Dovecot v2 with ISPConfig 3

Discussion in 'Installation/Configuration' started by CSsab, Aug 4, 2011.

  1. CSsab

    CSsab New Member

    Hi,
    I am trying out dovecot instead of courier and was wondering if anyone has a working dovecot.conf file for v2 they could share or any other informations.

    Everything works fine until ISPConfig 3 configures dovecot so I am presuming there is no support just yet.

    Is anyone working on this or is it in the roadmap.

    Thanks in advance.
     
  2. till

    till Super Moderator

    Dovecot 2 is not supported yet. It is planned to add support for dovecot 2 with ISPConfig 3.0.4. There is noone working on that yet. Would be a big help if you could amke a dovecot.conf and dovecot-sql.conf file which we could use.
     
  3. CSsab

    CSsab New Member

    I can help to a limited extent - wish I had the knowledge base !!
    I can only see what needs to be done and not know how to do it - very frustrating.

    I can certainly try but will need help and confirmation.

    Here are some of my questions:

    1. If I run:
    openssl x509 -in /etc/ssl/certs/dovecot.pem -noout -text

    The correct cert has been written with the CN hostname details and so on. The only thing I would change is the email address which is root@mydomain.tld.
    At the moment I can just add an alias in /etc/aliases for root: postmaster@mydomain.tld
    and then run
    newaliases
    /etc/init.d/postfix reload

    So the means by which certs can be recreated are not available in binary distributions unless I am missing something - I would have to go here:
    http://wiki.dovecot.org/SSL/CertificateCreation
    and download mkcert.sh and so on ...

    Could you tell me the correct way to do this.

    2. These are my dovecot packages (this is a testing system because I am looking at the dovecot-managesieved package in wheezy):
    dovecot-common dovecot-imapd dovecot-managesieved dovecot-pop3d dovecot-sieve

    The following NEW packages will be installed:
    dovecot-common dovecot-imapd dovecot-managesieved dovecot-pop3d dovecot-sieve
    0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
    Need to get 0 B/3,476 kB of archives.
    After this operation, 7,004 kB of additional disk space will be used.
    Selecting previously deselected package dovecot-common.
    (Reading database ... 29783 files and directories currently installed.)
    Unpacking dovecot-common (from .../dovecot-common_1%3a2.0.13-1.1_amd64.deb) ...
    Selecting previously deselected package dovecot-imapd.
    Unpacking dovecot-imapd (from .../dovecot-imapd_1%3a2.0.13-1.1_amd64.deb) ...
    Selecting previously deselected package dovecot-sieve.
    Unpacking dovecot-sieve (from .../dovecot-sieve_1%3a2.0.13-1.1_amd64.deb) ...
    Selecting previously deselected package dovecot-managesieved.
    Unpacking dovecot-managesieved (from .../dovecot-managesieved_1%3a2.0.13-1.1_amd64.deb) ...
    Selecting previously deselected package dovecot-pop3d.
    Unpacking dovecot-pop3d (from .../dovecot-pop3d_1%3a2.0.13-1.1_amd64.deb) ...
    Setting up dovecot-common (1:2.0.13-1.1) ...

    Creating config file /etc/dovecot/dovecot.conf with new version
    Creating config file /etc/dovecot/dovecot-db.conf.ext with new version
    Creating config file /etc/dovecot/dovecot-dict-sql.conf.ext with new version
    Creating config file /etc/dovecot/dovecot-sql.conf.ext with new version
    Creating config file /etc/dovecot/conf.d/10-auth.conf with new version
    Creating config file /etc/dovecot/conf.d/10-director.conf with new version
    Creating config file /etc/dovecot/conf.d/10-logging.conf with new version
    Creating config file /etc/dovecot/conf.d/10-mail.conf with new version
    Creating config file /etc/dovecot/conf.d/10-master.conf with new version
    Creating config file /etc/dovecot/conf.d/10-ssl.conf with new version
    Creating config file /etc/dovecot/conf.d/15-lda.conf with new version
    Creating config file /etc/dovecot/conf.d/90-acl.conf with new version
    Creating config file /etc/dovecot/conf.d/90-plugin.conf with new version
    Creating config file /etc/dovecot/conf.d/90-quota.conf with new version
    Creating config file /etc/dovecot/conf.d/auth-deny.conf.ext with new version
    Creating config file /etc/dovecot/conf.d/auth-master.conf.ext with new version
    Creating config file /etc/dovecot/conf.d/auth-passwdfile.conf.ext with new version
    Creating config file /etc/dovecot/conf.d/auth-static.conf.ext with new version
    Creating config file /etc/dovecot/conf.d/auth-system.conf.ext with new version
    Creating config file /etc/dovecot/conf.d/auth-vpopmail.conf.ext with new version
    Creating generic self-signed certificate: /etc/ssl/certs/dovecot.pem
    This certificate will expire in 10 years.
    (replace with hand-crafted or authorized one if needed).
    Starting IMAP/POP3 mail server: dovecot.
    Setting up dovecot-imapd (1:2.0.13-1.1) ...
    Creating config file /etc/dovecot/conf.d/20-imap.conf with new version
    Restarting IMAP/POP3 mail server: dovecot.
    Setting up dovecot-sieve (1:2.0.13-1.1) ...
    Creating config file /etc/dovecot/conf.d/90-sieve.conf with new version
    Restarting IMAP/POP3 mail server: dovecot.
    Setting up dovecot-managesieved (1:2.0.13-1.1) ...
    Creating config file /etc/dovecot/conf.d/20-managesieve.conf with new version
    Restarting IMAP/POP3 mail server: dovecot.
    Setting up dovecot-pop3d (1:2.0.13-1.1) ...
    Creating config file /etc/dovecot/conf.d/20-pop3.conf with new version
    Restarting IMAP/POP3 mail server: dovecot.




