Re: [vchkpw] Dovecot config

[Rick Widmer]

Camille Ollié wrote:
Hello,

i have installed dovecot with apt-get install dovecot (and all 
dependicies). I want to use dovecot with vpopmail authentification, but 
all i have found with google doesn't help me.
Someone can help me with the dovecot configuration ? I think i have 
forget something, but i don't find what.

I bet you end up having to compile it because they don't compile in 
vpopmail authentication...  :(



This is a snippet from a future version of Bill Shupp's toaster for 
installing Dovecot.  It is only tested on OpenSuSE 11.0, but should be 
close for others.  You may have to do things a little differently 
installing the run file and the links in the rc*.d directories.  The 
configuration file patch and runfile for SuSE Linux are attached.


Rick

===========================================================================


Dovecot IMAP

Dovecot will supply IMAP/SIMAP access.

Info: http://www.dovecot.org/

Install:

    cd /var/src
    tar -xzf tar/dovecot-1.1.4.tar.gz
    cd dovecot-1.1.4

    ./configure --with-vpopmail --without-pop3d \
    --without-passwd --without-pam \
    --without-passwd-file --without-shadow \
    --without-checkpassword --without-deliver

    make
    make install


Setup SSL certificate:

    cd doc

    Edit the file dovecot-openssl.conf and customize it for your site. 
Your answers here should be nearly the same as the ones for the qmail 
certificate except for the fact that this is used by the imap server and 
the previous certificate is used by the mail server.


Create SSL certificate:

    mkdir -p /etc/ssl/cert
    chmod 755 /etc/ssl/cert
    mkdir -p /etc/ssl/private
    chmod 700 /etc/ssl/private
    chmod 700 mkcert.sh
    ./mkcert.sh


Configure:

    cd /usr/local/etc
    cp dovecot-example.conf dovecot.conf
    patch -p0 < /var/src/tar/dovecot-1.1.4-conf.patch


Setup run files for SuSE systems

    cp /var/src/tar/dovecot-1.1.4.run /etc/rc.d/dovecot
    chmod 755 /etc/rc.d/dovecot
    ln -s /etc/rc.d/dovecot /usr/sbin/rcdovecot
    ln -s /etc/rc.d/dovecot /usr/bin/dovecotctl
    cd /etc/rc.d
    insserv dovecot

    # Start Dovecot IMAP server
    rcdovecot start


!DSPAM:494fe9a832311000012544!
--- dovecot-example.conf        2008-10-27 13:57:52.000000000 -0600
+++ dovecot.conf        2008-10-27 14:19:09.000000000 -0600
@@ -344,8 +344,8 @@
 # to make sure that users can't log in as daemons or other system users.
 # Note that denying root logins is hardcoded to dovecot binary and can't
 # be done even if first_valid_uid is set to 0.
-#first_valid_uid = 500
-#last_valid_uid = 0
+first_valid_uid = 89 
+last_valid_uid  = 89
 
 # Valid GID range for users, defaults to non-root/wheel. Users having
 # non-valid GID as primary group ID aren't allowed to log in. If user
@@ -700,7 +700,7 @@
 # Authentication cache size in kilobytes. 0 means it's disabled.
 # Note that bsdauth, PAM and vpopmail require cache_key to be set for caching
 # to be used.
-#auth_cache_size = 0
+auth_cache_size = 1024 
 # Time to live in seconds for cached data. After this many seconds the cached
 # record is no longer used, *except* if the main database lookup returns
 # internal failure. We also try to handle password changes automatically: If
@@ -825,7 +825,7 @@
   # database (passwd usually), you can use static userdb.
   # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
   # authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
-  passdb pam {
+#  passdb pam {
     # [session=yes] [setcred=yes] [failure_show_msg=yes]
     # [cache_key=<key>] [<service name>]
     #
@@ -854,7 +854,7 @@
     #   args = session=yes %Ls
     #   args = cache_key=%u dovecot
     #args = dovecot
-  }
+#  }
 
   # System users (NSS, /etc/passwd, or similiar)
   # In many systems nowadays this uses Name Service Switch, which is
@@ -908,12 +908,12 @@
   #}
 
