# mpopd/Mail::POP3Server configuration
{
  #### The first 3 config items are only relevant when running mpopd
  #### as a standalone daemon.
  #
  # Port to listen on, 110 being the default and standard pop3 port.
  # Only relevant in daemon mode of course.
  'port' => '110',
  # Maximum number of concurrent server processes to allow. Each child
  # server exits after the client sends a 'QUIT', a bogus request or
  # the wait for a command exceeds timeout below.
  'max_servers' => 10,
  # Full path to where mpopd should write its pid file.
  'mpopd_pid_file' => '/var/run/mpopd.pid',

  # The PAM service to use for PAM-based authentication. This is converted
  # to lowercase, so make sure the service name/filename is also lowercase
  'mpopd_pam_service' => 'mpopx',
  # Use crypt_MD5 without PAM. This may not be necessary with Slackware 7.x
  # as the crypt library in later packages supports both the older 8-char-safe
  # passwords as well as the newer > 8 chars, $1$<seed>$...... md5 type.
  # If in doubt install the Crypt::PasswdMD5 module and set md5_no_pam => 1
  'md5_no_pam' => 0,
  # Use PAM (most post 1999 Linux distros?). This only has effect for
  # auth_type == 1, 2 or 3
  'use_pam' => 0,

  # Full path to a file containing IP's and networks we trust. Any address
  # in this file that matches a connecting client will override the allow_non_fqdn
  # setting. However, it does not override the hosts_allow_deny entries.
  'trusted_networks' => '/usr/local/mpopd/mpopd_trusted',

  # The name of the password file for virtual and/or hostname-linked access.
  # This only has any effect if auth_type == 2,3,4,5 or 6
  # Format: username:password:uid
  #              e.g. markjt:$1$d56geIhf$agr7nng92bgf32:100
  # For virtual users the uid should correspond to the system 'mail' user
  # or a special 'mpopd' system user in /etc/passwd
  'userlist' => '.userlist',

  # user existence check. Treat individual users differently here if you like.
  # replaces username_plugin, auth_type and user_auth
  # return true if user is valid
  user_check => sub {
    my ($config, $user_name, $fqdn) = @_;
    my $class = 'Mail::POP3::Security::User';
    my $class_file = $class;
    $class_file =~ s#::#/#g;
    $class_file .= '.pm';
    require $class_file;
    if ($user_name eq 'markjt') {
      $class->check_user_system($config, $user_name, $fqdn);
    } else {
      $class->check_user_system($config, $user_name, $fqdn);
    }
  },
  # password check. Treat individual users differently here if you like.
  # replaces password_plugin, auth_type and user_auth
  # comments illustrate other possibilities
  # return true if user/password is valid
  password_check => sub {
    my ($config, $user_name, $fqdn, $supplied_password) = @_;
    my $class = 'Mail::POP3::Security::User';
    my $class_file = $class;
    $class_file =~ s#::#/#g;
    $class_file .= '.pm';
    require $class_file;
    if ($user_name eq 'markjt') {
      $class->check_password_system(
        $config,
        $user_name,
        $fqdn,
        $supplied_password,
      );
    } else {
      $class->check_password_system(
        $config,
        $user_name,
        $fqdn,
        $supplied_password,
      );
    }
  },

  # If parsing messages to disk the directory below will be used to
  # hold the temporary message files. Both this directory and a directory
  # for each user, when they first access their mail, will be created
  # automatically.  This must be correctly defined for
  # ::mbox::parse_to_disk to work.
  mpopd_spool => '/var/spool/mpopd_spool',

  # Top level dir for hostname-linked email drops. This must be created
  # by hand. The hostname-linked email drops are the least tested of all!
  # Please view this whole side of mpopd as EXPERIMENTAL!
  # if you wish to use this, adjust mailbox_args below
  'host_mail_path' => '/var/spool/popmail',

  # replaces use_maildir, parse_to_disk
  # other values, 'Mail::POP3::Folder::mbox', 'Mail::POP3::Folder::maildir'
  mailbox_class => 'Mail::POP3::Folder::mbox::parse_to_disk',
  # mailbox->new args
  # could for example check the given $user_name for /\@/, and do vdomain
  # stuff if it finds it
  # M::P3::Server supplies $user_name, $password,
  # this supplies rest, such as $user_id
  mailbox_args => sub {
    my ($config, $user_name, $fqdn) = @_;
    my $class = 'Mail::POP3::Security::User';
    my $class_file = $class;
    $class_file =~ s#::#/#g;
    $class_file .= '.pm';
    require $class_file;
    my $userid = $class->get_userid_system($user_name);
    # for ::mbox::parse_to_disk
    (
      $userid,
      $config->{mailgroup},
      "$config->{mail_spool_dir}/$user_name",
      $config->{message_start},
      $config->{message_end},
      "$config->{mpopd_spool}/$user_name", # unneeded for ::mbox
      $config->{user_debug}->{$user_name}, # unneeded for ::mbox
    );
# example for maildir
#    my $maildir = Mail::POP3::Folder::maildir->find_maildir($user_name);
#    ($userid, $maildir);
  },

