Dovecot

from HTYP, the free directory anyone can edit if they can prove to me that they're not a spambot
Jump to navigation Jump to search

About

Dovecot is email server software. Wikipedia describes it as just a POP3 and IMAP server, but Ubuntu packages it as a "stack" which provides both MTA and MDA functionality.

Helper Binaries

Dovecot includes a number of helper command-line binaries; existing documentation for these is hard to find. Typical locations for these commands are:

  • /usr/lib/dovecot/
  • /usr/libexec/dovecot/
  • /usr/local/libexec/dovecot/

Binaries include:

SASL

SASL stands for Simple Authentication and Security Layer.

SSL

See Secure Sockets Layer for related information.

None of the documentation seems to mention the fact that many of these settings are in sub-files (see #Notes, below), and your changes to dovecot.conf will be ignored if they are overridden in one of these files -- so edit that file instead.

  • In theory, you should be able to create your own subfile and add these settings to it; I have not tested this. --Woozle 14:08, 11 December 2010 (EST)
  • In the server I just configured, the SSL settings were in "conf.d/01-dovecot-postfix.conf". Tentatively: ssl_cert_file should be set to the certificate you receive from the certificate signer (e.g. OptimumSSL), and ssl_key_file should be set to the private key you generated earlier (when you also generated the CSR). --Woozle 14:08, 11 December 2010 (EST)
  • This year, ssl_cert_file was the certificate as sent via email (2 certificates with some text between them); ssl_key_file was the key file I newly generated for the CSR for this certificate. (Possibly I could have re-used the one from last year, but I couldn't see any advantage to that, and I wasn't sure if it would even work.) Although explanations elsewhere might make you think that ssl_cert_file would need to be the server certificate plus the intermediate file, the intermediate file contained at least 2 or 3 certificates and ssl_cert_file only contained 2, one of which was the server certificate. So either some of those intermediate certificates are unnecessary or else I don't understand how this file works. --Woozle 18:01, 17 February 2011 (EST)

Sample Configurations

Notes

For Ubuntu 10.04 (whatever version of dovecot that corresponds to), some of the settings in dovecot.conf have been pushed out to sub-files. When dovecot is paired with Postfix, the files appear to be:

  • auth.d/01-dovecot-postfix.auth
  • conf.d/01-dovecot-postfix.conf

There doesn't seem to be any official documentation on how these files are invoked, but the last comment in this forum post implies that these files are read first and then may be overridden by /dovecot.conf (or possibly they are only loaded if the corresponding settings are missing, but this seems like a more fragile approach and so less likely).

Warning: Sometimes these files are totally not being looked at, and you have to paste their contents (...well, the auth.d/ one at least) into dovecot.conf. We really need to know what the mechanism is for loading these files.

If you are experiencing an error where dovecot complains that it can't find cmusieve – like this:

Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda

– then edit the 01-dovecot-postfix.conf file and change "cmusieve" to "sieve". --Woozle 17:41, 23 May 2010 (UTC)

Debugging

See also:openssl

TestInstallation has some good basic diagnostics. If the connection gives errors not described there, then you need to (a) confirm where the configuration is stored by running this:

doveconf -n | head -n 1

(see Quick Configuration).

Theories

"auth default { socket listen { master { path = filespec" creates the socket (or provides the service, or however you want to describe it); a different part of dovecot tries to access that socket by default unless you override it with "auth external { socket connect { master { path = filespec". Where is this documented??

Errors

Links

Reference