    netstat -tap
    tcp 0 0 *:smtp *:* LISTEN 1290/master
    tcp 0 0 *:sieve *:* LISTEN 4629/dovecot
    tcp 0 0 *:imaps *:* LISTEN 4629/dovecot
    tcp 0 0 *:pop3s *:* LISTEN 4629/dovecot
    tcp 0 0 localhost.localdo:10024 *:* LISTEN 513/amavisd (master
    tcp 0 0 localhost.localdo:10025 *:* LISTEN 1290/master
    tcp 0 0 localhost.localdo:mysql *:* LISTEN 1091/mysqld
    tcp 0 0 *:pop3 *:* LISTEN 4629/dovecot
    tcp 0 0 *:imap2 *:* LISTEN 4629/dovecot
    tcp 0 0 localhost.localdo:spamd *:* LISTEN 849/spamd.pid
    tcp 0 0 *:ssh *:* LISTEN 843/sshd
    tcp6 0 0 [::]:sieve [::]:* LISTEN 4629/dovecot
    tcp6 0 0 [::]:imaps [::]:* LISTEN 4629/dovecot
    tcp6 0 0 [::]:pop3s [::]:* LISTEN 4629/dovecot
    tcp6 0 0 [::]:pop3 [::]:* LISTEN 4629/dovecot
    tcp6 0 0 [::]:imap2 [::]:* LISTEN 4629/dovecot
    tcp6 0 0 [::]:www [::]:* LISTEN 525/apache2
    tcp6 0 0 [::]:ssh [::]:* LISTEN 843/sshd

    So here is /etc/dovecot.conf (uncommented only) before ISPConfig.

    !include_try /usr/share/dovecot/protocols.d/*.protocol
    dict {
    #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
    #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
    }
    !include_try local.conf


    So the configurations are in /etc/dovecot/conf.d/
    10-auth.conf 10-mail.conf 15-lda.conf 20-pop3.conf 90-quota.conf auth-master.conf.ext auth-system.conf.ext
    10-director.conf 10-master.conf 20-imap.conf 90-acl.conf 90-sieve.conf auth-passwdfile.conf.ext auth-vpopmail.conf.ext
    10-logging.conf 10-ssl.conf 20-managesieve.conf 90-plugin.conf auth-deny.conf.ext auth-static.conf.ext


    Which of these need to be modified by the ISPConfig installer?

    Further info:
    At the moment when I install ISPConfig 3 the following is appended to the dovecot.conf:

    driver = mysql
    connect = host=localhost dbname=mydatabasename user=ispconfig password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    default_pass_scheme = CRYPT

    password_query = SELECT password FROM mail_user WHERE mymailname = '%u' AND disable%Ls = 'n'
    user_query = SELECT (mymailname) as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', floor(quota/1024)) AS quota, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE mymailname = '%u' AND disable%Ls = 'n'

    Then the following errors are thrown off from the ISPConfig 3 installer:

    Configuring Dovecot
    PHP Warning: chmod(): No such file or directory in /tmp/ispconfig3_install/install/lib/installer_base.lib.php on line 750
    PHP Stack trace:
    PHP 1. {main}() /tmp/ispconfig3_install/install/install.php:0
    PHP 2. installer_base->configure_dovecot() /tmp/ispconfig3_install/install/install.php:337
    PHP 3. chmod() /tmp/ispconfig3_install/install/lib/installer_base.lib.php:750

    Configuring Spamassassin
    Configuring Amavisd


    What is the path to the sql file used currently?

    Other errors are:
    Stopping amavisd: amavisd-new.
    defined(%hash) is deprecated at /usr/share/perl5/Mail/SpamAssassin/Dns.pm line 757.
    (Maybe you should just omit the defined()?)
    Starting amavisd: amavisd-new.

    And the main ones are:

    Configuring Getmail
    Stopping Postfix Mail Transport Agent: postfix.
    Starting Postfix Mail Transport Agent: postfix.
    Stopping SASL Authentication Daemon: saslauthd.
    Starting SASL Authentication Daemon: saslauthd.


