Dovecot
(→Configuration: authentication) |
(→Configuration: update with quota support) |
||
| Line 29: | Line 29: | ||
first_valid_uid = 107 | first_valid_uid = 107 | ||
last_valid_uid = 107 | last_valid_uid = 107 | ||
| + | |||
| + | === Protocol IMAP === | ||
| + | Two plugins are loaded for ''quota support''. The ''quota'' plugin enforces the actual quotas, ''imap_quota'' supports quota information over the IMAP protocol for clients that support it. | ||
| + | protocol imap { | ||
| + | mail_plugins = quota imap_quota | ||
| + | } | ||
=== Authorization === | === Authorization === | ||
| − | We use PLAIN authorization using a SQLite password database | + | We use PLAIN authorization using a SQLite password database. We could use the ''static'' user db mapping, if it weren't for per-user quota support. Therefore we (ab)use the SQL language to achieve the same result (see [[#SQL configuration|below]]). |
auth default { | auth default { | ||
| Line 39: | Line 45: | ||
args = /etc/dovecot/dovecot-sql.conf | args = /etc/dovecot/dovecot-sql.conf | ||
} | } | ||
| − | + | ||
| − | userdb | + | userdb sql { |
| − | args = | + | args = /etc/dovecot/dovecot-sql.conf |
} | } | ||
} | } | ||
| Line 58: | Line 64: | ||
password_query = SELECT localpart||'@'||domain AS user, password FROM account WHERE localpart='%n' AND domain='%d' | password_query = SELECT localpart||'@'||domain AS user, password FROM account WHERE localpart='%n' AND domain='%d' | ||
Escaping of the username is handled by Dovecot, see the main configuration file. | Escaping of the username is handled by Dovecot, see the main configuration file. | ||
| + | |||
| + | The user database query is only needed because of the quota field: | ||
| + | user_query = SELECT '107' AS uid, '112' AS gid, 'maildir:ignore=Trash:storage='||quota AS quota FROM account WHERE localpart='%n' AND domain='%d' | ||
== See also == | == See also == | ||
Revision as of 16:02, 19 May 2007
Dovecot is an IMAP and POP3 server, and is used on Wikimedia's IMAP server sanger.
Dovecot can be installed from the Ubuntu dovecot-imap package, which also pulls in dovecot-common.
Contents |
Configuration
The configuration file resides in /etc/dovecot/dovecot.conf. Dovecot has very reasonable defaults, so not many settings need to be changed.
Main configuration
Protocols
We only support IMAP over SSL/TLS:
protocols = imaps
Mail location
As we have a unified virtual users IMAP setup, the Maildir directory can be determined using a template:
mail_location = maildir:/var/vmail/%d/%n
Mail extra groups
The Ubuntu default configuration has group mail added by default; this is not needed in our configuration.
#mail_extra_groups = mail
Maildir optimizations
When copying a message, do it with hard links whenever possible. This makes the performance much better, and it's unlikely to have any side effects.
maildir_copy_with_hardlinks = yes
Mail processes
Restrict allowed UIDs to be used for accessing mail to precisely the vmail UID:
first_valid_uid = 107 last_valid_uid = 107
Protocol IMAP
Two plugins are loaded for quota support. The quota plugin enforces the actual quotas, imap_quota supports quota information over the IMAP protocol for clients that support it.
protocol imap {
mail_plugins = quota imap_quota
}
Authorization
We use PLAIN authorization using a SQLite password database. We could use the static user db mapping, if it weren't for per-user quota support. Therefore we (ab)use the SQL language to achieve the same result (see below).
auth default {
mechanisms = plain
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
}
SQL configuration
Details of SQL queries are specified in the file /etc/dovecot/dovecot-sql.conf.
We're using SQLite:
driver = sqlite connect = /var/vmaildb/user.db
The default password hashing scheme is Salted SSHA-1:
default_pass_scheme = SSHA
To obtain the password field for a given username, the following SQL query is used:
password_query = SELECT localpart||'@'||domain AS user, password FROM account WHERE localpart='%n' AND domain='%d'
Escaping of the username is handled by Dovecot, see the main configuration file.
The user database query is only needed because of the quota field:
user_query = SELECT '107' AS uid, '112' AS gid, 'maildir:ignore=Trash:storage='||quota AS quota FROM account WHERE localpart='%n' AND domain='%d'
See also
- Mail for Dovecot LDA configuration, and the rest of the mail system.