   # vpopmail authentication <doc/wiki/AuthDatabase.VPopMail.txt>
-  #passdb vpopmail {
+  passdb vpopmail {
     # [cache_key=<key>] - See cache_key in PAM for explanation.
     # [quota_template=<template>] - %q expands to Maildir++ quota
     #   (eg. quota_template=quota_rule=*:backend=%q)
     #args =
-  #}
+  }
 
   #
   # User database specifies where mails are located and what user/group IDs
@@ -925,14 +925,14 @@
   # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
   # uses Name Service Switch, which is configured in /etc/nsswitch.conf.
   # <doc/wiki/AuthDatabase.Passwd.txt>
-  userdb passwd {
+#  userdb passwd {
     # [blocking=yes] - By default the lookups are done in the main dovecot-auth
     # process. This setting causes the lookups to be done in auth worker
     # proceses. Useful with remote NSS lookups that may block.
     # NOTE: Be sure to use this setting with nss_ldap or users might get
     # logged in as each others!
     #args = 
-  }
+#  }
 
   # passwd-like file with specified location
   # <doc/wiki/AuthDatabase.PasswdFile.txt>
@@ -971,8 +971,8 @@
   #}
 
   # vpopmail <doc/wiki/AuthDatabase.VPopMail.txt>
-  #userdb vpopmail {
-  #}
+  userdb vpopmail {
+  }
 
   # "prefetch" user database means that the passdb already provided the
   # needed information and there's no need to do a separate userdb lookup.


!DSPAM:494fe9a832311000012544!
#! /bin/sh
# Copyright (c) 1995-2004 SUSE Linux AG, Nuernberg, Germany.
#               2005-2007 SUSE / Novell Inc.
# All rights reserved.
#
# Author: Mads Martin Joergensen <m...@suse.de>
#         Marcus Rueckert <mrueck...@suse.de>
# Please send feedback to http://www.suse.de/feedback/
#
# /etc/init.d/dovecot
#   and its symbolic link
# /usr/sbin/rcdovecot
#
### BEGIN INIT INFO
# Provides:          dovecot
# Required-Start:    $remote_fs $syslog $network
# Required-Stop:
# Default-Start:     3 5
# Default-Stop:      0 1 2 6
# Short-Description: Dovecot IMAP/POP3/SASL server
# Description:       Dovecot IMAP/POP3/SASL server
### END INIT INFO

. /etc/rc.status

# Reset status of this service
rc_reset

DOVECOT_BIN=/usr/local/sbin/dovecot
test -x $DOVECOT_BIN || {
        echo "$DOVECOT_BIN not installed";
        if [ "$1" = "stop" ] ; then
                exit 0
        else
                exit 5
        fi
        }

case "$1" in
        start)
                echo -n "Starting dovecot "
                startproc $DOVECOT_BIN
                rc_status -v
                ;;
        stop)
                echo -n "Stopping dovecot "
                killproc -TERM $DOVECOT_BIN
                rc_status -v
                ;;
        try-restart|condrestart)
                $0 status
                if test $? = 0; then
                        $0 restart
                else
                        rc_reset
                fi
                rc_status
                ;;
        restart)
                $0 stop
                $0 start
                rc_status
                ;;
        force-reload)
                # dovecot has support for reloading it's config when
                # recieving signal 1 (SIGHUP). There's still some
                # issues noticed in the dovecot-TODO though so restart
                # for now.
                echo -n "Reload service dovecot "
                # killproc -HUP $DOVECOT_BIN
                # rc_status -v

                $0 try-restart
                rc_status
                ;;
        reload)
                echo -n "Reload service dovecot "
                killproc -HUP $DOVECOT_BIN
                rc_status -v
                ;;
        status)
                echo -n "Checking for service dovecot "
                checkproc $DOVECOT_BIN
                rc_status -v
                ;;
        *)
                echo "Usage: $0 
{start|stop|status|try-restart|restart|force-reload|reload}"
        exit 1
        ;;
esac
rc_exit


!DSPAM:494fe9a832311000012544!