    Stopping amavisd: amavisd-new.
    defined(%hash) is deprecated at /usr/share/perl5/Mail/SpamAssassin/Dns.pm line 757.
    (Maybe you should just omit the defined()?)
    Starting amavisd: amavisd-new.
    Stopping ClamAV daemon: clamd.
    Starting ClamAV daemon: clamd Bytecode: Security mode set to "TrustSigned".
    .
    doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'pop3s' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:529: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:587: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:664: protocol managesieve {} has been replaced by protocol sieve { }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:681: sieve has been moved into plugin {} section
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:686: sieve_storage has been moved into plugin { sieve_dir }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:813: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:924: passdb sql {} has been replaced by passdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:985: userdb sql {} has been replaced by userdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:1014: auth_user has been replaced by service auth { user }
    doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: mail_plugin_dir: access(/usr/lib/dovecot/modules/lda) failed: No such file or directory
    doveconf: Error: managesieve-login: dump-capability process returned 89
    doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'pop3s' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:529: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:587: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:664: protocol managesieve {} has been replaced by protocol sieve { }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:681: sieve has been moved into plugin {} section
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:686: sieve_storage has been moved into plugin { sieve_dir }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:813: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:924: passdb sql {} has been replaced by passdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:985: userdb sql {} has been replaced by userdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:1014: auth_user has been replaced by service auth { user }
    doveconf: Error: ssl enabled, but ssl_cert not set
    doveconf: Error: ssl enabled, but ssl_cert not set
    doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: ssl enabled, but ssl_cert not set
    doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'pop3s' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:529: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:587: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:664: protocol managesieve {} has been replaced by protocol sieve { }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:681: sieve has been moved into plugin {} section
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:686: sieve_storage has been moved into plugin { sieve_dir }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:813: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:924: passdb sql {} has been replaced by passdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:985: userdb sql {} has been replaced by userdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:1014: auth_user has been replaced by service auth { user }
    doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: mail_plugin_dir: access(/usr/lib/dovecot/modules/lda) failed: No such file or directory
    doveconf: Error: managesieve-login: dump-capability process returned 89
    doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'imaps' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: 'pop3s' protocol is no longer necessary, remove it
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:529: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:587: mail_executable has been replaced by service { executable }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:664: protocol managesieve {} has been replaced by protocol sieve { }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:681: sieve has been moved into plugin {} section
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:686: sieve_storage has been moved into plugin { sieve_dir }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:813: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:924: passdb sql {} has been replaced by passdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:985: userdb sql {} has been replaced by userdb { driver=sql }
    doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:1014: auth_user has been replaced by service auth { user }
    doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: ssl enabled, but ssl_cert not set

    Restarting IMAP/POP3 mail server: dovecot failed!
    Configure Jailkit (y,n) [y]:


    This error relates to "<" in:

    ssl_cert = </etc/ssl/certs/dovecot.pem
    ssl_key = </etc/ssl/private/dovecot.pem

    Fatal: Error in configuration file /etc/dovecot/dovecot.conf: ssl enabled, but ssl_cert not set
    and it goes away when the correct path is set.

    I don't mind trying to write a new sql file but there are people better able to do that here than me with my limited knowhow.

    I am still very keen to help in any way so can post the outputs of anything else needed and can also set up testing systems in either Lenny or Squeeze with very little trouble.
     
  4. xabbu

    xabbu New Member

  5. CSsab

    CSsab New Member

    Hi xabbu,
    Thanks very much.

    I am having a look at it now and will let you know how I go.
     
  6. CSsab

    CSsab New Member

    Thank you for the dovecot.conf.

    I am not completely understanding step 7:

    Step 7.
    I edit

    /usr/local/ispconfig/interface/web/mail/mail_user_edit.php

    and change which part?

    This is what I have in line 261 ish.

    $sql = "UPDATE mail_user SET disableimap = '$disableimap', disablepop3 = '$disablepop3', disablesmtp = '$disablesmtp', disabledeliver = '$disabledeliver' WHERE mailuser_id = ".$this->id;
    $app->db->query($sql);


    Is this the part you mean and how should I change that?

    Thanks
     
  7. yaw

    yaw New Member

    Update?

    Did you have any success with this? I find myself in the same boat. I cannot upgrade to ispconfig 3 unless I can get dovecot 2 working.
     
  8. dgonzalezh

    dgonzalezh New Member

    I managed to get Dovecot 2 running smooth with ISPC 3.0.4

    Hi,

    After some research and tweaking and struggling with errors and errors I finally got it working fine with this sample config:

    Here it is.

