Installing from Source

First start out by downloading the lastest version from Dovecot’s website (the current version as of the writing of the how-to is 1.2.8).

yum -y install sqlite sqlite-devel gcc make patch db4-devel cyrus-sasl-devel

Next download and untar the source code.

wget http://dovecot.org/releases/1.2/dovecot-1.2.8.tar.gz
tar -xzf dovecot-1.2.8.tar.gz
cd dovecot-1.2.8/

Next, you will need to configure the code before compiling.

./configure --with-sqlite
echo $?

Assuming the configure command finishes with out error (the last line should be a “0″). Compile and install Dovecot.

make && make install

Configuring Dovecot for SQLite

First we need to create or modify the dovecot config file for SQLite access.  If you are currenly using MySQL with Dovecot, switching to SQLite is pretty easy and strate forward.  Or you may just use the below dovecot config file.

### Dovecot configuration file ###
### /etc/dovecot.conf ###
protocols = pop3 imap
login_user = postfix
auth_cache_size = 128
auth_cache_ttl = 600
mail_debug = yes

mail_location = maildir:%h/

protocol imap {
 listen = *:143
}

protocol lda {
  postmaster_address = postmaster@mattrude.com
  hostname = odin.mattrude.com
  mail_plugin_dir = /usr/local/lib/dovecot/lda
  auth_socket_path = /var/run/dovecot/auth-master
}

auth default {
  mechanisms = plain login
  userdb sql {
    args = /etc/dovecot-sqlite.conf
  }
  passdb sql {
    args = /etc/dovecot-sqlite.conf
  }
  socket listen {
    master {
      path = /var/run/dovecot/auth-master
      user = virtualmail
      group = virtualmail
    }
    client {
      path = /var/spool/postfix/private/auth
      mode = 0660
      user = postfix
      group = postfix
    }
  }
}

After you have created the main Dovecot config file, you will need to add the SQLite config file (below).

### /etc/dovecot-sqlite.conf ###
driver = sqlite
connect = /etc/postfix/postfix.sqlite
password_query = SELECT password, username AS user \
  FROM mailbox WHERE username = '%u' AND domain = '%d'
user_query = SELECT maildir, 1000 AS uid, 1000 AS gid FROM mailbox WHERE \
  username = '%u' AND domain = '%d' AND active = '1'

After the config files have been created, we need to create the database file, here is where you will need SQLite installed on the system.

Building the SQLite Database

In order to use the SQLite function, you need a SQLite database. First using SQLite3 run

sqlite3 /etc/postfix/postfix.sqlite

To create the database, then you can copy and past the following scheme into the new database.

CREATE TABLE alias (
  address varchar(255) NOT NULL,
  goto text NOT NULL,
  domain varchar(255) NOT NULL,
  created datetime NOT NULL default '0000-00-00 00:00:00',
  modified datetime NOT NULL default '0000-00-00 00:00:00',
  active tinyint(1) NOT NULL default '1');

CREATE TABLE domain (
  domain varchar(255) NOT NULL,
  description varchar(255) NOT NULL,
  aliases int(10) NOT NULL default '0',
  mailboxes int(10) NOT NULL default '0',
  maxquota bigint(20) NOT NULL default '0',
  quota bigint(20) NOT NULL default '0',
  transport varchar(255) NOT NULL,
  backupmx tinyint(1) NOT NULL default '0',
  created datetime NOT NULL default '0000-00-00 00:00:00',
  modified datetime NOT NULL default '0000-00-00 00:00:00',
  active tinyint(1) NOT NULL default '1' );

CREATE TABLE mailbox (
  username varchar(255) NOT NULL,
  password varchar(255) NOT NULL,
  name varchar(255) NOT NULL,
  maildir varchar(255) NOT NULL,
  quota bigint(20) NOT NULL default '0',
  domain varchar(255) NOT NULL,
  created datetime NOT NULL default '0000-00-00 00:00:00',
  modified datetime NOT NULL default '0000-00-00 00:00:00',
  active tinyint(1) NOT NULL default '1',
  local_part varchar(255) NOT NULL );

Then close the database

.quit

Or you may download mine from below and use the same scheme work.

