|Dovecot IMAP/POP3 server|
|Written by Administrator|
|Sunday, 10 February 2008 14:33|
Slackware make uses of the UW (University of Washington) IMAP server. This was probably once a good choice, but not any longer, since there are better IMAP servers available.
I use the Horde framework with IMP, the Internet Messaging Program. IMP is written in PHP and provides webmail access to IMAP and POP3 accounts. Unlike previous versions of IMP, 4.1+ no longer contains the "namespace", "hierarchies", or "folders" parameters. Instead, namespace configuration is automatically detected from the remote server.
This startles users of UW-IMAP because all files in the home directory now show up in the folders list and all sorts of namespaces appear that didn't appear before. Additionally, this results in drastically increased login times to IMP.
In fact, this is not a IMP problem, it is a UW-IMAP configutation problem. The problem has been known for a long time, still there is no easy workaround for this.
Some day I decided to move to Dovecot, an open source IMAP and POP3 server. Dovecot primarily aims to be lightweight, fast and easy to set up and has been written primarily with security in mind. Dovecot can work with standard mbox, Maildir, and its own dbox format. It is fully compatible with UW IMAP and Courier IMAP servers.
Steps to move
Move to Dovecot takes only a few steps:
Dovecot configuration file
You find the dovecot configuration file in /etc/dovecot.conf. If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration. Otherwise, proceed trough the options step by step and adjust as needed.
For the complete dovecot documentation visit the website.
Options in dovecot.conf
Example settings (grep -v "#" /etc/dovecot.conf):
# Only do this in combination with TLS / SLL. Otherwise, your password are in severe danger!
Set up TLS / SSL
I use TLS to secure my passwords and mails in transport. To do so is a three step process:
You can use a "official" certificate or go with your own CA and certificate. You may want to use a "official" certificate in a productive environment with different parties accessing your server. This is not a must, but you would have to assure the proper distribution of your CA certificate to all parties accessing your server.
For a list of authorities providing official certificates, have a look in the authorities certificate section of your web browser.
If you prefer to go with your own CA and certificate, refer to the dedicated article (OpenSSL CA) on Piir-Stuff.
To enable TLS, adjust your dovecot settings correspondingly. The authentication section is not mandatory and only required if you want to use client certificates for authentication.
# This is the server certificate - either a self made or official certificate
you will receive a waning notice, if the CA certificate of the issuing CA is not in the authorities store of your mail client. In order to avoid this, check the authorities store of your mail client. If it is missing, get the issuing CA certificate and import it.
Fire up dovecot
You can do this either by inetd or a startup script from /etc/rc.d
Option 1: inetd
Disable the original UW IMAP daemon and have the new Dovecot daemon in /usr/libexec/dovecot started.
#imap2 stream tcp nowait root /usr/sbin/tcpd imapd
Option 2: Startup script from /etc/rc.d
|Last Updated on Monday, 11 June 2012 10:30|