wiki:howto/SetupDovecot

<- Back to the HOWTO section

How to setup Dovecot

  • Audience: Advanced E-Mail set-up
  • Requires: MacPorts >= 1.6, mail/dovecot, shells/zsh-devel

Introduction

This How-to is part of the Fetchmail -> Postfix -> Dovecot advanced e-Mail set-up.

Dovecot is a simple IMAP server which uses the standard Maildir file format for storage.

Using an IMAP server will make your mail storage independent from you e-mail client. You cans set up multiple e-mail clients on multiple computers and access all you mail from each client. Unlike POP this is also true for mail sorted into folders.

Installation

Z-Shell

Install Z-Shell if you are planning to use the attached command files:

sudo port install zsh-devel

Dovecot

Install dovecot:

port install dovecot

Configuration

Note: Do not use any of the attached files without checking / changing them with your favourite text editor.

Step 1: create user

Dovecot will drop root privileges when they are not needed any more so you need to create an user and group for dovecot to run with. You can use the Make_Dovecot_User.command to do so.

Step 2: create directories

Dovecot need two directories to work with - one to store the run status, one where the mail is stored. See howto/SetupPostfix on how to set up postfix to make incoming mail available to dovecot. You can use the Make_Dovecot_Directories.command to create the directories.

Step 3: create certificates

Dovecot supports encrypted connections and while in a local network it might not be necessary you will still need to create certificate files. You can use Make_Dovecot_Certificates.command together with dovecot-openssl.cnf to create the certificates. Remember to change dovecot-openssl.cnf - there should be no "my_" left in the file and both files need to be in the same directory.

Step 4: set-up configuration

Next you need to set up dovecot.conf. You find the file in /opt/local/etc. As a starting point you can use dovecot.conf together with passwd.dovecot and userdb.dovecot. You will need to add all your mail user to the passwd.dovecot and userdb.dovecot.

The separate user and password files are needed since OSX does not use /etc/passwd and /etc/shadow.

Step 5: starting the server

Dovecot is started using launchd and a needed control file (/Library/LaunchDaemons/org.macports.dovecot.plist) is provides by MacPorts. The attached Restart_Dovecot.command command will stop and restart Dovecot which forces a re-read of the configuration files - quite helpful while debugging the system.

Step 6: testing the server

The first initial test should be done in the Terminal:

$ telnet my_computer.local imap
Trying fe80::21c:b3ff:feff:824d...
telnet: connect to address fe80::21c:b3ff:feff:824d: Connection refused
Trying 192.168.0.101...
Connected to my_computer.local.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
1 LOGIN my_name my_password
1 OK Logged in.
2 LOGOUT
* BYE Logging out
2 OK Logout completed.
Connection closed by foreign host.

Once this works the server can be added to a real IMAP client to further test. Suitable Mac OSX EMail programms with IMAP support include Mail, Opera and KMail. The later can be installed with

port install kdepim3

Optional Parts

Instead of using separate user and password files one can try set-up LDAP as user / password supply.

System User Authentication Using PAM and passwd

OS X supports PAM directly, and this can easily be configured to authenticate system users for dovecot. In dovecot.conf, use this to turn on PAM based password authentication for all users configured on the system:

passdb pam {
   args = login
}

Unfortunately, PAM can't provide any UID, GID, or home directory information for the system users. dovecot needs a separate "userdb" database to get this information, in order to allow IMAP loging successfully. OS X uses DirectoryServices to store password information, so you can't use "passdb passwd" to do user authentication. However, you can use "userdb passwd" to retrieve the UID, GID, and home directory after PAM has already authenticated your username/password. To do this:

userdb passwd {
   args =
}

Together, these prevent the need for hardcoded passwd.dovecot and userdb.dovecot files, and don't require any knowledge of LDAP. However, they only support system usernames, and not virtual mailboxes. I have tested this with IMAP and the dovecot LDA (deliver) successfully.

<- Back to the HOWTO section

Last modified 5 years ago Last modified on Jun 15, 2012, 8:03:34 AM

Attachments (8)

Download all attachments as: .zip