• postfix.sqlite

mkdir /var/run/dovecot

Dovecot INIT file

#!/bin/bash
#
#	/etc/rc.d/init.d/dovecot
#
# Starts the dovecot daemon
#
# chkconfig: - 65 35
# description: Dovecot Imap Server
# processname: dovecot
# Source function library.
. /etc/init.d/functions

test -x /usr/local/sbin/dovecot || exit 0

RETVAL=0
prog="Dovecot Imap"

start() {
       echo -n $"Starting $prog: "
	daemon /usr/local/sbin/dovecot
	RETVAL=$?
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dovecot
	echo
}

stop() {
	echo -n $"Stopping $prog: "
	killproc /usr/local/sbin/dovecot
	RETVAL=$?
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/dovecot
	echo
}

case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  reload|restart)
	stop
	start
	RETVAL=$?
	;;
  condrestart)
	if [ -f /var/lock/subsys/dovecot ]; then
	    stop
	    start
	fi
	;;
  status)
	status /usr/local/sbin/dovecot
	RETVAL=$?
	;;
  *)
	echo $"Usage: $0 {condrestart|start|stop|restart|reload|status}"
	exit 1
esac

exit $RETVAL

Related Posts

1. Installing Postfix with SQLite Support
2. Converting a MediaWiki database from MySQL to SQLite
3. Creating Self-signed SSL Certificates for Dovecot & Postfix
4. Postfix: remap from addresses with a generic map
5. Postfix: reject an address before queue

• The first time the client connects to the server, it sees the certificate and asks the user whether to trust it. The user of course doesn’t really bother verifying the certificate’s fingerprint, so a man-in-the-middle attack can easily bypass all the SSL security, steal the user’s password and so on.
• If the client was lucky enough not to get attacked the first time it connected, the following connections will be secure as long as the client had permanently saved the certificate. Some clients do this, while others have to be manually configured to accept the certificate.

The only way to be fully secure is to import the SSL certificate to client’s (or operating system’s) list of trusted CA certificates prior to first connection. See SSL/CertificateClientImporting how to do it for different clients.

Building Dovcot’s Self-Signed Certificates

Dovecot includes a script to build self-signed SSL certificates using OpenSSL. First you need to find the dovecot-openssl.cnf file.

• Configuring the Certificate Config File

The best way on Fedora to do this is via the locate command.

locate dovecot-openssl.cnf

Mine was located at /etc/pki/dovecot/dovecot-openssl.cnf. Now that you have found the file you need to add your server information to it, like this:

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
# country (2 letter code)
C=US

# State or Province Name (full name)
ST=MN

# Locality Name (eg. city)
L=SaintPaul

# Organization (eg. company)
O=example.com

# Organizational Unit Name (eg. section)
OU=IMAP server

# Common Name (*.example.com is also possible)
CN=*.example.com

# E-mail contact
emailAddress=postmaster@example.com

[ cert_type ]
nsCertType = server

• Build the Certificates

/usr/libexec/dovecot/mkcert.sh

• Modifying Dovecot

You will need to add the following to your /etc/dovecot.conf file:

ssl_listen = 993
ssl_disable = no
ssl_cert_file = /etc/postfix/smtpd.pem
ssl_key_file = /etc/postfix/smtpd.pem
auth_cache_size = 128

Then restart Dovecot

/sbin/service dovecot restart

gutter='0'

Related Posts

1. Installing Dovecot with SQLite Support
2. Installing Postfix with SQLite Support
3. Creating a secure Git repository server
4. Postfix: remap from addresses with a generic map
5. Installing the GIT Daemon for Read Only Access to Repoistory