    Code:
    # 2.0.15 (0cf3215cdf2d): /etc/dovecot/dovecot.conf
    # OS: Linux 2.6.32-5-xen-amd64 x86_64 Debian 6.0.3 fuse.glusterfs
    auth_anonymous_username = anonymous
    auth_cache_negative_ttl = 1 hours
    auth_cache_size = 0
    auth_cache_ttl = 1 hours
    auth_debug = no
    auth_debug_passwords = no
    auth_default_realm =
    auth_failure_delay = 2 secs
    auth_first_valid_uid = 500
    auth_gssapi_hostname =
    auth_krb5_keytab =
    auth_last_valid_uid = 0
    auth_master_user_separator =
    auth_mechanisms = plain login
    auth_realms =
    auth_socket_path = auth-userdb
    auth_ssl_require_client_cert = no
    auth_ssl_username_from_cert = no
    auth_use_winbind = no
    auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
    auth_username_format =
    auth_username_translation =
    auth_verbose = yes
    auth_verbose_passwords = no
    auth_winbind_helper_path = /usr/bin/ntlm_auth
    auth_worker_max_count = 30
    base_dir = /var/run/dovecot
    config_cache_size = 1 M
    debug_log_path =
    default_client_limit = 1000
    default_idle_kill = 60
    default_internal_user = dovecot
    default_login_user = dovenull
    default_process_limit = 100
    default_vsz_limit = 256 M
    deliver_log_format = msgid=%m: %$
    dict_db_config =
    director_doveadm_port = 0
    director_mail_servers =
    director_servers =
    director_user_expire = 15 mins
    disable_plaintext_auth = no
    dotlock_use_excl = yes
    doveadm_allowed_commands =
    doveadm_password =
    doveadm_proxy_port = 0
    doveadm_socket_path = doveadm-server
    doveadm_worker_count = 0
    first_valid_gid = 5000
    first_valid_uid = 5000
    hostname =
    imap_capability =
    imap_client_workarounds =
    imap_id_log =
    imap_id_send =
    imap_idle_notify_interval = 2 mins
    imap_logout_format = bytes=%i/%o
    imap_max_line_length = 64 k
    import_environment = TZ
    info_log_path =
    last_valid_gid = 5000
    last_valid_uid = 5000
    lda_mailbox_autocreate = yes
    lda_mailbox_autosubscribe = yes
    lda_original_recipient_header =
    libexec_dir = /usr/lib/dovecot
    listen = *, ::
    lmtp_proxy = no
    lmtp_save_to_detail_mailbox = no
    lock_method = fcntl
    log_path = syslog
    log_timestamp = "%b %d %H:%M:%S "
    login_access_sockets =
    login_greeting = DGHVoIP Server ready.
    login_log_format = %$: %s
    login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
    login_trusted_networks =
    mail_access_groups =
    mail_attachment_dir = /tmp
    mail_attachment_fs = sis posix
    mail_attachment_hash = %{sha1}
    mail_attachment_min_size = 128 k
    mail_cache_fields = flags
    mail_cache_min_mail_count = 0
    mail_chroot =
    mail_debug = yes
    mail_fsync = optimized
    mail_full_filesystem_access = no
    mail_gid = 5000
    mail_home =
    mail_location = maildir:/var/vmail/%d/%n/Maildir
    mail_log_prefix = "%s(%u): "
    mail_max_keyword_length = 50
    mail_max_lock_timeout = 0
    mail_max_userip_connections = 10
    mail_never_cache_fields = imap.envelope
    mail_nfs_index = no
    mail_nfs_storage = no
    mail_plugin_dir = /usr/lib/dovecot/modules
    mail_plugins = sieve quota
    mail_privileged_group = mail
    mail_save_crlf = no
    mail_temp_dir = /tmp
    mail_uid = 5000
    mailbox_idle_check_interval = 30 secs
    mailbox_list_index_disable = no
    maildir_copy_with_hardlinks = yes
    maildir_stat_dirs = no
    maildir_very_dirty_syncs = no
    master_user_separator =
    mbox_dirty_syncs = yes
    mbox_dotlock_change_timeout = 2 mins
    mbox_lazy_writes = yes
    mbox_lock_timeout = 5 mins
    mbox_min_index_size = 0
    mbox_read_locks = fcntl
    mbox_very_dirty_syncs = no
    mbox_write_locks = dotlock fcntl
    mdbox_preallocate_space = no
    mdbox_rotate_interval = 0
    mdbox_rotate_size = 2 M
    mmap_disable = no
    passdb {
      args = /etc/dovecot/dovecot-sql.conf.ext
      deny = no
      driver = sql
      master = no
      pass = no
    }
    plugin {
      quota = dict:user::file:/var/vmail/%d/%n/.quotausage
      quota_warning = storage=95%% quota-warning 95 %u
      quota_warning2 = storage=80%% quota-warning 80 %u
      sieve = ~/.dovecot.sieve
      sieve_dir = ~/sieve
    }
    pop3_client_workarounds =
    pop3_enable_last = no
    pop3_fast_size_lookups = no
    pop3_lock_session = no
    pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
    pop3_no_flag_updates = no
    pop3_reuse_xuidl = no
    pop3_save_uidl = no
    pop3_uidl_format = %08Xu%08Xv
    postmaster_address = postmaster@dghvoip.com
    protocols = " imap pop3"
    quota_full_tempfail = no
    recipient_delimiter = +
    rejection_reason = Your message to <%t> was automatically rejected:%n%r
    rejection_subject = Rejected: %s
    sendmail_path = /usr/sbin/sendmail
    service anvil {
      chroot = empty
      client_limit = 0
      drop_priv_before_exec = no
      executable = anvil
      extra_groups =
      group =
      idle_kill = 4294967295 secs
      privileged_group =
      process_limit = 1
      process_min_avail = 1
      protocol =
      service_count = 0
      type = anvil
      unix_listener anvil-auth-penalty {
        group =
        mode = 0600
        user =
      }
      unix_listener anvil {
        group =
        mode = 0600
        user =
      }
      user = $default_internal_user
      vsz_limit = 18446744073709551615 B
    }
    service auth-worker {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = auth -w
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol =
      service_count = 1
      type =
      unix_listener auth-worker {
        group =
        mode = 0600
        user = $default_internal_user
      }
      user =
      vsz_limit = 18446744073709551615 B
    }
    service auth {
      chroot =
      client_limit = 4096
      drop_priv_before_exec = no
      executable = auth
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 1
      process_min_avail = 0
      protocol =
      service_count = 0
      type =
    #  unix_listener auth-client {
      unix_listener /var/spool/postfix/private/auth {
        group = postfix
        mode = 0600
        user = postfix
      }
      unix_listener auth-login {
        group =
        mode = 0600
        user = $default_internal_user
      }
      unix_listener auth-master {
        group =
        mode = 0600
        user = postfix
      }
      unix_listener auth-userdb {
        group =
        mode = 0600
        user =
      }
      unix_listener login/login {
        group =
        mode = 0666
        user =
      }
      user = root
