Главная » Linux

What is dovecot in linux

Содержание
  1. Ubuntu Documentation
  2. Introduction
  3. Installation
  4. Configuration
  5. Choice of Protocols
  6. Choice of Mailboxes
  7. Setting up Maildir
  8. Authentication
  9. Accessing from Outside
  10. Email Clients
  11. Thunderbird
  12. Related Articles
  13. See also
  14. Releases
  15. Dovecot
  16. Contents
  17. Installation
  18. Configuration
  19. Assumptions
  20. Create the TLS certificate
  21. Dovecot configuration
  22. Generate DH parameters
  23. PAM Authentication with LDAP
  24. Sieve
  25. Sieve Interpreter Plugin
  26. ManageSieve Server
  27. Full Text Search
  28. Starting the server
  29. Tips and tricks

Ubuntu Documentation

Needs Updating
This article needs updating to include the latest versions of Ubuntu. More info.

Introduction

Dovecot is a Mail Delivery Agent, written with security primarily in mind. It supports the major mailbox formats: mbox or Maildir. It is a simple and easy to install MDA. This guide explains how to set it up as an IMAP or POP3 server.

To configure Dovecot to use LDAP for user authentication see DovecotLDAP

NOTE: Dovecot will NOT work in an encrypted directory/folder. Dovecot would just complain about permissions and wont work. One answer is to create a 2nd user account that has an unencrypted home directory. We have not tested this solution on a separate home partition, but most probably the outcome would be the same.

Installation

The installation is extremely simple, just install the at least one of the following packages:

  • dovecot-imapd
  • dovecot-pop3d

For example, using apt-get:

Configuration

To configure dovecot, you edit the file /etc/dovecot/dovecot.conf. There are a couple of choices which you need to make.

Choice of Protocols

The choice is broadly between two protocols: IMAP and POP3. POP3 is useful when e-mail is checked from only one computer. It is best for people who download their email and then work off-line. IMAP is the better choice when you would like to check your mail from multiple computers (at work and home, for example). IMAP has the added benefit of accessing folders on the server, allowing you to organize your e-mail, and access it from anywhere. For more information, see the wikipedia articles on POP3 and IMAP. IMAPS and POP3S are more secure than the simple IMAP and POP3 because they use SSL encryption to connect.

Once you have chosen, amend the following line in the file /etc/dovecot/dovecot.conf:

This enables those protocols when dovecot is started. Note: if you like, you can enable all the above protocols, or you can choose to enable just one or any number of them. In addition, add the following line in the «protocol pop3» section in the /etc/dovecot/dovecot.conf:

Choice of Mailboxes

Dovecot currently supports maildir and mbox formats. They are the most commonly used mailbox formats. They both have their own benefits, discussed here.

If you have trouble figuring out what you are using, it’s most likely mbox. Maildir mails are almost always stored in

/Maildir/ directory, which contains cur/, new/ and tmp/ subdirectories. In maildir each mail is stored in a separate file, while with the mbox format one file contains all mails in the mailbox. Files in /var/mail/ are nearly always mbox files, one for each user.

Maildir is better overall because it is more scalable and can’t get corrupted so easily. So, if you have trouble figuring out what you should be using and have a choice, choose maildir.

Читайте также:  Нет менеджера драйверов linux mint

To configure Dovecot for your mailbox format use (for maildir):

Note: You will also need to configure your MTA to transfer the incoming mail to this type of mailbox. (If you installed Postfix with instructions from the previous wiki, then choose mbox.)

Setting up Maildir

Do these steps ONLY if you want Maildir. This setup will put the Maildir in each user’s home directory.

If you are using Postfix as your MTA, then add the following line to your /etc/postfix/main.cf file:

Edit /etc/dovecot/dovecot.conf:

If !include conf.d/*.conf is uncommented in /etc/dovecot/dovecot.conf, it is necessary to set mail_location in /etc/dovecot/conf.d/10-mail.conf or comment the line out. 10-mail.conf will override the mail_location in dovecot.conf. If you choose to set the mail_location in 10-mail.conf, you have to change it to:

If you want to see the config Dovecot is currently using (including the mail_location), use

It’s a good idea to pre-create the Maildir for future users:

Then, for an existing user:

Or in newer versions (as of Ubuntu 12.10) you need to use the upstart equivalent:

To check that it is running, type the command

You should see the dovecot service running. If you have enabled imap, or pop3, you can also try to log in with the commands

If you see something like the following, the installation has been successful.

