[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
howtos:network_services:postfix_dovecot_mysql:dovecot [2015/02/15 08:37 (UTC)] astrogeekhowtos:network_services:postfix_dovecot_mysql:dovecot [2015/04/01 21:22 (UTC)] (current) – Fix Dovecot connection string. denydias
Line 1: Line 1:
-===== Installing and Configuring The Dovecot MDA =====+====== Installing The Dovecot MDA ======
  
-<note important>This article is under construction and not complete! Please return later...</note>+This page is supplemental to main article: [[howtos:network_services:postfix_dovecot_mysql|Creating a Virtual Mail Server with Postfix, Dovecot and MySQL]] 
 + 
 +Dovecot is a popular and secure mail delivery agent, or MDA, which can be configured to work alongside the postfix MTA. 
 + 
 +As with postfix, we will build and install our dovecot package using the current build script from [[http://slackbuilds.org|SBo]]. This example uses the version current at time of writing, but you should always build the latest version available for your Slackware version. 
 + 
 +We will assume that you are familiar with SlackBuilds and will provide only the essential steps for building dovecot here. For more detailed information please visit the [[http://slackbuilds.org/howto/|SBo How-To page]]. 
 + 
 +Our dovecot build requires no special parameters. The essential steps for building dovecot are (as root): 
 +<code> 
 +cd /tmp 
 +wget http://slackbuilds.org/slackbuilds/14.1/network/dovecot.tar.gz 
 +tar -xvzf dovecot.tar.gz 
 +cd dovecot 
 +cat dovecot.info 
 +... 
 +DOWNLOAD="http://www.dovecot.org/releases/2.2/dovecot-2.2.13.tar.gz" 
 +MD5SUM="a3eb1c0b1822c4f2b0fe9247776baa71" 
 +... 
 + 
 +# Fetch archive from URL in DOWNLOAD line # 
 +wget http://www.dovecot.org/releases/2.2/dovecot-2.2.13.tar.gz 
 + 
 +# Verify integrity of archive - compare to MD5SUM line # 
 +md5sum dovecot-2.2.13.tar.gz 
 +a3eb1c0b1822c4f2b0fe9247776baa71 
 + 
 +# Build package # 
 +chmod +x dovecot.SlackBuild 
 +./dovecot.SlackBuild 
 +</code> 
 + 
 +The resulting package will be found in /tmp/dovecot-2.2.13-x86_64-1_SBo.tgz (or simillar for 32 bit version). 
 + 
 +Copy the package file to the target platform if necessary and install: 
 +<code>installpkg {path-to/}dovecot-2.2.13-x86_64-1_SBo.tgz</code> 
 + 
 +====== Configuring The Dovecot MDA ====== 
 + 
 +You should become familiar with the [[http://wiki2.dovecot.org/FrontPage|dovecot documentation]] in order to properly configure your installation. You will also find a local copy of the complete documentation installed with the package in /usr/doc/dovecot-2.2.13/wiki/ (adjust for you version number if necessary). 
 + 
 +<note important>You //must// become familiar with the tools available to you in order to safely admin and maintain your mail server! Take the time necessary to //read the man pages// - man dovecot, man doveconf, man doveadm, //before// you start your mail server!</note>
  
 The dovecot package will create a mostly empty configuration directory at /etc/dovecot. The dovecot package will create a mostly empty configuration directory at /etc/dovecot.
Line 9: Line 50:
 /usr/doc/dovecot-2.2.13/example-config/</code> /usr/doc/dovecot-2.2.13/example-config/</code>
  
-So we will create the necessary structure and copy the necessary example config files to the working location.+So we will create the necessary directory structure and copy only the necessary example config files to the working location as our point of reference.
  
 <code> <code>
Line 24: Line 65:
 We will work from top to bottom of the copied file list to perform configuration. We will work from top to bottom of the copied file list to perform configuration.
  
-Open the file, /etc/dovecot.dovecot.conf and make the following changes:+Open the file, /etc/dovecot/dovecot.conf and make the following changes:
 <code> <code>
 vi /etc/dovecot/dovecot.conf vi /etc/dovecot/dovecot.conf
-... uncomment the following line ...+# Uncomment the following line to set supported protocols #
 protocols = imap pop3 lmtp protocols = imap pop3 lmtp
-... set postmaster_address to your admin address+ 
 +# Set postmaster_address to your admin address #
 postmaster_address = me@my-domain.com postmaster_address = me@my-domain.com
-... Add following line commented, uncomment to see SSL errors ...+ 
 +Add following line commented, uncomment to troubleshoot SSL errors #
 #verbose_ssl = yes #verbose_ssl = yes
 </code> </code>
  
-Next, configure the database access and password query parameters for dovecot:+Next, configure the database access parameters and password query for dovecot:
  
 <code> <code>
 vi /etc/dovecot/dovecot-sql.conf.ext vi /etc/dovecot/dovecot-sql.conf.ext
-... uncomment and set the following lines as shown ...+# Uncomment and set the following lines as shown #
 driver = mysql driver = mysql
-connect = host=localhost dbname=mailserver user=mailuser pass+connect = "host=localhost dbname=mailserver user=mailuser password={your mailuser password}"
 default_pass_scheme = SHA512-CRYPT default_pass_scheme = SHA512-CRYPT
 password_query = SELECT email as user, password FROM virtual_users WHERE email='%u'; password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';
 </code> </code>
  
-Next, configure dovecot authentication methods:+Next, we configure the authentication methods to be used by dovecot. We will restrict it to use only secure authentication by the settings here and in the included auth-sql.conf.ext file, excluding other methods.
  