  # If email is to be collected via POP3 for another server with
  # and a "Received" header should be added here, set to a true value
  # for each local "USER".
  'addreceived' => {
    'stalbans' => 1
  },
  # For that 'Received: from ...' message header. It should be the fully
  # qualified domain name of your email server.
  'receivedfrom' => 'fredo.co.uk',
  # Your local timezone for the Received: header
  'timezone' => 'GMT',

  # If this is defined then shadow passwords will be used
  # Full "/path/filename" of shadow password file.
#  'shadow' => '/etc/shadow',

  # The initial POP3 greeting message sent to the client. Maximum of 50 chars.
  'greeting' => 'mpopd V3.0',

  ##### The next 5 config items only apply if you are ####
  ##### using a Berkeley mbox type of email mailbox.   ####
  #
  # The string to look for that defines the start of a new message.
  # Berkeley mbox usually uses a 'From ' in the first line, before
  # all other headers, so that is what mpop looks for if message_start
  # is not defined.
  'message_start' => '^From ',
  # The string/pattern to look for as the message separator. mpop looks
  # for a blank line if this is not defined (/^\\s+\$/). Remember to use
  # \ escaping if you want to match @, $, \s etc.
  'message_end' => '^\\s*$',
  # The numerical group ID for the user 'mail'.
  'mailgroup' => 12,
  # Optional auto-retry if mail box is locked. The value is the number of
  # retries that will be made. Each retry sleeps for 1 second. In the retry
  # period no response is sent to the client. Not required for most systems.
  'retry_on_lock' => 0,
  # Path to mail boxes. Defaults to /var/spool/mail for Berkeley 'mbox' format.
  'mail_spool_dir' => '/var/spool/mail',

  'mpopd_conf_version' => '3.0',

  # Global timeout for receiving valid commands, in seconds. If no
  # new command is received during this interval then a graceful shutdown
  # occurs. Any emails flagged for deletion will be returned to the mailbox
  # instead.
  'timeout' => 10,

  # Main debugging flag for the above debug log. If debug is set to 1 then
  # DENY, ALLOW and WARN, are logged here, plus a few other significant occurances,
  # together with the connection time and client-IP address.
  'debug' => 1,
  # The directory where all user-logs are stored
  'user_log_dir' => '/var/log/mpopd_log',
  # Central log file
  'debug_log' => '/var/log/mpopd.log',
  # Do not print the passwd in the debug logs unless passsecret => 0
  # It goes without saying that this is only intended for debugging purposes :)
  'passsecret' => 1,
  # If this is defined then individual user logs are kept inside
  # the log_dir directory. Two values can be used:
  # 1 for Date/time and bytes sent only, plus sign-off.
  # 2 for debug logging of all commands.
  'user_log' => {
    'markjt' => 1
  },

  # You can reject connections at the 'USER' stage if the following
  # option is set to 1 (although to do so goes against an RFC).
  # If set to 0 a fake password request/authentication will be done.
  # The connection attempt will be logged in either case if debug == 1
  'reject_bogus_user' => 0,

  # An optional list of IP addresses, subnets or host names to be
  # allowed, rejected, or logged with a WARN flag. You are strongly
  # advised to use this on public mail servers since mpopd does not
  # have the protection of tcpwrappers. The format is simple:
  # DENY | ALLOW | WARN host, IP, subnet or name
  # Each line can be one action, DENY, ALLOW or WARN, followed by
  # an IP, subnet, hostname or 'ALL'. If the special rule 'DENY ALL'
  # appears anywhere then a client will be refused unless they match
  # at least one 'ALLOW' line.
  # Blank lines or lines starting with '#' are skipped.
  'hosts_allow_deny' => '/usr/local/mpopd/mpopd_allow_deny',

  # You can choose to accept clients that don't pass the reverse lookup
  # by setting allow_non_fqdn => 1, but please check if you really need
  # to do this. Remember that unlike mpop when run from inetd mpopd cannot
  # be protected by tcpwrappers. (If this is for an Intranet-only then it
  # is probably safe to set allow_non_fqdn => 1 here.)
  'allow_non_fqdn' => 0,

  # When using disk-based parsing/spooling, or maildir, the spool files
  # will be left in place for a particular user if user_debug->{$user} is
  # set to 1. Can be useful for debugging.
  'user_debug' => {
    #markjt => 1,
  },

  # must be compatible with Mail::POP3::Security::Connection
  'connection_class' => 'Mail::POP3::Security::Connection',

  # must have ">" on front!
  fork_alert => ">/usr/local/mpopd/fork_alert",
}