[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

--- howtos:network_services:postfix_dovecot_mysql:dovecot [2015/02/15 07:35 (UTC)] – created astrogeek
+++ howtos:network_services:postfix_dovecot_mysql:dovecot [2015/04/01 21:22 (UTC)] (current) – Fix Dovecot connection string. denydias
@@ Line 1: / Line 1: @@
-===== Installing and Configuring The Dovecot MDA =====
+====== Installing The Dovecot MDA ======
+This page is supplemental to main article: [[howtos:network_services:postfix_dovecot_mysql|Creating a Virtual Mail Server with Postfix, Dovecot and MySQL]]
+Dovecot is a popular and secure mail delivery agent, or MDA, which can be configured to work alongside the postfix MTA.
+As with postfix, we will build and install our dovecot package using the current build script from [[http://slackbuilds.org|SBo]]. This example uses the version current at time of writing, but you should always build the latest version available for your Slackware version.
+We will assume that you are familiar with SlackBuilds and will provide only the essential steps for building dovecot here. For more detailed information please visit the [[http://slackbuilds.org/howto/|SBo How-To page]].
+Our dovecot build requires no special parameters. The essential steps for building dovecot are (as root):
+<code>
+cd /tmp
+wget http://slackbuilds.org/slackbuilds/14.1/network/dovecot.tar.gz
+tar -xvzf dovecot.tar.gz
+cd dovecot
+cat dovecot.info
+...
+DOWNLOAD="http://www.dovecot.org/releases/2.2/dovecot-2.2.13.tar.gz"
+MD5SUM="a3eb1c0b1822c4f2b0fe9247776baa71"
+...
+# Fetch archive from URL in DOWNLOAD line #
+wget http://www.dovecot.org/releases/2.2/dovecot-2.2.13.tar.gz
+# Verify integrity of archive - compare to MD5SUM line #
+md5sum dovecot-2.2.13.tar.gz
+a3eb1c0b1822c4f2b0fe9247776baa71
+# Build package #
+chmod +x dovecot.SlackBuild
+./dovecot.SlackBuild
+</code>
+The resulting package will be found in /tmp/dovecot-2.2.13-x86_64-1_SBo.tgz (or simillar for 32 bit version).
+Copy the package file to the target platform if necessary and install:
+<code>installpkg {path-to/}dovecot-2.2.13-x86_64-1_SBo.tgz</code>
+====== Configuring The Dovecot MDA ======
+You should become familiar with the [[http://wiki2.dovecot.org/FrontPage|dovecot documentation]] in order to properly configure your installation. You will also find a local copy of the complete documentation installed with the package in /usr/doc/dovecot-2.2.13/wiki/ (adjust for you version number if necessary).
+<note important>You //must// become familiar with the tools available to you in order to safely admin and maintain your mail server! Take the time necessary to //read the man pages// - man dovecot, man doveconf, man doveadm, //before// you start your mail server!</note>
 The dovecot package will create a mostly empty configuration directory at /etc/dovecot.
@@ Line 7: / Line 50: @@
 /usr/doc/dovecot-2.2.13/example-config/</code>
-So we will create the necessary structure and copy the necessary example config files to the working location.
+So we will create the necessary directory structure and copy only the necessary example config files to the working location as our point of reference.
 <code>
@@ Line 22: / Line 65: @@
 We will work from top to bottom of the copied file list to perform configuration.
-Open the file, /etc/dovecot.dovecot.conf and make the following changes:
+Open the file, /etc/dovecot/dovecot.conf and make the following changes:
 <code>
 vi /etc/dovecot/dovecot.conf
-... uncomment the following line ...
+# Uncomment the following line to set supported protocols #
 protocols = imap pop3 lmtp
-... set postmaster_address to your admin address
+# Set postmaster_address to your admin address #
 postmaster_address = me@my-domain.com
-... Add following line commented, uncomment to see SSL errors ...
+# Add following line commented, uncomment to troubleshoot SSL errors #
