Dovecot

dovecot(1) is an IMAP and POP3 mail user agent. It alos supports LMTP with several authentication schemes.

Contents

  1. Dovecot
    1. Installation
    2. Configuration
      1. Default Folder
      2. Encryption
      3. Local Users
      4. Virtual Users
    3. See also

Installation

Most Linux and BSD distributions offer a dovecot package.

For systemd-capable systems, start and enable dovecot.service.

For BSD distributions, try: 

service dovecot start

Configuration

dovecot(1) is primarily configured in /etc/dovecot/dovecot.conf (or /usr/local/etc/dovecot/dovecot.conf for BSDs).

A basic configuration looks like: 

protocols = imap pop3 lmtp
pop3_uidl_format = %g
ssl = no
disable_plaintext_auth = no

log_path = /var/log/dovecot.log
mail_location = maildir:~/Maildir

auth_verbose = yes
auth_mechanisms = plain
passdb {
  driver = pam
}
userdb {
  driver = passwd
  args = blocking=no
  override_fields = uid=vmail gid=vmail
}

For almost any configuration, it is necessary to have a vmail system user. 

sudo groupadd -g 5000 vmail
sudo useradd -u 5000 -g vmail -s /usr/bin/nologin -d /var/vmail -m vmail

sudo touch /var/log/dovecot.log
sudo chown vmail:vmail /var/log/dovecot.log

To test a configuration file, try dovecot -n.

Default Folder

By default, dovecot(1) expects several folders to exist. This can propogate confusing error messages. dovecot(1) can be configured to automatically create them as needed. 

namespace inbox {
  mailbox Drafts {
    special_use = \Drafts
    auto = create
  }
  mailbox Junk {
    special_use = \Junk
    auto = create
  }
  mailbox Trash {
    special_use = \Trash
    auto = create
  }
  mailbox Sent {
    special_use = \Sent
    auto = create
  }
}

Encryption

ssl = yes
disable_plaintext_auth = yes
ssl_key = </usr/local/etc/letsencrypt/live/mail.example.com/privkey.pem
ssl_cert = </usr/local/etc/letsencrypt/live/mail.example.com/fullchain.pem

Local Users

The basic configuration for using local user authentication is: 

passdb {
  driver = pam
}

This causes /etc/pam.d/dovecot to be used. This should look like: 

auth      required        pam_unix.so nullok
account   required        pam_unix.so

If a different service file should be read, specify that service name like: 

passdb {
  driver = pam
  args = foobar
}

If a protocol-dependent service file should be read, i.e. /etc/pam.d/imap for IMAP and /etc/pam.d/pop for POP, try: 

passdb {
  driver = pam
  args = %s
}

Virtual Users

To handle mail for virtual users who do not correspond to local users, try: 

mail_home = /var/vmail/%n
mail_location = maildir:~/mail

passdb {
  driver = passwd-file
  args = /etc/dovecot/passwd
}
userdb {
  driver = static
  args = uid=vmail gid=vmail home=/home/vmail/%n
}

%n is substituted with the user part of the recipient address. %d would be substituted with the domain part, if there is one. %u would be substitued with the entire address.

See also

dovecot(1)

Dovecot manual

CategoryRicottone