Setting up dovecot with imap and tls

From Alpine Linux
Revision as of 16:15, 18 May 2009 by Mhavela (talk | contribs) (A dovecot document that only cares about dovecot (with ssl))
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Dovecot on 1.9

General

Dovecot should be configured to let users fetch their mail through ssl
The aim is also to be able to fetch mail with your favorite email-client or mobile devices eg. mobile phones.

Initial Setup

This document is referring to Setting_up_postfix_with_virtual_domains.
You would benefit if you start by reading/following those instructions before you continue with these instructions.

Dovecot

Install

apk_add dovecot

Prepare

The upcoming configuration is going to need some certificates.

Certificates

We want to keep things clean, so we create a dovecot folder for it's certs/keys

mkdir /etc/ssl/dovecot

Now we start creating the certs

openssl genrsa 512/1024 > server.pem
openssl req -new -key server.pem -days 365 -out request.pem  # You will get prompted for various information that is added the the file
openssl genrsa 2048 > server.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key server.key > server.pem

Configuration

For now I just dump whatever I have. I will clean up these notes soon.

/etc/dovecot/dovecot.conf

## These settings varies from the default configuration ##
base_dir = /var/run/dovecot/
protocols = imap imaps
listen = *
disable_plaintext_auth = no
ssl_disable = no
ssl_cert_file = /etc/ssl/dovecot/server.pem
ssl_key_file = /etc/ssl/dovecot/server.key
ssl_parameters_regenerate = 168
verbose_ssl = yes
login_chroot = yes
login_greeting = Dovecot ready.
mail_location = maildir:/var/spool/mail/vhosts/%d/%n
mail_privileged_group = mail
mail_debug = no
verbose_proctitle = no
valid_chroot_dirs = /var/mail
protocols lda {     # This line is not changed - it's here to help you know where to make edits
  postmaster_address = postmaster@example.net
}     # This line is not changed - it's here to help you know where to make edits
auth_verbose = yes
auth_debug = yes
auth_worker_max_count = 30
auth default {     # This line is not changed - it's here to help you know where to make edits
  mechanism = plain login digest-md5
  passdb passwd-file {
    args = /etc/dovecot/dovecot-passwd
  }
  userdb passwd-file {
    args = /etc/dovecot/dovecot-users
  }
  socket listen {
    path = /var/spool/postfix/private/auth
    user = postfix
    group = postfix
    mode = 0660
  }
}     # This line is not changed - it's here to help you know where to make edits

/etc/dovecot/dovecot-users

The uid/gid number below '1004' should match your 'vmail' account (the account that owns '/var/mail/vhosts')

user1@example.net::1004:1004::/var/spool/vhosts/example.net/:/bin/false::
user2@example.net::1004:1004::/var/spool/vhosts/example.net/:/bin/false::

/etc/dovecot/dovecot-passwd

To generate the passwords you can use the dovecotpw command.
The output can be used to create a password for your 'dovecot-passwd'

dovecotpw -s MD5-CRYPT 

The /etc/dovecot/passwd file should look like this:

user1@example.net:$1$tz5sbjAD$Wq9.NkSyNo/oElzFgI68.0
user2@example.net:$1$tz5sbjAD$Wq9.NkSyNo/oElzFgI68.0

Start dovecot

It's time to start. Hopefully it works!

/etc/init.d/dovecot start

Debugging

In case something goes wrong you should have a look in your syslog.
Personally I use to tail the logfile while debugging

tail -f /var/log/dovecot

Adding/Removing users

TODO/FIXME