Richard
Note: These instructions are identical for Leopard and Snow Leopard.
Note: These instructions are only valid for Dovecot 1.x., if you have installed Dovecot 2.x please look here.
As it is with Postfix, to configure Dovecot we need to edit several files as well. Luckily Dovecot comes with sample files we can use as a basis for our own configuration.
For new installations we will use the pre-configured files, but we first need to copy them. Open a Terminal session and go into the directory ‘/etc/dovecot‘ and then enter the following commands:
sudo cp dovecot-sql-example.conf dovecot-sql.conf
For security reasons Dovecot has it’s own user account which it use to run itself. If you are still on Leopard you need to create that user in the same manner as we did for the virtual maildirectories if you are using Snow Leopard the user is already there and you can skip this:
sudo dscl . -create /Users/_dovecot UserShell /usr/bin/false
sudo dscl . -create /Users/_dovecot UniqueID 104
sudo dscl . -create /Users/_dovecot PrimaryGroupID 104
sudo dscl . -create /Users/_dovecot NFSHomeDirectory /var/empty
sudo dscl . -passwd /Users/_dovecot ''
Dovecot comes with a script to build self-signed SSL certificates using OpenSSL. The SSL certificate’s configuration is taken from the file ‘dovecot-openssl.cnf‘ file in the doc directory of the sourcecode. You need to edit that file and change the following settings:
[ req_dn ]
# country (2 letter code) (your country)
C=NL
# State or Province Name (full name, not required)
#ST=
# Locality Name (eg. city)
L=Rotterdam
# Organization (eg. company)
O=DIYMacServer
# Organizational Unit Name (eg. section)
OU=IMAP server
# Common Name (*.example.com is also possible)
CN=*.richard5.tld
As with Postfix the important field is the CN (Common Name) field, which should contain your server’s host name. The clients will verify that the CN matches the connected host name, otherwise they’ll say the certificate is invalid. It’s also possible to use wildcards (eg. *.domain.com) in the host name. They should work with most clients.
If you are done than you need to edit the script that creates the SSL certificates called ‘mkcert.sh‘. This is needed as there are some setting we like differently.
Make the following changes to the script:
CERTDIR=$SSLDIR
KEYDIR=$SSLDIR
CERTFILE=$CERTDIR/dovecot.pem
KEYFILE=$KEYDIR/dovecot.pem
When you are finished you can execute the script:
sudo ./mkcert.sh
If everything went correctly you should see a file ‘dovecot.pem‘ in the /etc/dovecot directory.
Next we will edit the ‘dovecot.conf‘ file which is the central configuration file for all protocols, delivery and authentication parameters. I’m not showing the complete file as it would be too big but only the affected portions:
disable_plaintext_auth =yes
ssl = yes
ssl_cert_file = /etc/dovecot/dovecot.pem
ssl_key_file = /etc/dovecot/dovecot.pem
login_user = _dovecot
mail_location =maildir:/usr/local/virtual/%d/%u
mail_uid = 102
mail_gid = 102
## Mail processes
##
first_valid_uid = 102
last_valid_uid = 105
protocol imap {
}
protocol pop3 {
}
protocol lda {
postmaster_address = postmaster@yourdomain.tld
# UNIX socket path to master authentication server to find users.
auth_socket_path = /var/run/dovecot-auth-master
}
auth_executable = /usr/local/libexec/dovecot/dovecot-auth
# More verbose logging.
auth_verbose =no
# Even more verbose logging for debugging purposes.
auth_debug = no
auth default {
mechanisms = login plain
# SQL database
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
# SQL database
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
user = nobody
socket listen {
master {
path = /var/run/dovecot-auth-master
mode = 0660
user = _vmail
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = _postfix
group = _postfix
}
}
}
Next up we need to edit the file ‘dovecot-sql.conf’ which describes how we will connect to the MySQL database with all the user information in it.
connect = host=localhost dbname=postfix user=postfix password=postfixpassword
user_query = SELECT '/usr/local/virtual/%d/%n' as home, \
'maildir:/usr/local/virtual/%d/%n' as mail, 102 AS uid, \
102 AS gid, concat("dirsize:storage=", quota) AS quota \
FROM mailbox WHERE username = "%u" AND active = "1"
password_query = SELECT username as user, password, \
'/usr/local/virtual/%d/%n' as userdb_home, \
'maildir:/usr/local/virtual/%d/%n' as userdb_mail, \
102 as userdb_uid, 102 as userdb_gid FROM mailbox \
WHERE username = '%u' AND active = '1'
Comments
4:57 am
Working on a dovecot 2.0.0 setup, it looks like the example pre-configured files are located in /usr/local/share/doc/dovecot/example-config versus /etc/dovecot
$ cd /usr/local/share/doc/dovecot/example-config
$ ls -1
conf.d
dovecot-db.conf.ext
dovecot-dict-sql.conf.ext
dovecot-ldap.conf.ext
dovecot-sql.conf.ext
dovecot.conf
$ sudo cp dovecot.conf /etc/dovecot/
$ sudo cp dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf
8:16 am
Kyle, we know. We are working on the differences between 1.x and 2.x. We hope to release more information soon….