Nethence Documentation Lab Webmail Your IP BBDock  


Those documents are obsolete, please use the Nethence Documentation instead.

HomeUnixWindowsOracleObsoleteHardwareDIYMechanicsScriptsConfigsPrivate

Configuring Dovecot v1 against Maildir folders on FreeBSD 8
 
Install the provided package,
echo $PACKAGESITE
pkg_add -r dovecot
 
Enable the daemon,
cd /etc/
cp /usr/local/etc/rc.d/dovecot rc.d/
echo dovecot_enable=YES >> rc.conf
 
Configure the daemon,
cd /etc/
ln -s ../usr/local/etc/dovecot.conf
cd /usr/local/etc/
mv dovecot.conf dovecot.conf.dist
sed '/^[[:space:]]*#/d; /^[[:space:]]*$/d' dovecot.conf.dist | tee dovecot.conf > dovecot.conf.dist.clean
vi dovecot.conf
edit to your taste, restrict it to imap service, e.g.,
protocols = imap
disable_plaintext_auth = yes
mail_location = maildir:~/Maildir/
mail_privileged_group = mail
dotlock_use_excl = yes
verbose_proctitle = yes
first_valid_uid = 1000
first_valid_gid = 6
maildir_copy_with_hardlinks = yes
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
}
auth_username_format = %Lu
auth default {
mechanisms = plain login
passdb pam {
args = session=yes dovecot
}
userdb passwd {
args = blocking=yes
}
user = root
}

ssl = yes
verbose_ssl = yes
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
 
Generate a self-signed certificate using the provided script by Dovecot.
mkdir -p /etc/ssl/certs/ /etc/ssl/private/
cd /etc/ssl/
cp /usr/local/share/examples/dovecot/mkcert.sh .
cp /usr/local/share/examples/dovecot/dovecot-openssl.cnf .
cp dovecot-openssl.cnf dovecot-openssl.cnf.dist
vi dovecot-openssl.cnf
#mv certs/dovecot.pem certs/dovecot.pem.old
#mv private/dovecot.pem private/dovecot.pem.old
mv mkcert.sh mkcert.sh.dist
sed 's/365/3650/g' mkcert.sh.dist > mkcert.sh
chmod +x mkcert.sh
diff -u mkcert.sh.dist mkcert.sh
./mkcert.sh
(copy/paste the fingerprint into FINGER file for exemple)
ls -l certs/ private/
Ref. SSL certificate creation
 
Now edit the Dovecot configuration file again,
vi /etc/dovecot.conf
change,
disable_plaintext_auth = yes
and add,
ssl = yes
verbose_ssl = yes
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
 
Ready to go
Check the version,
/usr/local/sbin/dovecot --version
 
Finally start the daemon,
  ps aux | grep dove
cd /etc/
grep dove passwd
grep dove group
note. should return,
dovecot:*:143:143:Dovecot User:/var/empty:/usr/sbin/nologin
dovecot:*:143:
then continue,
rc.d/dovecot start
  ps aux | grep dove
 
Check that everything is fine through an IMAP session,
telnet mx.example.net 143
e.g.,
a login MAILUSER PASSWORD 
a select inbox
a list "" *
a fetch 1 full
a fetch 1 body[text]
 
Checkthat STARTTLS is working,
openssl s_client -connect imap.example.com:143 -starttls imap
a logout
If you wanted to check for SSL you would,
#openssl s_client -connect imap.example.com:993
#a logout
 
References
protocole imap: log d'une session telnet
 

Last update: Jul 14, 2015