Fix dovecot auth settings.

roles/mail/templates/dovecot/dovecot-ldap.conf.ext.j2

@@ -17,7 +17,7 @@
 #        by * none
 
 # Space separated list of LDAP hosts to use. host:port is allowed too.
-#hosts = {{ ldap_host }}
+#hosts =
 
 # LDAP URIs to use. You can use this instead of hosts list. Note that this
 # setting isn't supported by all LDAP libraries.
@@ -43,7 +43,7 @@ dnpass = {{ ldap_bindpw }}
 #sasl_authz_id =
 
 # Use TLS to connect to the LDAP server.
-tls = yes
+tls = no
 # TLS options, currently supported only with OpenLDAP:
 tls_ca_cert_file = {{ ldap_ca }}
 #tls_ca_cert_dir =
@@ -108,7 +108,7 @@ scope = subtree
 # There are also other special fields which can be returned, see
 # http://wiki2.dovecot.org/UserDatabase/ExtraFields
 #user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
-user_attr =
+user_attrs =
 
 # Filter for user lookup. Some variables can be used (see
 # http://wiki2.dovecot.org/Variables for full list):

roles/mail/templates/dovecot/local.conf.j2

@@ -34,10 +34,14 @@ userdb {
 
 service auth {
   unix_listener /var/spool/postfix/private/auth {
-    mode = 0666
+    mode = 0660
     user = postfix
     group = postfix
   }
+  unix_listener auth-master {
+    user = vmail
+    mode = 0600
+  }
 }
 
 service imap-login {
@@ -59,6 +63,7 @@ service managesieve-login {
 }
 
 protocol lda {
+  auth_socket_path = /var/run/dovecot/auth-master
   mail_plugins = sieve
   log_path = /var/log/dovecot/deliver.log
   info_log_path = /var/log/dovecot/deliver.log