Dovecot
(→Main configuration: restrict UIDs) |
(→Configuration: authentication) |
||
| Line 29: | Line 29: | ||
first_valid_uid = 107 | first_valid_uid = 107 | ||
last_valid_uid = 107 | last_valid_uid = 107 | ||
| + | |||
| + | === Authorization === | ||
| + | We use PLAIN authorization using a SQLite password database, and static user info mapping: | ||
| + | |||
| + | auth default { | ||
| + | mechanisms = plain | ||
| + | |||
| + | passdb sql { | ||
| + | args = /etc/dovecot/dovecot-sql.conf | ||
| + | } | ||
| + | |||
| + | userdb static { | ||
| + | args = uid=107 gid=112 | ||
| + | } | ||
| + | } | ||
=== SQL configuration === | === SQL configuration === | ||
| Line 39: | Line 54: | ||
The default password hashing scheme is Salted SSHA-1: | The default password hashing scheme is Salted SSHA-1: | ||
default_pass_scheme = SSHA | default_pass_scheme = SSHA | ||
| + | |||
| + | To obtain the password field for a given username, the following SQL query is used: | ||
| + | password_query = SELECT localpart||'@'||domain AS user, password FROM account WHERE localpart='%n' AND domain='%d' | ||
| + | Escaping of the username is handled by Dovecot, see the main configuration file. | ||
== See also == | == See also == | ||
Revision as of 19:35, 14 May 2007
Dovecot is an IMAP and POP3 server, and is used on Wikimedia's IMAP server sanger.
Dovecot can be installed from the Ubuntu dovecot-imap package, which also pulls in dovecot-common.
Contents |
Configuration
The configuration file resides in /etc/dovecot/dovecot.conf. Dovecot has very reasonable defaults, so not many settings need to be changed.
Main configuration
Protocols
We only support IMAP over SSL/TLS:
protocols = imaps
Mail location
As we have a unified virtual users IMAP setup, the Maildir directory can be determined using a template:
mail_location = maildir:/var/vmail/%d/%n
Mail extra groups
The Ubuntu default configuration has group mail added by default; this is not needed in our configuration.
#mail_extra_groups = mail
Maildir optimizations
When copying a message, do it with hard links whenever possible. This makes the performance much better, and it's unlikely to have any side effects.
maildir_copy_with_hardlinks = yes
Mail processes
Restrict allowed UIDs to be used for accessing mail to precisely the vmail UID:
first_valid_uid = 107 last_valid_uid = 107
Authorization
We use PLAIN authorization using a SQLite password database, and static user info mapping:
auth default {
mechanisms = plain
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb static {
args = uid=107 gid=112
}
}
SQL configuration
Details of SQL queries are specified in the file /etc/dovecot/dovecot-sql.conf.
We're using SQLite:
driver = sqlite connect = /var/vmaildb/user.db
The default password hashing scheme is Salted SSHA-1:
default_pass_scheme = SSHA
To obtain the password field for a given username, the following SQL query is used:
password_query = SELECT localpart||'@'||domain AS user, password FROM account WHERE localpart='%n' AND domain='%d'
Escaping of the username is handled by Dovecot, see the main configuration file.
See also
- Mail for Dovecot LDA configuration, and the rest of the mail system.