To test IMAPS (port 993), openSSL can be used:

If the server returns an «OK * DOVECOT * READY» message, you can login with:

The server should return a «LOGGED IN» confirmation. To list the different folders and check if they’re accessible, run:

If no error is returned, IMAP SSL is functioning correctly. If a server error is returned, examine «/var/log/mail.err».

Authentication

If you’ve gotten this far, dovecot is working but may still have to be configured so that users can login to check their mail. The simplest login method is sending the user login info in plain text and allowing access only to users that already have UNIX access (ie. in /etc/passwd) to the machine dovecot is running on. Allowing access only to users that already have UNIX access is the dovecot default, nothing has to be done to configure this. Also, plain text logins are enabled by default when using secure protocols. To enable plain text logins when not using a secure protocol, put the following line in /etc/dovecot/dovecot.conf:

If you are using the secure protocols imaps or pop3s, plain text logins is not a problem, because the transfer is done via an encrypted connection. If you are using simply imap or pop3, and will be connecting to the server from outside your local computer or home network, it is a good idea to configure more secure authentication. For further details about how to do this, see this page on the dovecot website.

To configure Dovecot to use SSL, edit the file /etc/dovecot/dovecot.conf and amend the following lines (in some cases you may simply have to remove the # symbol from the beginning of the line):

The cert and key files are created automatically by Dovecot when you install it. (The keys mentioned above are actually the ones created by Postfix, however, but are suitable for use by Dovecot as well). Please note, that these keys are not signed and will give «bad signature» errors when connecting from a client. To avoid this, you can use commercial certificates, or even better, you can use your own SSL certificates. Hopefully, a guide will appear soon on this wiki on how to do this. In the meantime, here are some good ones: this guide on the Linux howto database, and this guide on the Debian Administration website.

Читайте также:  Поддержка виртуальной машины windows

Accessing from Outside

In order to access your mail server from another computer, you’ll have to configure your firewall or router to allow connections to the server on the necessary ports:

  • IMAP — 143
  • IMAPS — 993
  • POP3 — 110
  • POP3S — 995

You’ll also need to uncomment following line in /etc/dovecot/dovecot.conf:

However, this method may cause conflicts with other servers already listening on other ports. The alternative (and probably more desirable) method, then, is to enable the specific listening ports for the protocols that are intended to be used. For example, for IMAP/IMAPS and POP3/POP3S, add to the correct protocol imap and protocol pop3 sections:

Email Clients

Thunderbird

To use with Thunderbird, edit the file /etc/dovecot/dovecot.conf:

In Thunderbird, under ‘Server Settings’ -> Advanced, uncheck «Show only subscribed folders».

Note: The login_greeting_capability option is deprecated in later versions of Dovecot.

POP3Aggregator — this guide explains how to set up an IMAP mail server with Dovecot that will download your mail from an external POP3 server, and allow you to access the mail using any IMAP-compatible email client.

See also

Dovecot Server in the Ubuntu Server Guide.

Releases

This guide has been tested on Ubuntu 10.04 (Lucid). This guide has been tested on Ubuntu 14.04 (Trusty).

Dovecot (последним исправлял пользователь janl 2019-04-03 20:07:17)

The material on this wiki is available under a free license, see Copyright / License for details
You can contribute to this wiki, see Wiki Guide for details

Источник

Dovecot

Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written primarily with security in mind. Dovecot primarily aims to be a lightweight, fast and easy to set up open source mailserver. For more detailed information, please see the official Dovecot Wiki.

This article describes how to set up Dovecot for personal or small office use.

Contents

Installation

Configuration

Assumptions

This article or section needs language, wiki syntax or style improvements. See Help:Style for reference.

  • Each mail account served by Dovecot, has a local user account defined on the server.
  • The server uses PAM to authenticate the user against the local user database ( /etc/passwd ).
  • TLS is used to encrypt the authentication password.
  • The common Maildir format is used to store the mail in the user’s home directory.
  • A MDA has already been set up to deliver mail to the local users.

Create the TLS certificate

To obtain a certificate, see OpenSSL#Usage.

