uses Name Service Switch, which is configured in /etc/nsswitch.conf. userdb { # driver = passwd # [blocking=no] #args = # Override fields from passwd #override_fields = home=/home/virtual/%u } # Static settings generated from template #userdb { #driver = static # Can return anything a userdb could normally return. For example: # # args = uid=500 gid=500 home=/var/mail/%u # # LDA and LMTP needs to look up users only from the userdb. This of course # doesn't work with static userdb because there is no list of users. # Normally static userdb handles this by doing a passdb lookup. This works # with most passdbs, with PAM being the most notable exception. If you do # the user verification another way, you can add allow_all_users=yes to # the args in which case the passdb lookup is skipped. # #args = #}