Difference between revisions of "Dovecot Help"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
(hybrid of unix system accounts and virtual users)
 
Line 111: Line 111:
 
Example A:  In this example we will configure postfix and dovecot for a system with a mix of unix and virtual user accounts.  The example can be seen in [[Dovecot and Postfix Hybrid Authentication Example]].
 
Example A:  In this example we will configure postfix and dovecot for a system with a mix of unix and virtual user accounts.  The example can be seen in [[Dovecot and Postfix Hybrid Authentication Example]].
  
=== Determine installed version
+
== Determine installed version ==
  
 
From the command line:
 
From the command line:

Latest revision as of 18:32, 4 June 2015

Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems. The Postfix mailer and Dovecot are used together for a complete Internet email system.

This guide is Dovecot version 2 centric. For Dovecot version 1 it may be of less help.

Understanding Dovecot 2.0.x Configuration Files

The primary dovecot configuration file has always been dovecot.conf with many users adding a local.conf to be included where they put their custom configurations. More recently dovecot now includes a directory of pre-configured configuration files, each having addressed a specific need. Once understood, this makes the process of configuring dovecot much easier for admins because it is no longer necessary to look up all of the syntax and parameters since they are already in their specific associated file.

First look in the dovecot.conf file and observe the following line:

!include conf.d/*.conf

This line tells dovecot to read though ALL of the files ending in .conf that are located in the new conf.d directory. You will note that the conf.d directory contains files ending in both .conf and .ext - and within the .conf files are many remarked out parameters (those preceded with #) and a few that are not remarked out. Any feature or configuration you wish to enable can be accomplished by removing the # character from infront of the parameter.

Understand that when you start dovecot, it first reads

  • dovecot.conf

Which passes a configuration telling dovecot to read though

  • conf.d/*.conf

And some of the configuration lines in those files call additional parameters in

  • conf.d/*.ext

While these convenient, pre-written configuration files address most any need of dovecot by an admin, some admin may still choose to manually add configuration parameters. It is advised not to add them directly to dovecot.conf, but rather add this"

!include_try /etc/dovecot/local.conf

Which tells dovecot to also read local.conf for additional configuration parameters, but if local.conf doesn't exist, just ignore it's absence and proceed as normal.

conf.d configuration files

Dovecot version 2.0.x includes configuration files that are read through by dovecot on start. Dovecot will ignore all lines beginning with the # character (remarks). By default, very few of these configuration parameters are active, most are remarked out until you decide you need the feature and remove the # character.

The configuration files

  • auth.conf
  • director.conf
  • logging.conf
  • mail.conf
  • master.conf
  • ssl.conf
  • lda.conf
  • imap.conf
  • lmtp.conf
  • pop3.conf
  • acl.conf
  • plugin.conf
  • quota.conf

Additional extensions

  • auth-checkpassword.conf.ext
  • auth-deny.conf.ext
  • auth-ldap.conf.ext
  • auth-master.conf.ext
  • auth-passwdfile.conf.ext
  • auth-sql.conf.ext
  • auth-static.conf.ext
  • auth-system.conf.ext
  • auth-vpopmail.conf.ext

These are all located in the dovecot/conf.d directory. Minor changes in naming may occur between versions and distributions, however, they work the same way and serve the same purpose.

Note: One big advantage to the new config directory is that you no longer have to go digging though documentation to find the parameter to accomplish what you want. Most of the time you can find it in one of the conf files, and you need only remove the remark characters and, if necessary, make slight modifications to the syntax for your customization.

using the configuration file system

In this example, we want to tell dovecot we are using the Maildir system rather than mbox. This parameter already exists in one of the configuration files in the conf.d directory. Rather than manually typing it in to the local.conf, you can just unremark it from the correct existing .conf file. The files are logically labeled so it seems logical to guess where the parameter is. However, if you don't like guessing, just do a quick search though the conf files to find the remarked parameter we want...

cd ./conf.d/
grep Maildir *

And we find it in mail.conf

vi mail.conf

And we remove the remark in the line

mail_location = maildir:~/Maildir

You can check to make sure the parameter will be read by dovecot by performing this test at the command line:

dovecot -n

Which spits out only what dovecot reads (less all remarks)

sample dovecot command line

command to debug user and mailbox or shared mailbox issues

doveadm acl debug
doveadm acl debug -u user@domain Public/mailbox

authenticate users against unix system accounts

Accomplish this using pam authentication rather than parsing the /etc/passwd file directly. PAM (Pluggable Authentication Modules) authenticates users against the unix passwd using the pam_unix.so module, which authenticates users from the system's shadow password file.

The PAM configuration is usually in the /etc/pam.d/ directory, but some systems may use a single file, /etc/pam.conf. By default Dovecot uses dovecot as the PAM service name, so the configuration is read from /etc/pam.d/dovecot.

The default installation on Redhat/Fedora/CentOS will use pam by default without you having to make changes. However, to view the configuration involved, do

vi 10-auth.conf

which you will see has an include to read from 'auth-system.conf.ext' which you can view

vi auth-system.conf.ext

Look for

passdb {
  driver = pam
}

Make sure that is not remarked out. In older versions you will find these lines directly in the dovecot.conf file. No matter where they are, as long as they are part of the dovecot configuration it will use pam authentication.

authenticate users against virtual (non-unix system) accounts

There are multiple authentication mechanisms available to use with dovecot. These databases can be used as ALTERNATIVES to the System users (passwd) as both password databases and user databases:

  • Passwd-file: /etc/passwd-like file in specified location
  • LDAP: Lightweight Directory Access Protocol
  • SQL: SQL database (PostgreSQL, MySQL, SQLite)
  • Dict: Dict key-value database (Redis, memcached, etc.)
  • VPopMail: External software used to handle virtual domains

The scope of configuration for each of this is too broad to cover in this page. Follow the links to the pages for each individual means if available.

hybrid of unix system accounts and virtual users

Dovecot supports defining multiple authentication databases, so that if the password doesn't match in the first database, it checks the next one. This can be useful if you want to easily support having both local system users in /etc/passwd and virtual users.

Example A: In this example we will configure postfix and dovecot for a system with a mix of unix and virtual user accounts. The example can be seen in Dovecot and Postfix Hybrid Authentication Example.

Determine installed version

From the command line:

dovecot --version

resources

Dovecot Mail List: http://www.dovecot.org/mailinglists.html