Difference between revisions of "Dovecot"
(→Reference: quick config link) |
|||
Line 44: | Line 44: | ||
Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda | Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda | ||
– then edit the 01-dovecot-postfix.conf file and change "cmusieve" to "sieve". --[[User:Woozle|Woozle]] 17:41, 23 May 2010 (UTC) | – then edit the 01-dovecot-postfix.conf file and change "cmusieve" to "sieve". --[[User:Woozle|Woozle]] 17:41, 23 May 2010 (UTC) | ||
+ | ===Debugging=== | ||
+ | [https://wiki.dovecot.org/TestInstallation TestInstallation] has some good basic diagnostics. If the connection gives errors not described there, then you need to (a) confirm where the configuration is stored by running this:<source lang=bash>doveconf -n | head -n 1</source> (see [https://doc.dovecot.org/configuration_manual/quick_configuration/ Quick Configuration]). | ||
===Theories=== | ===Theories=== | ||
"<u>auth default { socket listen { master { path =</u> ''filespec''" '''creates''' the socket (or provides the service, or however you want to describe it); a ''different'' part of dovecot tries to access that socket by default unless you override it with "<u>auth external { socket connect { master { path =</u> ''filespec''". '''Where is this documented??''' | "<u>auth default { socket listen { master { path =</u> ''filespec''" '''creates''' the socket (or provides the service, or however you want to describe it); a ''different'' part of dovecot tries to access that socket by default unless you override it with "<u>auth external { socket connect { master { path =</u> ''filespec''". '''Where is this documented??''' | ||
− | + | ==Errors== | |
+ | * [[Failed to initialize SSL server context: Can't load DH parameters]] - received when attempting to connect (I think) | ||
+ | * [[SSL routines:ssl3_get_record:wrong version number]] | ||
==Links== | ==Links== | ||
===Reference=== | ===Reference=== | ||
Line 52: | Line 56: | ||
* [http://www.dovecot.org/ official site] | * [http://www.dovecot.org/ official site] | ||
** [http://wiki.dovecot.org/FrontPage wiki] | ** [http://wiki.dovecot.org/FrontPage wiki] | ||
− | *** [ | + | *** [https://doc.dovecot.org/configuration_manual/quick_configuration/ Quick Configuration] |
Revision as of 21:39, 18 October 2020
About
Dovecot is email server software. Wikipedia describes it as just a POP3 and IMAP server, but Ubuntu packages it as a "stack" which provides both MTA and MDA functionality.
Helper Binaries
Dovecot includes a number of helper command-line binaries; existing documentation for these is hard to find. Typical locations for these commands are:
- /usr/lib/dovecot/
- used by Ubuntu
- /usr/libexec/dovecot/
- /usr/local/libexec/dovecot/
Binaries include:
SASL
SASL stands for Simple Authentication and Security Layer.
- Postfix and Dovecot SASL (Dovecot wiki)
SSL
See Secure Sockets Layer for related information.
None of the documentation seems to mention the fact that many of these settings are in sub-files (see #Notes, below), and your changes to dovecot.conf will be ignored if they are overridden in one of these files -- so edit that file instead.
- In theory, you should be able to create your own subfile and add these settings to it; I have not tested this. --Woozle 14:08, 11 December 2010 (EST)
- In the server I just configured, the SSL settings were in "conf.d/01-dovecot-postfix.conf". Tentatively: ssl_cert_file should be set to the certificate you receive from the certificate signer (e.g. OptimumSSL), and ssl_key_file should be set to the private key you generated earlier (when you also generated the CSR). --Woozle 14:08, 11 December 2010 (EST)
- This year, ssl_cert_file was the certificate as sent via email (2 certificates with some text between them); ssl_key_file was the key file I newly generated for the CSR for this certificate. (Possibly I could have re-used the one from last year, but I couldn't see any advantage to that, and I wasn't sure if it would even work.) Although explanations elsewhere might make you think that ssl_cert_file would need to be the server certificate plus the intermediate file, the intermediate file contained at least 2 or 3 certificates and ssl_cert_file only contained 2, one of which was the server certificate. So either some of those intermediate certificates are unnecessary or else I don't understand how this file works. --Woozle 18:01, 17 February 2011 (EST)
Sample Configurations
Notes
For Ubuntu 10.04 (whatever version of dovecot that corresponds to), some of the settings in dovecot.conf have been pushed out to sub-files. When dovecot is paired with Postfix, the files appear to be:
- auth.d/01-dovecot-postfix.auth
- conf.d/01-dovecot-postfix.conf
There doesn't seem to be any official documentation on how these files are invoked, but the last comment in this forum post implies that these files are read first and then may be overridden by /dovecot.conf (or possibly they are only loaded if the corresponding settings are missing, but this seems like a more fragile approach and so less likely).
Warning: Sometimes these files are totally not being looked at, and you have to paste their contents (...well, the auth.d/ one at least) into dovecot.conf. We really need to know what the mechanism is for loading these files.
If you are experiencing an error where dovecot complains that it can't find cmusieve – like this:
Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/modules/lda
– then edit the 01-dovecot-postfix.conf file and change "cmusieve" to "sieve". --Woozle 17:41, 23 May 2010 (UTC)
Debugging
TestInstallation has some good basic diagnostics. If the connection gives errors not described there, then you need to (a) confirm where the configuration is stored by running this:
doveconf -n | head -n 1
(see Quick Configuration).
Theories
"auth default { socket listen { master { path = filespec" creates the socket (or provides the service, or however you want to describe it); a different part of dovecot tries to access that socket by default unless you override it with "auth external { socket connect { master { path = filespec". Where is this documented??
Errors
- Failed to initialize SSL server context: Can't load DH parameters - received when attempting to connect (I think)
- SSL routines:ssl3_get_record:wrong version number