      vsz_limit = 18446744073709551615 B
    }
    service config {
      chroot =
      client_limit = 0
      drop_priv_before_exec = no
      executable = config
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol =
      service_count = 0
      type = config
      unix_listener config {
        group =
        mode = 0600
        user =
      }
      user =
      vsz_limit = 18446744073709551615 B
    }
    service dict {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = dict
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol =
      service_count = 0
      type =
      unix_listener dict {
        group =
        mode = 0600
        user =
      }
      user = $default_internal_user
      vsz_limit = 18446744073709551615 B
    }
    service director {
      chroot =
      client_limit = 0
      drop_priv_before_exec = no
      executable = director
      extra_groups =
      fifo_listener login/proxy-notify {
        group =
        mode = 00
        user =
      }
      group =
      idle_kill = 4294967295 secs
      inet_listener {
        address =
        port = 0
        ssl = no
      }
      privileged_group =
      process_limit = 1
      process_min_avail = 0
      protocol =
      service_count = 0
      type =
      unix_listener director-admin {
        group =
        mode = 0600
        user =
      }
      unix_listener director-userdb {
        group =
        mode = 0600
        user =
      }
      unix_listener login/director {
        group =
        mode = 00
        user =
      }
      user = $default_internal_user
      vsz_limit = 18446744073709551615 B
    }
    service dns_client {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = dns-client
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol =
      service_count = 0
      type =
      unix_listener dns-client {
        group =
        mode = 0666
        user =
      }
      unix_listener login/dns-client {
        group =
        mode = 0666
        user =
      }
      user = $default_internal_user
      vsz_limit = 18446744073709551615 B
    }
    service doveadm {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = doveadm-server
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol =
      service_count = 1
      type =
      unix_listener doveadm-server {
        group =
        mode = 0600
        user =
      }
      user =
      vsz_limit = 18446744073709551615 B
    }
    service imap-login {
      chroot = login
      client_limit = 0
      drop_priv_before_exec = no
      executable = imap-login
      extra_groups =
      group =
      idle_kill = 0
      inet_listener imap {
        address =
        port = 143
        ssl = no
      }
      inet_listener imaps {
        address =
        port = 993
        ssl = yes
      }
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol = imap
      service_count = 1
      type = login
      user = $default_login_user
      vsz_limit = 64 M
    }
    service imap {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = imap
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 1024
      process_min_avail = 0
      protocol = imap
      service_count = 1
      type =
      unix_listener login/imap {
        group =
        mode = 0666
        user =
      }
      user =
      vsz_limit = 18446744073709551615 B
    }
    service ipc {
      chroot = empty
      client_limit = 0
      drop_priv_before_exec = no
      executable = ipc
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 1
      process_min_avail = 0
      protocol =
      service_count = 0
      type =
      unix_listener ipc {
        group =
        mode = 0600
        user =
      }
      unix_listener login/ipc-proxy {
        group =
        mode = 0600
        user = $default_login_user
      }
      user = $default_internal_user
      vsz_limit = 18446744073709551615 B
    }
    service lmtp {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = lmtp
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol = lmtp
      service_count = 0
      type =
      unix_listener lmtp {
        group =
        mode = 0666
        user =
      }
      user =
      vsz_limit = 0
    }
    service log {
      chroot =
      client_limit = 0
      drop_priv_before_exec = no
      executable = log
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 1
      process_min_avail = 0
      protocol =
      service_count = 0
      type = log
      user =
      vsz_limit = 18446744073709551615 B
    }
    service pop3-login {
      chroot = login
      client_limit = 0
      drop_priv_before_exec = no
      executable = pop3-login
      extra_groups =
      group =
      idle_kill = 0
      inet_listener pop3 {
        address =
        port = 110
        ssl = no
      }
      inet_listener pop3s {
        address =
        port = 995
        ssl = yes
      }
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol = pop3
      service_count = 1
      type = login
      user = $default_login_user
      vsz_limit = 64 M
    }
    service pop3 {
      chroot =
      client_limit = 1
      drop_priv_before_exec = no
      executable = pop3
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 1024
      process_min_avail = 0
      protocol = pop3
      service_count = 1
      type =
      unix_listener login/pop3 {
        group =
        mode = 0666
        user =
      }
      user =
      vsz_limit = 18446744073709551615 B
    }
    service ssl-params {
      chroot =
      client_limit = 0
      drop_priv_before_exec = no
      executable = ssl-params
      extra_groups =
      group =
      idle_kill = 0
      privileged_group =
      process_limit = 0
      process_min_avail = 0
      protocol =
      service_count = 0
      type = startup
      unix_listener login/ssl-params {
        group =
        mode = 0666
        user =
      }
      user =
      vsz_limit = 18446744073709551615 B
    }
    shutdown_clients = yes
    ssl = yes
    ssl_ca =
    ssl_cert = </etc/ssl/certs/dovecot.pem
    ssl_cert_username_field = commonName
    ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
    ssl_key = </etc/ssl/private/dovecot.pem
    ssl_key_password =
    ssl_parameters_regenerate = 168
    ssl_verify_client_cert = no
    submission_host =
    syslog_facility = mail
    userdb {
      args =
      driver = prefetch
    }
    userdb {
      args = /etc/dovecot/dovecot-sql.conf.ext
      driver = sql
    }
    valid_chroot_dirs =
    verbose_auth = no
    verbose_proctitle = no
    verbose_ssl = no
    version_ignore = no
    protocol imap {
      mail_plugins = quota imap_quota
    }
    