 <code> <code>
 vi /etc/dovecot/conf.d/10-auth.conf vi /etc/dovecot/conf.d/10-auth.conf
-... uncomment this line, we only allow secure authentication ...+# Uncomment this line - no plain text authentication! #
 disable_plaintext_auth = yes disable_plaintext_auth = yes
-... add "login" to auth_mechanisms+ 
 +# Plain is inside SSL, add "login" for MUA user/pass authentication #
 auth_mechanisms = plain login auth_mechanisms = plain login
-... comment out this line, we are not using file based auth ...+ 
 +# Comment out this line, no file based auth #
 #!include auth-system.conf.ext #!include auth-system.conf.ext
-... uncomment this line to allow SQL based auth ...+ 
 +# Uncomment this line to allow SQL based auth #
 !include auth-sql.conf.ext !include auth-sql.conf.ext
 </code> </code>
  
-Next, set the filesystem paths and permission for virtual mail. The virtual user's mail boxes will be at /var/vmail/vhosts/DOMAIN/USER. Dovecot will perform the substitutions for %d and %n at runtime.+Set the filesystem path for virtual mail. The virtual user's mail boxes will be at /var/vmail/vhosts/DOMAIN/USER. Dovecot will perform the substitutions for %d and %n at runtime.
  
 <code> <code>
-vi /etc/dovecot/conf.d/1--mail.conf +vi /etc/dovecot/conf.d/10-mail.conf 
-... uncomment and set the mail_location path ... + 
-mail_location =maildir:/var/vmail/vhosts/%d/%n +# Uncomment and set the mail_location path # 
-... uncomment and set the mail_priviledged_group ... +mail_location = maildir:/var/vmail/vhosts/%d/%n
-mail_privileged_group = mail+
 </code> </code>
  
-Now we set the configuration for the dovecot master process:+Set the configuration for the dovecot master process:
 <code> <code>
 vi /etc/dovecot/conf.d/10-master.conf vi /etc/dovecot/conf.d/10-master.conf
-... find the "service imap-login" section and set port to 0, this forces secure imap login ...+ 
 +# Find the "service imap-login" section and set port to 0 to disable insecure imap login #
 service imap-login { service imap-login {
      inet_listener imap {      inet_listener imap {
-          #port = 143 
            port = 0            port = 0
         }         }
         ...         ...
 } }
-... find the "service pop3-login" section and set port to 0, this forces secure pop3 login...+ 
 +# Find the "service pop3-login" section and set port to 0 to disable insecure pop3 login #
 service pop3-login { service pop3-login {
   inet_listener pop3 {   inet_listener pop3 {
-      #port = 110 
        port = 0        port = 0
         }         }
         ...         ...
 } }
-... find the "service lmtp" section and make the following changes ...+ 
 +# Find the "service lmtp" section and make the following changes #
 service lmtp { service lmtp {
 unix_listener /var/spool/postfix/private/dovecot-lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp {
Line 98: Line 144:
     ...     ...
 } }
-... find the "service auth" section and make the following changes ...+ 
 +# Find the "service auth" section, set postfix handler for SASL, db auth user/perms #
 service auth { service auth {
     unix_listener /var/spool/postfix/private/auth {     unix_listener /var/spool/postfix/private/auth {
Line 111: Line 158:
   user = dovecot   user = dovecot
 } }
-... find the "service auth-worker" section and make the following changes ...+ 
 +# Find the "service auth-worker" section, run auth processes as unpriv user #
 service auth-worker { service auth-worker {
   user = vmail   user = vmail
Line 117: Line 165:
 </code> </code>
  
-Next we set up the SSL configuration to use the certificates created earlier:+Next we set up the SSL configuration so it is mandatory and uses the certificates created earlier:
  
 <code> <code>
 vi /etc/dovecot/conf.d/10-ssl.conf vi /etc/dovecot/conf.d/10-ssl.conf
-... uncomment as necessary and make the following changes ...+ 
 +# Uncomment as necessary and make the following changes #
 ssl = required ssl = required
 ssl_cert = </etc/ssl/localcerts/dove.pem ssl_cert = </etc/ssl/localcerts/dove.pem
Line 131: Line 180:
 <code> <code>
 vi /etc/dovecot/conf.d/auth-sql.conf.ext vi /etc/dovecot/conf.d/auth-sql.conf.ext
-... find the "passdb" section and configure as follows ...+ 
 +# Find the "passdb" section and configure as follows #
 passdb { passdb {
     driver = sql     driver = sql
     args = /etc/dovecot/dovecot-sql.conf.ext     args = /etc/dovecot/dovecot-sql.conf.ext
 } }
-... find the "userdb" section and configure as follows ...+ 
 +# Find the "userdb" section and configure as follows #
 userdb { userdb {
       driver = static       driver = static
Line 143: Line 194:
 </code> </code>
  
-Now we want to further secure the installation by making all dovecot configutation files owned by vmail and accessible by the dovecot group, and restricting all others access.+Now we want to further secure the installation by making all dovecot configutation files owned by the non--privledged vmail user, and accessible by the dovecot group, with no access by others.
  
 <code> <code>
Line 149: Line 200:
 chmod -R o-rwx /etc/dovecot chmod -R o-rwx /etc/dovecot
 </code> </code>
 +
 [[howtos:network_services:postfix_dovecot_mysql|Return to main article page]] [[howtos:network_services:postfix_dovecot_mysql|Return to main article page]]
 +====== Sources ======
 +  * Based primarily on [[http://wiki2.dovecot.org/|Dovecot documentation]]
 +  * Originally written by [[wiki:user:astrogeek | astrogeek]]
 {{tag>howtos dovecot postfix mysql}} {{tag>howtos dovecot postfix mysql}}
 howtos:network_services:postfix_dovecot_mysql:dovecot ()