Postfix Virtual Hosting With LDAP Backend With Dovecot As IMAP/POP3 Server On Ubuntu Hardy Heron 8.04 TLS - Page 3

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Submitted by Miguel (Contact Author) (Forums) on Mon, 2008-07-28 16:30. ::

Step 4: Install and configure dovecot

apt-get install dovecot-imapd dovecot-pop3d

This will install dovecot and all necessary files and also create the standard ssl certificates for IMAPs and POP3s.

Now we back up the original configuration file for safe keeping.

mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.bck
mv /etc/dovecot/dovecot-ldap.conf /etc/dovecot/dovecot-ldap.conf.bck

Next you can create new configuration files with the examples provide below.

vi /etc/dovecot/dovecot.conf

auth_verbose = yes
mail_debug = yes

base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
protocol lda {
  postmaster_address = postmaster@example.tld
  auth_socket_path = /var/run/dovecot/auth-master
  log_path = /var/log/dovecot-deliver.log
  info_log_path = /var/log/dovecot-deliver.log
  }
listen = *
shutdown_clients = yes
log_path = /var/log/dovecot.log
info_log_path = /var/log/mail.log
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
disable_plaintext_auth = no
ssl_disable = no
ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
ssl_key_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
login_chroot = yes
login_user = postfix
login_process_per_connection = yes
login_processes_count = 2
login_max_processes_count = 128
login_max_connections = 256
login_greeting = Welkom bij Webhabitat's Dovecot eMail Server.
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
default_mail_env = maildir:/home/vmail/domains/%d/%u
first_valid_uid = 108 # REMEBER THIS MUST BE CHANGED TO YOUR UID FOR "postfix" FROM /etc/passwd
pop3_uidl_format = %08Xu%08Xv
auth default {
    mechanisms = PLAIN LOGIN
    passdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
    }
    userdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
    }
socket listen {
                master {
                        path = /var/run/dovecot/auth-master
                                mode = 0600
                        user = vmail
                        group = vmail
                }
                client {
                        path = /var/spool/postfix/private/auth
                        mode = 0660
                        user = postfix
                        group = postfix
                }
        }
        user = vmail
}

vi /etc/dovecot/dovecot-ldap.conf

hosts = localhost
auth_bind = yes
auth_bind_userdn = mail=%u,vd=%d,o=hosting,dc=example,dc=tld
ldap_version = 3
base = dc=example,dc=tld
dn = cn=admin,dc=example,dc=tld
dnpass = secret
deref = never
scope = subtree
user_filter = (&(objectClass=VirtualMailAccount)(accountActive=TRUE)(mail=%u))
pass_filter = (&(objectClass=VirtualMailAccount)(accountActive=TRUE)(mail=%u))
default_pass_scheme = MD5
# the uid of your vmail user
user_global_uid = 1000
# the guid of your vmail group
user_global_gid = 1000

Note: Remember to change example.tld to your own domain.tld see assumptions.

The follwoing entry in dovecot.conf enables sasl:

socket listen {
                master {
                        path = /var/run/dovecot/auth-master
                                mode = 0600
                        user = vmail
                        group = vmail
                }
                client {
                        path = /var/spool/postfix/private/auth
                        mode = 0660
                        user = postfix
                        group = postfix
                }
        }
        user = vmail
}

The following entry in dovecot.conf provides session and logging for dovecot deliver:

protocol lda {
  postmaster_address = postmaster@example.tld
  auth_socket_path = /var/run/dovecot/auth-master
  log_path = /var/log/dovecot-deliver.log
  info_log_path = /var/log/dovecot-deliver.log
  }

At this moment I haven't gotten dovecot to use the quota entries provided by phamm, this will be an addon in the (very, hopefully :) ) future.

This concludes the dovecot configuration.

up

Copyright © 2008 Miguel Brams
All Rights Reserved.
add comment | view as pdf view as pdf | print: this | all page(s) |
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
CentOS 5.3_x64 with this howto
Submitted by willi (not registered) on Sun, 2009-06-28 01:22.

Thank you for this howto - I do follow your explanations on an CentOS 5 System: With modifications I have dovecot working and accepting it. Phamm is implemented on another system and connects to the Mailserver with Openldap (I do want to go further moving it to another Server with Kerberos Ldap support isolating mail.lan.dom for security reasons) 1.) I got stuck with gnarwl getting compile errors - will contact the developer for this! BUT: I do have problems with postfix - accounts are verified against ldap - this is OK BUT: I think postfix is not able to create the mailbox path a postmap -q john.doe@lan.dom ldap:accounts retreats lan.dom/john.doe which seems to be perfect the maillog issues: fatal: pipe_command: execvp /usr/local/bin/maildrop: No such file or directory++ ps.: I'd built transport.db and virtual.db from empty files tks in advance IF - I'm through with this I will write it down and send you the implementation log - if you like

reply | view as pdf view as pdf
Hi,this howto includes one
Submitted by Janusz (not registered) on Wed, 2009-04-15 22:37.

Hi, this howto includes one mistake and some inaccuraties. Please take under consideration the following issues: - it is:
 dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient)
while it should be:
dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
- it is:
# the uid of your vmail user user_global_uid = 1000
# the guid of your vmail group user_global_gid = 1000
mine dovecot doesn't recognize those options, but those work:
mail_uid = 1000 mail_gid = 1000
- in /etc/dovecot/dovecot-ldap.conf it is:
dn = cn=admin,dc=example,dc=tld dnpass = secret
what for is it for? its not needed, in my opinion.
- you use Debian - once upon a time I've also used Debian. The problem with it was that postfix deb wasn't compiled with vda extension - quota need this to work. The howto is ok, but I would suggest writing also overall architecture
- there is no saslauthd and this is great as the setup is much more simple, but one don't have to know that postfix can use dovecot-sasl or even that dovecot provides one. The most important thing which wasn't written is that the phamm.org (or better - phamm package) includes most of examples provided here, so they are very good for reference. Regards.

reply | view as pdf view as pdf
Re: Hi,this howto includes one
Submitted by willi (not registered) on Sun, 2009-06-28 01:06.

sorry i'd like to say beam me up scotty I do not see the point I think those lines are equal: Hi, this howto includes one mistake and some inaccuraties. Please take under consideration the following issues: - it is:  dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient) while it should be: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} -----------------------

reply | view as pdf view as pdf
default_mail_env directive deprecated in dovecot > 1.0rc11
Submitted by Clayton Davis (not registered) on Fri, 2008-12-05 18:55.

Dovecot requires you to replace "default_mail_env" with "mail_location" if you are using Dovecot > 1.0rc11.  This is applicable to the default version installed in Ibex (8.10).

 

reply | view as pdf view as pdf
Sponsored Links: Unified Communications: Thoughts, Strategies and Predictions
Join the discussion.
www.seamlessenterprise.com

IP Convergence
Integrate your wireless and wireline networks.
Learn how from the experts at Sprint.
www.seamlessenterprise.com

Wireless & Wireline Integration
Thoughts, strategies and solutions: join the discussion
www.seamlessenterprise.com

Unified Communications 2009
Join the Discussion. Now.
www.seamlessenterprise.com