    protocol pop3 {
      mail_plugin_dir = /usr/lib64/dovecot/modules/pop3
      mail_plugin_dir = /usr/lib64/dovecot/modules
      mail_plugins = quota
      pop3_uidl_format = %08Xu%08Xv
    }
    
    protocol lda {
      auth_socket_path = /var/run/dovecot/auth-master
      mail_plugin_dir = /usr/lib64/dovecot/modules
      mail_plugins = sieve quota
      postmaster_address = postmaster@example.com
    }
    
    long but works fine at least for me.
     
  9. CSsab

    CSsab New Member

    Hi .. I have mine working with a different dovecot.conf and sql but yours looks better researched so I'd like to try it.

    What is your "/etc/dovecot/dovecot-sql.conf.ext" please.

    Thanks in advance.
     
  10. dgonzalezh

    dgonzalezh New Member

    Well, dovecot-sql.conf, is basicallly the same as with 1.2, I just added it and it worked like a charm, check it out.

    Code:
    # If you wish to avoid two SQL lookups (passdb + userdb), you can use
    # userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
    # also have to return userdb fields in password_query prefixed with "userdb_"
    # string. For example:
    #password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
    
    driver = mysql
    connect = host=db.dghvoip.com dbname=dbispconfig user=ispconfig password=xxxxxxxxxxxxxxxx
    default_pass_scheme = CRYPT
    
    password_query = SELECT password FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
    # user_query = SELECT email AS user, maildir AS home, CONCAT('*:storage=', quota , 'B') AS quota_rule FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
    user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'
    
    
    It's the same as the one Dovecot creates; though I haven't been able to diagnose a problem in which postfix or dovecot reports that it can't find auth, though for school stuff I can't dig much into it now but I'' keep y'all posted.

    Thanks for your reply.
     
  11. CSsab

    CSsab New Member

    auth has it's own folder in /usr/lib/dovecot/modules/auth
    or more likely on your system to be /usr/lib64/dovecot/modules/auth

    It is probably looking for:

    libdriver_mysql.so

    The libraries can be in different places in the testing distros due to the need for multiarch support but you can also symlink them to the directory defined in your dovecot.conf

    Do you recreate the dovecot certificates when you install dovecot v2?

    Can you also tell me a bit about what this is for in your dovecot.conf

    service ipc {
    chroot = empty
    client_limit = 0
    drop_priv_before_exec = no
    executable = ipc
    extra_groups =
    group =
    idle_kill = 0
    privileged_group =
    process_limit = 1
    process_min_avail = 0
    protocol =
    service_count = 0
    type =
    unix_listener ipc {
    group =
    mode = 0600
    user =
    }
    unix_listener login/ipc-proxy {
    group =
    mode = 0600
    user = $default_login_user
    }


    Thanks.
     
  12. CSsab

    CSsab New Member

    Working dovecot v2 on ISPConfig 3.0.4

    I have dovecot v2 working fairly well now although this is still a testing and unsupported system. This is my dovecot.conf:
    Code:
    ## TESTING DOVECOT v2 CONFIGURATION FILE ##
    
