Wir installieren dovecot nur mit impa und sieve, ich bin der Meinung pop3 braucht niemand mehr heute. Sieve ist ganz coll, weil man damit schon serverseitig beim Posteingang Mails in Ordner sortieren kann.
apt install dovecot-imapd dovecot-lmtpd dovecot-sieve dovecot-mysql
Dovecot ist gar nicht so schwer zu konfigurieren, wie es aussieht. Also beherzt den ganzen Schrott wegwerfen.
rm -rf /etc/dovecot/*
Diffie Hellman Parameter für Dovecot erstellen.
openssl dhparam -out /etc/dovecot/dh4096.pem 4096
Jetzt kann man erstmal Kaffee trinken gehen. Das dauert.
Dann wird /etc/dovecot/dovecot.conf erstellt
#mail_debug = no
##
## Aktivierte Protokolle
##
protocols = imap lmtp sieve
##
## TLS Config
## Quelle: https://ssl-config.mozilla.org/#server=dovecot&version=2.3.9&config=intermediate&openssl=1.1.1d&guideline=5.4
##
ssl = yes
disable_plaintext_auth=no
ssl_cert = </etc/letsencrypt/live/mail.domain.tld/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.domain.tld/privkey.pem
ssl_dh = </etc/dovecot/dh4096.pem
ssl_min_protocol = TLSv1.2
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_prefer_server_ciphers = no
##
## Dovecot services
##
service imap-login {
inet_listener imap {
port = 143
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service lmtp {
unix_listener lmtp {
#mode = 0666
}
user = vmail
}
service auth {
### Auth socket für LMTP-Dienst
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
##
## Protocol settings
##
protocol imap {
mail_plugins = $mail_plugins imap_sieve
mail_max_userip_connections = 50
imap_idle_notify_interval = 29 mins
}
protocol lmtp {
postmaster_address = postmaster@mail.domain.tld
mail_plugins = $mail_plugins sieve notify push_notification
}
##
## Client authentication
##
disable_plaintext_auth = yes
auth_mechanisms = plain login
auth_username_format = %Lu
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
##
## Address tagging
##
recipient_delimiter = +
##
## Mail location
##
mail_uid = vmail
mail_gid = vmail
mail_privileged_group = vmail
mail_home = /var/vmail/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
##
## Mailbox configuration
##
namespace inbox {
inbox = yes
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
}
##
## Mail plugins
##
plugin {
sieve_plugins = sieve_imapsieve sieve_extprograms
sieve_before = /var/vmail/sieve/global/spam-global.sieve
sieve = file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve
###
### Spam learning
###
# From elsewhere to Spam folder
imapsieve_mailbox1_name = Junk
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve
# From Spam folder to elsewhere
imapsieve_mailbox2_name = *
imapsieve_mailbox2_from = Junk
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve
sieve_pipe_bin_dir = /usr/bin
sieve_global_extensions = +vnd.dovecot.pipe
}
Und dann noch das /etc/dovecot/dovecot-sql.conf
driver=mysql connect = "host=localhost dbname=vmail user=vmail password=DatenbankPasswort" default_pass_scheme = BLF-CRYPT password_query = SELECT username, domain, password FROM credentials WHERE username = '%Ln' AND domain = '%Ld'; user_query = SELECT 2000 AS uid, 2000 as gid, '/var/vmail/%Ld/%Ln' AS home;