[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

This is an old revision of the document!


Installing and Configuring The Dovecot MDA

This article is under construction and not complete! Please return later…

The dovecot package will create a mostly empty configuration directory at /etc/dovecot.

cat /etc/dovecot/README
Configuration files go to this directory. See example configuration files in
/usr/doc/dovecot-2.2.13/example-config/

So we will create the necessary structure and copy the necessary example config files to the working location.

mkdir /etc/dovecot/conf.d
cp /usr/doc/dovecot-2.2.13/example-config/dovecot.conf /etc/dovecot/.
cp /usr/doc/dovecot-2.2.13/example-config/dovecot-sql.conf.ext /etc/dovecot/.
cp /usr/doc/dovecot-2.2.13/example-config/conf.d/10-auth.conf /etc/dovecot/conf.d/.
cp /usr/doc/dovecot-2.2.13/example-config/conf.d/10-mail.conf /etc/dovecot/conf.d/.
cp /usr/doc/dovecot-2.2.13/example-config/conf.d/10-master.conf /etc/dovecot/conf.d/.
cp /usr/doc/dovecot-2.2.13/example-config/conf.d/10-ssl.conf /etc/dovecot/conf.d/.
cp /usr/doc/dovecot-2.2.13/example-config/conf.d/auth-sql.conf.ext /etc/dovecot/conf.d/.

We will work from top to bottom of the copied file list to perform configuration.

Open the file, /etc/dovecot.dovecot.conf and make the following changes:

vi /etc/dovecot/dovecot.conf
... uncomment the following line ...
protocols = imap pop3 lmtp
... set postmaster_address to your admin address
postmaster_address = me@my-domain.com
... Add following line commented, uncomment to see SSL errors ...
#verbose_ssl = yes

Next, configure the database access and password query parameters for dovecot:

vi /etc/dovecot/dovecot-sql.conf.ext
... uncomment and set the following lines as shown ...
driver = mysql
connect = host=localhost dbname=mailserver user=mailuser pass
default_pass_scheme = SHA512-CRYPT
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';

Next, configure dovecot authentication methods:

vi /etc/dovecot/conf.d/10-auth.conf
... uncomment this line, we only allow secure authentication ...
disable_plaintext_auth = yes
... add "login" to auth_mechanisms
auth_mechanisms = plain login
... comment out this line, we are not using file based auth ...
#!include auth-system.conf.ext
... uncomment this line to allow SQL based auth ...
!include auth-sql.conf.ext

Next, set the filesystem paths and permission for virtual mail. The virtual user's mail boxes will be at /var/vmail/vhosts/DOMAIN/USER. Dovecot will perform the substitutions for %d and %n at runtime.

vi /etc/dovecot/conf.d/1--mail.conf
... uncomment and set the mail_location path ...
mail_location =maildir:/var/vmail/vhosts/%d/%n
... uncomment and set the mail_priviledged_group ...
mail_privileged_group = mail

Now we set the configuration for the dovecot master process:

vi /etc/dovecot/conf.d/10-master.conf
... find the "service imap-login" section and set port to 0, this forces secure imap login ...
service imap-login {
     inet_listener imap {
          #port = 143
           port = 0
        }
        ...
}
... find the "service pop3-login" section and set port to 0, this forces secure pop3 login...
service pop3-login {
  inet_listener pop3 {
      #port = 110
       port = 0
        }
        ...
}
... find the "service lmtp" section and make the following changes ...
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
     mode = 0600
     user = postfix
     group = postfix
    }
    ...
}
... find the "service auth" section and make the following changes ...
service auth {
    unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix
    group = postfix
  }
  unix_listener auth-userdb {
    mode = 0600
    user = vmail
  }
  user = dovecot
}
... find the "service auth-worker" section and make the following changes ...
service auth-worker {
  user = vmail
}

Next we set up the SSL configuration to use the certificates created earlier:

vi /etc/dovecot/conf.d/10-ssl.conf
... uncomment as necessary and make the following changes ...
ssl = required
ssl_cert = </etc/ssl/localcerts/dove.pem
ssl_key = </etc/ssl/private/dove.key

Finally, configure authentication and user data paths for dovecot access:

vi /etc/dovecot/conf.d/auth-sql.conf.ext
... find the "passdb" section and configure as follows ...
passdb {
    driver = sql
    args = /etc/dovecot/dovecot-sql.conf.ext
}
... find the "userdb" section and configure as follows ...
userdb {
      driver = static
      args = uid=vmail gid=vmail home=/var/vmail/vhosts/%d/%n
}

Now we want to further secure the installation by making all dovecot configutation files owned by vmail and accessible by the dovecot group, and restricting all others access.

chown -R vmail:dovecot /etc/dovecot
chmod -R o-rwx /etc/dovecot

Return to main article page

 howtos:network_services:postfix_dovecot_mysql:dovecot ()