From 778d07bc34d03e4ad77e7438898a54f3dbb2e31a Mon Sep 17 00:00:00 2001
From: Sam Varshavchik
Date: Thu, 21 Jun 2018 23:12:17 -0400
Subject: Add option to drop root when starting couriertls.

---
 imap/pop3d-ssl.dist.in.git | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'imap/pop3d-ssl.dist.in.git')

diff --git a/imap/pop3d-ssl.dist.in.git b/imap/pop3d-ssl.dist.in.git
index 43a68e5..ec16ce8 100644
--- a/imap/pop3d-ssl.dist.in.git
+++ b/imap/pop3d-ssl.dist.in.git
@@ -194,10 +194,8 @@ TLS_STARTTLS_PROTOCOL="$TLS_PROTOCOL"
 
 ##NAME: TLS_CERTFILE:0
 #
-# TLS_CERTFILE - certificate to use.  TLS_CERTFILE is required for SSL/TLS
-# servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
-# treated as confidential, and must not be world-readable. Set TLS_CERTFILE
-# instead of TLS_DHCERTFILE if this is a garden-variety certificate
+# TLS_CERTFILE - certificate to use. TLS_CERTFILE must be owned
+# by the "@mailuser@" user, and must not be world-readable.
 #
 # VIRTUAL HOSTS ON THE SAME IP ADDRESS.
 #
@@ -279,7 +277,7 @@ TLS_VERIFYPEER=NONE
 # field. The certificate's emailaddress subject must match exactly the login
 # ID in the courier-authlib database.
 
-##NAME: TLS_CACHE:0
+##NAME: TLS_CACHE:1
 #
 # A TLS/SSL session cache may slightly improve response for long-running
 # POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE
@@ -289,7 +287,7 @@ TLS_VERIFYPEER=NONE
 # problems with SSL clients.  Disable SSL caching by commenting out the
 # following settings:
 
-TLS_CACHEFILE=@localstatedir@/couriersslcache
+TLS_CACHEFILE=@localstatedir@/couriersslimapcache
 TLS_CACHESIZE=524288
 
 ##NAME: MAILDIRPATH:0
-- 
cgit v1.2.3