    ssl = yes
    ssl_cert = </etc/ssl/certs/dovecot.pem
    ssl_key = </etc/ssl/private/dovecot.pem
    mail_privileged_group = mail
    auth_mechanisms = plain login
    disable_plaintext_auth = no
    first_valid_gid = 5000
    first_valid_uid = 5000
    last_valid_gid = 5000
    last_valid_uid = 5000
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    mail_location = maildir:/var/vmail/%d/%n/Maildir
    passdb {
    driver = pam
    }
    passdb {
    args = /etc/dovecot/dovecot-sql.conf
    driver = sql
    }
    plugin {
    quota = maildir
    sieve = ~/.dovecot.sieve
    sieve_dir = ~/sieve
    # sieve_global_path = /var/vmail/globalsieverc
    sieve_max_script_size = 1M
    sieve_max_actions = 32
    sieve_max_redirects = 4
    sieve_quota_max_scripts = 10
    sieve_quota_max_storage = 5M
    sieve_extensions = +notify +imapflags
    recipient_delimiter = +
    }
    protocols = imap pop3 sieve lmtp
    service auth {
    unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    group = postfix
    user = postfix
    }
    unix_listener auth-master {
    mode = 0600
    user = vmail
    }
    user = root
    }
    service imap {
    executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/imap
    }
    service pop3 {
    executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/pop3
    }
    userdb {
    driver = passwd
    }
    userdb {
    args = /etc/dovecot/dovecot-sql.conf
    driver = sql
    }
    protocol imap {
    mail_plugin_dir = /usr/lib/dovecot/modules
    mail_plugins = quota imap_quota
    }
    protocol pop3 {
    mail_plugin_dir = /usr/lib/dovecot/modules
    mail_plugins = quota
    pop3_uidl_format = %08Xu%08Xv
    }
    protocol lda {
    auth_socket_path = /var/run/dovecot/auth-master
    mail_plugin_dir = /usr/lib/dovecot/modules
    mail_plugins = $mail_plugins
    quota_full_tempfail = no
    rejection_reason = Your message to <%t> was automatically rejected:%n%r
    recipient_delimiter = +
    lda_original_recipient_header = X-Original-To
    lda_mailbox_autocreate = no
    lda_mailbox_autosubscribe = no
    sendmail_path = /usr/sbin/sendmail
    hostname = (hidden)
    postmaster_address = postmaster@(hidden)
    }
    service managesieve-login {
    inet_listener sieve {
    port = 4190
    }
    service_count = 1
    process_min_avail = 10
    vsz_limit = 64M
    }
    
    service managesieve {
    }
    
    protocol sieve {
    managesieve_max_line_length = 65536
    mail_max_userip_connections = 10
    mail_plugins =
    managesieve_logout_format = bytes=%i/%o
    managesieve_max_compile_errors = 5
    }
    
    lmtp_save_to_detail_mailbox = yes
    protocol lmtp {
    mail_plugins = $mail_plugins
    }
    service lmtp {
    inet_listener lmtp {
    address = xxx.xxx.xxx.xxx 127.0.0.1
    port = 24
    }
    unix_listener lmtp {
    mode = 0600
      }
    }
    
    There is no need to change any tables in the ispconfig mysql database since Till has changed the mailuser edit part of the code.

    I changed the dovecot.sql file since I was having some errors to what xabbu suggested in the earlier posts:

    Code:
    user_query = SELECT email as user, maildir as home, CONCAT(maildir, '/Maildir') as mail, uid, gid, concat('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'
    In roundcube I use the managesieve plugin from roundcube which connects to the managesieve server (change the port in the plugin script from 2000 to 4190) and implements client side sieve filter sets. You need dovecot-managesieved running to make it all work.

    Still working on better dovecot.conf and I am trying out some of dgonzalezh suggestions. I can send and receive mail from my first mailserver and domain but only send and not receive from a second mail server in the setup. Likely my dns settings are not right for the second mail server.

    Hope this helps someone.
     
  13. cbj4074

    cbj4074 HowtoForge Supporter

    I wondered how to get Dovecot 2 working with ISPConfig 3.0.4, too.

    I already had Dovecot 1.2.9 working very reliably with ISPConfig 3.0.4 on Ubuntu 10.04 LTS. But certain Dovecot plug-ins, e.g. Antispam, seem not to work reliably (if at all) with such old versions of Dovecot.

    The first challenge was installing Dovecot 2 on Ubuntu 10.04. Fortunately, some kind soul had already built a back-ported package, which made the process pretty simple: https://launchpad.net/~christian-roessner-net/ archive/dovecot

    Here are the required steps, which should upgrade Dovecot to 2.1.9 (I'm using ISPConfig 3.0.4.6):

    Code:
    # apt-get install python-software-properties
    # add-apt-repository ppa:christian-roessner-net/dovecot
    # apt-get update
    # apt-get dist-upgrade
    
    Perhaps ISPConfig >= 3.0.4.3 generates its own configuration file from a template, but that was not an option for me. (Unless there is some way to force ISPConfig to reconfigure services, when no upgrade is available; as yet, this question remains unanswered: http://www.howtoforge.com/forums/showthread.php?t=46329 .)

    I let Dovecot do most of the heavy-lifting here. I just fed my old configuration file through Dovecot's configuration updater utility:

    Code:
    # doveconf -n -c /root/dovecot.old.conf > /etc/dovecot/dovecot.conf
    
    The results were not perfect, but Dovecot resolved, or warned about, almost every issue.

    The only "fatal" item that Dovecot was not able to update was

    Code:
    mail_plugin_dir = /usr/lib/dovecot/modules/lda
    
    to

    Code:
    mail_plugin_dir = /usr/lib/dovecot/dovecot-lda
    
    Without further ado, here's my configuration file, which seems to work.

    (I have Quota and Sieve installed, which is reflected in this configuration; also, be sure to change the paths to the SSL key and certificate, or comment-out those lines. Finally, the protocol lda {"mail_plugin_dir"} value may be architecture-dependent on some systems, so ensure that the path is correct for the given system.)

    Code:
    auth_mechanisms = plain login
    
    base_dir = /var/run/dovecot/
    
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    
    login_greeting = ISPConfig3 IMAP server ready...
    
    mail_gid = 5000
    mail_location = maildir:/var/vmail/%d/%n/Maildir
    mail_privileged_group = mail
    mail_uid = 5000
    
    passdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    
    plugin {
      quota = dict:user::file:/var/vmail/%d/%n/.quotausage
      sieve = /var/vmail/%d/%n/.sieve
    }
    
    protocols = imap pop3
    
    service auth {
      unix_listener /var/spool/postfix/private/auth {
        group = postfix
        mode = 0660
        user = postfix
      }
      unix_listener auth-master {
        mode = 0600
        user = vmail
      }
    }
    
    service imap {
      executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/imap
    }
    
    service pop3 {
      executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/pop3
    }
    
    ssl = yes
    ssl_cert = </root/ssl/your-ssl.crt
    ssl_cipher_list = ALL:!LOW:!SSLv2
    ssl_key = </root/ssl/your-ssl.key
    verbose_ssl = no
    ssl_parameters_regenerate = 168 hours
    
    userdb {
      driver = prefetch
    }
    
    userdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    
    protocol imap {
      mail_plugins = quota imap_quota
    }
    
    protocol pop3 {
      mail_plugins = quota
      pop3_uidl_format = %08Xu%08Xv
    }
    
    protocol lda {
      auth_socket_path = /var/run/dovecot/auth-master
      mail_plugin_dir = /usr/lib64/dovecot/modules
      mail_plugins = sieve quota
      postmaster_address = postmaster@my-domain.tld
    }
    
    
    As others have mentioned elsewhere in this thread, it was not necessary to modify /etc/dovecot/dovecot-sql.conf; it worked "out-of-the-box".

    After upgrading Dovecot, you may wish to start it manually (instead of with the init script), which provides additional visibility into any problems:

    Code:
    # /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
    
    Concerning Sieve, the same gentleman created a back-ported package for Ubuntu 10.04:

    Code:
    # apt-get install dovecot-pigeonhole
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    The following packages were automatically installed and are no longer required:
      liblockfile1 lockfile-progs ntpdate
    Use 'apt-get autoremove' to remove them.
    Suggested packages:
      ufw
    The following NEW packages will be installed:
      dovecot-pigeonhole
    0 upgraded, 1 newly installed, 0 to remove and 8 not upgraded.
    Need to get 718kB of archives.
    After this operation, 2265kB of additional disk space will be used.
    Get:1 http://ppa.launchpad.net/christian-roessner-net/dovecot/ubuntu/ lucid/main dovecot-pigeonhole 0.3.1-3~rns~lucid [718kB]
    Fetched 718kB in 0s (810kB/s)
    Selecting previously deselected package dovecot-pigeonhole.
    (Reading database ... 73905 files and directories currently installed.)
    Unpacking dovecot-pigeonhole (from .../dovecot-pigeonhole_0.3.1-3~rns~lucid_amd64.deb) ...
    Setting up dovecot-pigeonhole (0.3.1-3~rns~lucid) ...
    
    Creating config file /etc/dovecot/conf.d/20-managesieve.conf with new version
    
    Creating config file /etc/dovecot/conf.d/90-sieve.conf with new version
    
    Sieve seems to work as expected. A cursory test indicates that rules defined through ISPConfig are processed correctly.

    I have not yet tested Quota.

    I will post again with any corrections or updates.
     
  14. cbj4074

    cbj4074 HowtoForge Supporter

    Default ISPConfig 3 Dovecot 2 Configuration

    For reference, this is the stock ISPConfig 3 template (with the variables parsed into actual values) as of version 3.0.4.6.

    I am posting this information for those who accidentally butcher their Dovecot 2 configurations and need a "clean slate" or a point of comparison.

    Code:
    protocols = imap pop3
    auth_mechanisms = plain login
    disable_plaintext_auth = no
    log_timestamp = "%Y-%m-%d %H:%M:%S "
    mail_privileged_group = vmail
    ssl_cert = </etc/postfix/smtpd.cert
    ssl_key = </etc/postfix/smtpd.key
    passdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    userdb {
      args = /etc/dovecot/dovecot-sql.conf
      driver = sql
    }
    plugin {
      quota = dict:user::file:/var/vmail/%d/%n/.quotausage
      sieve=/var/vmail/%d/%n/.sieve
    }
    service auth {
      unix_listener /var/spool/postfix/private/auth {
        group = postfix
        mode = 0660
        user = postfix
      }
      unix_listener auth-userdb {
        group = vmail
        mode = 0600
        user = vmail
      }
      user = root
    }
    protocol imap {
      mail_plugins = quota imap_quota
    }
    protocol pop3 {
      pop3_uidl_format = %08Xu%08Xv
      mail_plugins = quota
    }
    protocol lda {
      mail_plugins = sieve quota
    }
    
     

Share This Page