wiki

Help! I'm trapped in a wiki!

User Tools

Site Tools

You are here: indecs » programs » dovecot

Sidebar

programs:dovecot

Table of Contents

dovecot

MDA
Access server emails with IMAP

Installation

dovecot-imapd for IMAP on debian

Configuration

Working configuration that authenticates local (unix) users and accessed via IMAPS with mTLS (client certificate auth)

/etc/dovecot/dovecot.conf 

# Dovecot config
dovecot_config_version = 2.4.0
dovecot_storage_version = 2.4.0
 
# Only serve IMAP not POP3 or other
protocols = imap
 
# SSL options
ssl = required
ssl_server_cert_file = /etc/letsencrypt/live/ctq.ro/fullchain.pem
ssl_server_key_file = /etc/letsencrypt/live/ctq.ro/privkey.pem
ssl_min_protocol = TLSv1.2
ssl_cipher_list = EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED
ssl_server_prefer_ciphers = server
ssl_server_dh_file = /usr/share/dovecot/dh.pem
 
# Authentication
auth_mechanisms = plain login
auth_username_format = %{user | username }
 
# Client certs required for authentication
#protocol !smtp {
  #auth_ssl_require_client_cert = yes
  #auth_ssl_username_from_cert = yes
#}
 
# Client certificate verification for mTLS
ssl_server_ca_file = /etc/ssl/orion-ca/ca.crt
ssl_server_request_client_cert = yes
 
 
# Search for valid users in /etc/passwd
userdb users {
  driver = passwd
}
 
#Fallback: Use plain old PAM to find user passwords
passdb pam {
  driver = pam
}
 
# Allow postfix use of dovecot auth mechanism
service auth {
        unix_listener /var/spool/postfix/private/auth {
                mode = 0660
                user = postfix
                group = postfix
        }
}
 
 
# Mail storage location
# Each user has a mail folder in their /home
mail_driver = maildir
mail_path = ~/Mail
mail_inbox_path = ~/Mail/Inbox
 
# Inboxes
namespace inbox {
  inbox = yes
 
  mailbox Drafts {
    special_use = \Drafts
    auto = subscribe
  }
 
  mailbox Junk {
    special_use = \Junk
    auto = subscribe
    autoexpunge = 60d
  }
 
  mailbox Sent {
    special_use = \Sent
    auto = subscribe
  }
 
  mailbox Trash {
    special_use = \Trash
  }
 
  mailbox Archive {
    special_use = \Archive
  }
}

Add users

Users in the mail group will be able to receive mail.
Add an existing user to the mail group with usermod -a -G mail alice
Add a new user with useradd -m -G mail billy and set their password with passwd billy.

For a mail-only user account, disable logging in with usermod -s /usr/bin/false mailonlyuser

programs/dovecot.txt · Last modified: by 127.0.0.1

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki