# cache all authentication results for one hour
auth_cache_size = 10M
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour

# only use plain username/password auth - OK since everything is over TLS
auth_mechanisms = plain

# passdb specifies how users are authenticated - LDAP in my case
passdb {
  driver = ldap
  args = /usr/local/etc/dovecot/ldap.conf.ext
}

# userdb specifies the location of users' "home" directories - where their
# mail is stored. e.g. /var/mail/vhosts/exmaple.com/user
# %d = domain, %n = user
userdb {
  driver = static
  args = uid=vmail gid=vmail home=/data/vhosts/%d/%n
}