Setting up dovecot with imap and ssl

From Alpine Linux
Revision as of 09:20, 24 June 2011 by Fab (talk | contribs) (minor layout changes)
Jump to: navigation, search


Dovecot should be configured to let users fetch their mail through SSL. The aim is also to be able to fetch mail with your favorite email-client or mobile devices eg. mobile phones.

Have a look at Hosting_services_on_Alpine#Mail for various alternatives and instructions.

Initial Setup

This document is referring to Setting_up_postfix_with_virtual_domains. You would benefit if you start by reading/following those instructions before you continue with these instructions.



apk add dovecot


The upcoming configuration is going to need some certificates.


We want to keep things clean, so we create a dovecot folder for it's certs/keys

mkdir /etc/ssl/dovecot

Now we start creating the certs

openssl genrsa 512/1024 > server.pem openssl req -new -key server.pem -days 365 -out request.pem # You will get prompted for various information that is added the the file openssl genrsa 2048 > server.key openssl req -new -x509 -nodes -sha1 -days 3650 -key server.key > server.pem


For now I just dump whatever I have.

I will clean up these notes soon.


## These settings varies from the default configuration ##
base_dir = /var/run/dovecot/
protocols = imap imaps
listen = *
disable_plaintext_auth = no
ssl_disable = no
ssl_cert_file = /etc/ssl/dovecot/server.pem
ssl_key_file = /etc/ssl/dovecot/server.key
ssl_parameters_regenerate = 168
verbose_ssl = yes
login_chroot = yes
login_greeting = Dovecot ready.
mail_location = maildir:/var/spool/mail/vhosts/%d/%n
mail_privileged_group = mail
mail_debug = no
verbose_proctitle = no
valid_chroot_dirs = /var/spool/mail
protocols lda {     # This line is not changed - it's here to help you know where to make edits
  postmaster_address =
}     # This line is not changed - it's here to help you know where to make edits
auth_verbose = yes
auth_debug = yes
auth_worker_max_count = 30
auth default {     # This line is not changed - it's here to help you know where to make edits
  mechanism = plain login digest-md5
  passdb passwd-file {
    args = /etc/dovecot/dovecot-passwd
  userdb passwd-file {
    args = /etc/dovecot/dovecot-users
  socket listen {
    path = /var/spool/postfix/private/auth
    user = postfix
    group = postfix
    mode = 0660
}     # This line is not changed - it's here to help you know where to make edits


The uid/gid number below '1000' should match your 'vmail' account (the account that owns '/var/spool/mail/vhosts')


To generate the passwords you can use the dovecotpw command. The output can be used to create a password for your 'dovecot-passwd'

dovecotpw -s MD5-CRYPT

The /etc/dovecot/passwd file should look like this:$1$tz5sbjAD$Wq9.NkSyNo/oElzFgI68.0$1$tz5sbjAD$Wq9.NkSyNo/oElzFgI68.0

Start dovecot

It's time to start. Hopefully it works!

/etc/init.d/dovecot start


In case something goes wrong you should have a look in your syslog. Personally I use to tail the logfile while debugging

tail -f /var/log/dovecot

Adding/Removing users

To add or remove users you need to edit the following files (they are described above):

Nothing else should be needed.