SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
Revision of Dovecot from Tue, 10/13/2015 - 16:09
Revisions allow you to track differences between multiple versions of your content, and revert back to older versions.
Installation
Download the latest tarball of the Dovecot source:
cd /extra/src
wget http://dovecot.org/releases/2.2/dovecot-2.2.19.tar.gz
tar zxf dovecot-2.2.19.tar.gz
cd dovecot-2.2.19
Configure Dovecot with support for vpopmail, compile and install it. If you want POP3 as well as IMAP, you need to specify it in the configure options.
./configure --with-vpopmail
make
make install
Create the necessary users and group for Dovecot to run as:
groupadd dovecot
useradd -g dovecot -s /bin/false -c "Dovecot Mail Server" dovecot
useradd -g dovecot -s /bin/false -c "Dovecot Mail Server" dovenull
Configuration
Dovecot includes a set of config files that you can copy into /usr/local/etc
:
cp -r /usr/local/share/doc/dovecot/example-config/* /usr/local/etc/dovecot/
Authentication
To enable authentication with vpopmail
, edit /usr/local/etc/dovecot/conf.d/10-auth.conf
and uncomment:
!include auth-vpopmail.conf.ext
You'll also want to make sure that pam
is disabled, so comment out:
#!include auth-system.conf.ext
Since the vpopmail user is uid 89, we need to adjust a few settings in /usr/local/etc/dovecot/conf.d/10-mail.conf
:
first_valid_uid = 89
last_valid_uid = 89
Courier by default uses "INBOX." as the IMAP namespace for private mailboxes. Configuring Dovecot the same way can make things easier when configuring clients and also when switching existing Maildirs from Courier to Dovecot. There are two ways to accomplish this:
- Using the same
INBOX.
namespace as Courier. With this method, Mail.app (at least in OS X 10.3) required that you specifyINBOX
as the IMAP Path Prefix when configuring the account.mail_location = maildir:~/Maildir
namespace {
separator = .
prefix =
inbox = yes
}# INBOX. as a compatibility name so old clients can continue using it
namespace {
separator = .
prefix = INBOX.
inbox = no
hidden = yes
list = no
alias_for =
}
Self-Signed SSL Certificate
Dovecot by default does not allow plain-text logins so you'll need to have an SSL certificate for it use. You can use:
- Dovecot's instructions:
mkdir -p /etc/ssl/certs
mkdir -p /etc/ssl/private
cd /extra/src/dovecot-2.2.18/doc/Edit
/extra/src/dovecot-2.2.18/doc/dovecot-openssl.cnf
to suite your organization then:sh mkcert.sh
The files created are already configured in the defaul Dovecot conf files.
- or you can create a self-signed certificate using the Apache SSL instructions. If you do it the Apache way, copy the certificates to a location where we'll configure Dovecot to read it from:
cd ~/cert
cat server.key server.crt > /usr/local/etc/dovecot.pemThen modify
/usr/local/etc/dovecot/conf.d/10-ssl.conf
to find the files:ssl_cert = </usr/local/etc/dovecot.pem
ssl_key = </usr/local/etc/dovecot.pem
However, if you did need to use plaintext auth with Dovecot, you can modify /usr/local/etc/dovecot.conf
to allow it. Please, don't let users connect over the Internet like this though!
disable_plaintext_auth = no
Daemontools Startup
The DJB Way website has a page on running Dovecot through daemontools. These instructions are adapted from that.
Firstly, create a directory to hold the service:
mkdir -m 1755 /var/service/dovecot-imapd
mkdir -m 755 /var/service/dovecot-imapd/log
cd /var/service/dovecot-imapd
Then create the /var/service/dovecot-imapd/run
file with the following contents:
#!/bin/sh
# dovecot-imapd/run
# daemontools run script for dovecot-imapd service
# ===
exec 2>&1
echo "*** Starting dovecot-imapd service..."
exec envuidgid dovecot \
/usr/local/sbin/dovecot \
-F \
-c /usr/local/etc/dovecot/dovecot.conf
Make the run script executable and then set up the logging service:
chmod 755 run
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run
Edit /usr/local/etc/dovecot/conf.d/10-logging.conf
so that it sends log messages to /dev/stderr
where multilog
can catch them.
log_path = /dev/stderr
Make the symbolic link in /service
to start Dovecot:
ln -s /var/service/dovecot-imapd /service/dovecot-imapd
After about 10 seconds, confirm that it is running:
svstat /service/dovecot-imapd /service/dovecot-imapd/log
CentOS 7 Firewall settings:
firewall-cmd --permanent --zone=public --add-service=imaps
firewall-cmd --reload
Courier to Dovecot migration
In general, there's not really much you need to do to migrate existing Maildirs from Couier-IMAP to Dovecot. However, one thing I did notice was that folder subscriptions do not copy from Courier's Maildir/courierimapsubscribed
file to Dovecot's Maildir/subscriptions
file. Depending on your mail client, this might not be an issue. Mail.app, for instance, picked up the new folders even though they weren't listed in Maildir/subscriptions
. On the other hand, SquirrelMail didn't see them unless you manually subscribed to them.
The Dovecot wiki has a wiki Courier migration page has some migration details that have an impact for POP3 users and has a Courier-to-Dovecot migration script to take of some POP3 UIDL issues. The script also can convert Courier's Maildir/courierimapsubscribed
file to Dovecot's Maildir/subscriptions
format (basically removing "INBOX." from the entries).
cd /usr/local/bin
wget http://www.dovecot.org/tools/courier-dovecot-migrate.pl
chmod ugo+x courier-dovecot-migrate.pl
cd /home/vpopmail/domains/<domain>
/usr/local/bin/courier-dovecot-migrate.pl --recursive --convert --overwrite
Resources
Install Dovecot and sieve on a vpopmail + qmail server
- Log in to post comments