Dovecot is a very fast, very reliable, and easily configured POP3/IMAP server application. You can read more about it by visiting their website at http://www.dovecot.org/.
Install Dovecot Pigeonhole:
# portmaster -dG mail/dovecot-pigeonhole
Edit /etc/rc.conf so Dovecot starts at boot:
# sysrc dovecot_enable=YES
Copy Dovecot configuration files:
# cp -a /usr/local/etc/dovecot/example-config/* /usr/local/etc/dovecot
Edit the /usr/local/etc/dovecot/conf.d/10-auth.conf file:
... disable_plaintext_auth = no ... auth_mechanisms = plain login ... #!include auth-system.conf.ext !include auth-sql.conf.ext
Edit the /usr/local/etc/dovecot/conf.d/10-mail.conf file:
...
mail_location = maildir:/usr/local/virtual/%d/%n
...
namespace inbox {
type = private
separator = /
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
...
first_valid_uid = 110
last_valid_uid = 110
...
first_valid_gid = 110
last_valid_gid = 110
...
mail_plugins = mail_log notify
...
Edit the /usr/local/etc/dovecot/conf.d/10-master.conf file:
...
unix_listener auth-userdb {
mode = 0660
user = vscan
group = vscan
}
#Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
...
NOTE: On the latest versions of Dovecot, myself and others are seeing permission errors regarding /var/run/dovecot/stats-writer when an email is delivered. It doesn’t keep the email from being delivered, but it can prevent other stats related processes from working correctly. I’ve tried various methods to resolve this including adding the “postfix” and “vscan” users to the “dovecot” group but the only workaround I’ve found is to add the below lines to bottom of the file we edited above (/usr/local/etc/dovecot/conf.d/10-master.conf) to change permissions on stats-writer directly. If anyone else has a better solution, I’m certainly all ears!
(At the end of the file...)
service stats {
unix_listener stats-writer {
mode = 0666
}
}
Edit the /usr/local/etc/dovecot/conf.d/10-ssl.conf file:
... ssl = yes ... ssl_cert = </usr/local/etc/ssl/dovecot/cert.pem ssl_key = </usr/local/etc/ssl/dovecot/key.pem ... ssl_ca = </usr/local/etc/ssl/dovecot/cert.pem ... ssl_verify_client_cert = yes ... ssl_dh = </usr/local/etc/ssl/dovecot/dh.pem ... ssl_min_protocol = TLSv1.2 ...
Edit the /usr/local/etc/dovecot/conf.d/15-lda.conf file:
...
postmaster_address = postmaster@domain.tld
...
hostname = host.domain.tld
...
sendmail_path = /usr/local/sbin/sendmail
...
lda_mailbox_autocreate = yes
...
protocol lda {
# Space separated list of plugins to load (default is global mail_plugins).
mail_plugins = $mail_plugins sieve
...
Edit the /usr/local/etc/dovecot/conf.d/20-imap.conf file:
...
protocol imap {
# Space separated list of plugins to load (default is global mail_plugins).
mail_plugins = $mail_plugins quota imap_quota zlib
...
Edit the /usr/local/etc/dovecot/conf.d/20-pop3.conf file:
... pop3_client_workarounds = outlook-no-nuls oe-ns-eoh ... mail_plugins = $mail_plugins ...
Edit the /usr/local/etc/dovecot/conf.d/90-plugin.conf file:
...
plugin {
#setting_name = value
expire = Trash
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_fields = uid box msgid size
}
plugin {
sieve = /usr/local/virtual/home/%d/%n/.dovecot.sieve
sieve_dir = /usr/local/virtual/home/%d/%n/sieve
sieve_global_path = /usr/local/virtual/home/default.sieve
mail_home = /usr/local/virtual/home/%d/%n
}
...
Edit the /usr/local/etc/dovecot/conf.d/90-quota.conf file:
...
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
user = dovecot
unix_listener quota-warning {
user = vscan
}
}
...
(Add to end of file...)
plugin {
#Where is quota applied ?
quota = maildir:User quota
# the default quota storage bytes, overrides are fetched from userdb [userdb_quota_ruleX]
quota_rule = *:storage=1G
#Storage bytes overrides
quota_rule2 = Trash:storage=+30%%
quota_rule3 = Sent:storage=+30%%
quota_warning = storage=90%% quota-warning 90 %u
quota_warning2 = storage=75%% quota-warning 75 %u
#What message to send to IMAP clients (and SMTP senders) when quota is exceeded?
quota_exceeded_message = Storage quota for this account has been exceeded, please try again later.
}
Create the /usr/local/bin/quota-warning.sh script and make it executable:
Note: Change the “postmaster@domain.com” email address to whatever you’d prefer the email be from.
# cat > /usr/local/bin/quota-warning.sh << EOF #!/bin/sh PERCENT=$1 USER=$2 cat << EOF | /usr/local/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=maildir:User quota:noenforcing" From: postmaster@domain.com Subject: quota warning Your mailbox is now $PERCENT% full. EOF # chmod +x /usr/local/bin/quota-warning.sh
Create Sieve home directory:
# mkdir -p /usr/local/virtual/home
Create and edit the /usr/local/virtual/home/default.sieve file:
require ["fileinto"];
# rule:[Junk]
if header :contains "X-Spam-Flag" "YES"
{
fileinto "Junk";
stop;
}
Run the sievec command against our default sieve file:
# sievec /usr/local/virtual/home/default.sieve
Set proper permissions on our virtual directory:
# chown -R vscan:vscan /usr/local/virtual # chmod 0755 /usr/local/virtual
Edit the /usr/local/etc/dovecot/dovecot-sql.conf.ext file:
...
driver = mysql
...
connect = host=localhost dbname=postfix user=postfix password=postfix_sql_password
...
default_pass_scheme = MD5
...
password_query = SELECT password, CONCAT('*:bytes=', quota) AS userdb_quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
...
user_query = SELECT CONCAT('/usr/local/virtual/', maildir) as home, 110 AS uid, 110 AS gid, CONCAT('*:bytes=', quota) AS quota_rule \
FROM mailbox WHERE username = '%u' AND active = '1'
...
NOTE:
The user_query line contains a bit in the query to allow Dovecot to return quota usage. If you don’t want or need quota usage returned, you can just remove that bit from the query…
Edit the /usr/local/etc/dovecot/dovecot.conf file:
... protocols = imap pop3 sieve ... login_greeting = domain.tld Mail Server Ready... ...
Add “dovecot” user to “vscan” group for LDA/delivery:
# pw usermod dovecot -G vscan
Create and secure certs and keys:
# mkdir -p /usr/local/etc/ssl/dovecot # cd /usr/local/etc/ssl/dovecot # openssl req -new -x509 -nodes -out cert.pem -keyout key.pem -days 3650 # openssl dhparam -out dh.pem 4096 # This will take a while... # chmod 0640 * # chgrp -R dovecot .