Alternatively you can generate the certificate using a script that comes with the dovecot package:

  1. Copy the example configuration: cp /usr/share/doc/dovecot/dovecot-openssl.cnf /etc/ssl/dovecot-openssl.cnf as the root user.
  2. Edit /etc/ssl/dovecot-openssl.cnf to configure the certificate.
  3. Execute /usr/lib/dovecot/mkcert.sh as the root user to generate the certificate.

The certificate/key pair is created as /etc/ssl/certs/dovecot.pem and /etc/ssl/private/dovecot.pem .

Читайте также:  Windows smartscreen просит пароль

Run cp /etc/ssl/certs/dovecot.pem /etc/ca-certificates/trust-source/anchors/dovecot.crt and then trust extract-compat as the root user whenever you have changed your certificate.

Dovecot configuration

  • Create the dovecot configuration folder /etc/dovecot .
  • Copy the dovecot.conf and conf.d/* configuration files from /usr/share/doc/dovecot/example-config to /etc/dovecot :

pacman by default some containers is configured not to extract the doc directories to packages. Please edit /etc/pacman.conf to prevent this.

The default configuration is ok for most systems, but make sure to read through the configuration files to see what options are available. See the quick configuration guide and dovecot configuration for more instructions.

By default dovecot will try to detect what mail storage system is in use on the system. To use the Maildir format edit /etc/dovecot/conf.d/10-mail.conf to set mail_location = maildir:

Generate DH parameters

To generate a new DH parameters file (this will take very long):

then add the file to /etc/dovecot/conf.d/10-ssl.conf

PAM Authentication with LDAP

  • If you are using an OpenLDAP server for authentication instead, be sure to be able to login with your LDAP users first, as described in LDAP authentication.

You can then write the following in /etc/pam.d/dovecot remembering that the entries order is very important:

In this way both LDAP and system users have their mailbox.

  • Edit /etc/dovecot/conf.d/auth-system.conf by changing the passdb directive, like this:

By using the pam_mkhomedir.so module and by adding the session part in the passdb directive, if an LDAP user logs in for the first time the corresponding home directory will be automatically created.

Sieve

Sieve is a programming language that can be used to create filters for email on mail server.

Sieve Interpreter Plugin

This facilitates the actual Sieve filtering upon delivery.

  • Install pigeonhole .
  • Depending on your usage, add sieve to mail_plugins in
    • /etc/dovecot/conf.d/15-lda.conf
    • and/or /etc/dovecot/conf.d/20-lmtp.conf
  • Optionally, add configuration in plugin section. See Sieve Interpreter Documentation for configuration options and default values.
    Example: run cp /usr/share/doc/dovecot/example-config/conf.d/90-sieve.conf /etc/dovecot/conf.d/90-sieve.conf and verify in /etc/dovecot/conf.d/90-sieve.conf :
Example: SpamAssassin — move spam to «Junk» folder

Note: This tests for «X-Spam_score» (which is the spam header format in default Exim configuration). Your header might look different, ie «X-Spam-Score».

  • Create sieve script: mkdir -p /var/lib/dovecot/sieve/global_sieves
  • To compile sieve, execute in shell and make sure the move_to_spam_folder.sieve and the resulting move_to_spam_folder.svbin files are world readable.

ManageSieve Server

This implements the ManageSieve protocol through which users can remotely manage Sieve scripts on the server.

  • Follow the steps in #Sieve Interpreter Plugin above.
  • Add sieve to protocols in dovecot.conf
  • Add minimal /etc/dovecot/conf.d/20-managesieve.conf
  • Restart dovecot . The managesieve daemon will listen on port 4190 by default.

Full Text Search

By default Dovecot does not index the full message content, which will result in slow response times for IMAP SEARCH queries for bigger mailboxes. There is a number of FTS backends Dovecot can be hooked up to.

Dovecot needs a plugin for the chosen search backend. The solr plugin is included in dovecot but solr itself is not the easiest to set up. There are packages for Xapian ( dovecot-fts-xapian ) and Elasticsearch ( dovecot-fts-elastic ).

Starting the server

Tips and tricks

Generate hashes with non-default hash functions:

Ensure that the column in the database is large enough. A warning will be emitted if it is too small.

Remember to set the password password scheme:

Источник

Оцените статью
© 2024 Советы по настройке компьютера