 #verbose_ssl = yes
+</code>
+Next, configure the database access parameters and password query for dovecot:
+<code>
+vi /etc/dovecot/dovecot-sql.conf.ext
+# Uncomment and set the following lines as shown #
+driver = mysql
+connect = "host=localhost dbname=mailserver user=mailuser password={your mailuser password}"
+default_pass_scheme = SHA512-CRYPT
+password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';
+</code>
+Next, we configure the authentication methods to be used by dovecot. We will restrict it to use only secure authentication by the settings here and in the included auth-sql.conf.ext file, excluding other methods.
+<code>
+vi /etc/dovecot/conf.d/10-auth.conf
+# Uncomment this line - no plain text authentication! #
+disable_plaintext_auth = yes
+# Plain is inside SSL, add "login" for MUA user/pass authentication #
+auth_mechanisms = plain login
+# Comment out this line, no file based auth #
+#!include auth-system.conf.ext
+# Uncomment this line to allow SQL based auth #
+!include auth-sql.conf.ext
+</code>
+Set the filesystem path for virtual mail. The virtual user's mail boxes will be at /var/vmail/vhosts/DOMAIN/USER. Dovecot will perform the substitutions for %d and %n at runtime.
+<code>
+vi /etc/dovecot/conf.d/10-mail.conf
+# Uncomment and set the mail_location path #
+mail_location = maildir:/var/vmail/vhosts/%d/%n
+</code>
+Set the configuration for the dovecot master process:
+<code>
+vi /etc/dovecot/conf.d/10-master.conf
+# Find the "service imap-login" section and set port to 0 to disable insecure imap login #
+service imap-login {
+     inet_listener imap {
+           port = 0
+        }
+        ...
+}
+# Find the "service pop3-login" section and set port to 0 to disable insecure pop3 login #
+service pop3-login {
+  inet_listener pop3 {
+       port = 0
+        }
+        ...
+}
+# Find the "service lmtp" section and make the following changes #
+service lmtp {
+unix_listener /var/spool/postfix/private/dovecot-lmtp {
+     mode = 0600
+     user = postfix
+     group = postfix
+    }
+    ...
+}
+# Find the "service auth" section, set postfix handler for SASL, db auth user/perms #
+service auth {
+    unix_listener /var/spool/postfix/private/auth {
+    mode = 0666
+    user = postfix
+    group = postfix
+  }
+  unix_listener auth-userdb {
+    mode = 0600
+    user = vmail
+  }
+  user = dovecot
+}
+# Find the "service auth-worker" section, run auth processes as unpriv user #
+service auth-worker {
+  user = vmail
+}
+</code>
+Next we set up the SSL configuration so it is mandatory and uses the certificates created earlier:
+<code>
+vi /etc/dovecot/conf.d/10-ssl.conf
+# Uncomment as necessary and make the following changes #
+ssl = required
+ssl_cert = </etc/ssl/localcerts/dove.pem
+ssl_key = </etc/ssl/private/dove.key
+</code>
+Finally, configure authentication and user data paths for dovecot access:
+<code>
+vi /etc/dovecot/conf.d/auth-sql.conf.ext
+# Find the "passdb" section and configure as follows #
+passdb {
+    driver = sql
+    args = /etc/dovecot/dovecot-sql.conf.ext
+}
+# Find the "userdb" section and configure as follows #
+userdb {
+      driver = static
+      args = uid=vmail gid=vmail home=/var/vmail/vhosts/%d/%n
+}
+</code>
+Now we want to further secure the installation by making all dovecot configutation files owned by the non--privledged vmail user, and accessible by the dovecot group, with no access by others.
+<code>
+chown -R vmail:dovecot /etc/dovecot
+chmod -R o-rwx /etc/dovecot
 </code>
 [[howtos:network_services:postfix_dovecot_mysql|Return to main article page]]
-{{tag>howtos template}}
+====== Sources ======
+  * Based primarily on [[http://wiki2.dovecot.org/|Dovecot documentation]]
+  * Originally written by [[wiki:user:astrogeek | astrogeek]]
+{{tag>howtos dovecot postfix mysql}}

Trace:

Differences

Search

Navigation

Print/export

Tools

SlackDocs

Slackware Links