Dovecot

dovecot(1) is an IMAP and POP3 mail user agent. It also supports LMTP.

Installation

Most Linux and BSD distributions offer a dovecot package.

For systemd-capable systems, start and enable dovecot.service.

For BSD distributions, try:

service dovecot start

Configuration

dovecot(1) is primarily configured in /etc/dovecot/dovecot.conf (or /usr/local/etc/dovecot/dovecot.conf for BSDs).

A basic configuration looks like:

protocols = imap pop3
pop3_uidl_format = %g
ssl = no
disable_plaintext_auth = no

log_path = /var/log/dovecot.log
mail_location = maildir:~/Maildir

auth_verbose = yes
auth_mechanisms = plain
passdb {
  driver = pam
}
userdb {
  driver = passwd
  args = blocking=no
  override_fields = uid=vmail gid=vmail
}

For almost any configuration, it is necessary to have a vmail system user.

sudo groupadd -g 5000 vmail
sudo useradd -u 5000 -g vmail -s /usr/bin/nologin -d /var/vmail -m vmail

sudo touch /var/log/dovecot.log
sudo chown vmail:vmail /var/log/dovecot.log

To test a configuration file, try dovecot -n.

Default Folder

By default, dovecot(1) expects several folders to exist. This can propogate confusing error messages. dovecot(1) can be configured to automatically create them as needed.

namespace inbox {
  mailbox Drafts {
    special_use = \Drafts
    auto = create
  }
  mailbox Junk {
    special_use = \Junk
    auto = create
  }
  mailbox Trash {
    special_use = \Trash
    auto = create
  }
  mailbox Sent {
    special_use = \Sent
    auto = create
  }
}

Encryption

ssl = yes
disable_plaintext_auth = yes
ssl_key = </usr/local/etc/letsencrypt/live/mail.example.com/privkey.pem
ssl_cert = </usr/local/etc/letsencrypt/live/mail.example.com/fullchain.pem

Local Users

The basic configuration for using local user authentication is:

passdb {
  driver = pam
}

This causes /etc/pam.d/dovecot to be used. This should look like:

auth      required        pam_unix.so nullok
account   required        pam_unix.so

If a different service file should be read, specify that service name like:

passdb {
  driver = pam
  args = foobar
}

If a protocol-dependent service file should be read, i.e. /etc/pam.d/imap for IMAP and /etc/pam.d/pop for POP, try:

passdb {
  driver = pam
  args = %s
}

Virtual Users

To handle mail for virtual users who do not correspond to local users, try:

mail_home = /var/vmail/%n
mail_location = maildir:~/mail

passdb {
  driver = passwd-file
  args = /etc/dovecot/passwd
}
userdb {
  driver = static
  args = uid=vmail gid=vmail home=/home/vmail/%n
}

%n is substituted with the user part of the recipient address. %d would be substituted with the domain part, if there is one. %u would be substitued with the entire address.

The passwd-file file should look like:

alice:{PLAIN}pass::::::
bob:{PLAIN}secret::::::
[email protected]:{PLAIN}hello123::::::
[email protected]:{SSHA256}ZpgszeowIcHdoxe3BNqvUTtPxFd6fMsyQxEWyY0Qlobaacjk

The {SSHA256}-encrypted password would be created by interactively running doveadm pw -s ssha256.

LMTP

To also use dovecot(1) as an LMTP server, try:

protocols = imap pop3 lmtp

service lmtp {
   inet_listener lmtp {
      address = 127.0.0.1
      port = 24
   }
  }
}

See also

dovecot(1)

Dovecot manual

CategoryRicottone