Dovecot

From Wikitech
Revision as of 16:03, 19 May 2007 by Mark (Talk | contribs)

Jump to: navigation, search

Dovecot is an IMAP and POP3 server, and is used on Wikimedia's IMAP server sanger.

Dovecot can be installed from the Ubuntu dovecot-imap package, which also pulls in dovecot-common.

Contents

Configuration

The configuration file resides in /etc/dovecot/dovecot.conf. Dovecot has very reasonable defaults, so not many settings need to be changed.

Main configuration

Protocols

We only support IMAP over SSL/TLS: 

protocols = imaps

Mail location

As we have a unified virtual users IMAP setup, the Maildir directory can be determined using a template: 

mail_location = maildir:/var/vmail/%d/%n

Mail extra groups

The Ubuntu default configuration has group mail added by default; this is not needed in our configuration. 

#mail_extra_groups = mail

Maildir optimizations

When copying a message, do it with hard links whenever possible. This makes the performance much better, and it's unlikely to have any side effects. 

maildir_copy_with_hardlinks = yes

Mail processes

Restrict allowed UIDs to be used for accessing mail to precisely the vmail UID: 

first_valid_uid = 107
last_valid_uid = 107

Protocol IMAP

Two plugins are loaded for quota support. The quota plugin enforces the actual quotas, imap_quota supports quota information over the IMAP protocol for clients that support it. 

protocol imap {
  mail_plugins = quota imap_quota
}

Authorization

We use PLAIN authorization using a SQLite password database. We could use the static user db mapping, if it weren't for per-user quota support. Therefore we (ab)use the SQL language to achieve the same result (see below). 

auth default {
  mechanisms = plain

  passdb sql {
    args = /etc/dovecot/dovecot-sql.conf
  }

  userdb sql {
    args = /etc/dovecot/dovecot-sql.conf
  }
}

SQL configuration

Details of SQL queries are specified in the file /etc/dovecot/dovecot-sql.conf.

We're using SQLite: 

driver = sqlite
connect = /var/vmaildb/user.db

The default password hashing scheme is Salted SSHA-1: 

default_pass_scheme = SSHA

To obtain the password field for a given username, the following SQL query is used: 

password_query = SELECT localpart||'@'||domain AS user, password FROM account WHERE localpart='%n' AND domain='%d'

Escaping of the username is handled by Dovecot, see the main configuration file.

The user database query is only needed because of the quota field: 

user_query = SELECT '107' AS uid, '112' AS gid, 'maildir:ignore=Trash:storage='||quota AS quota FROM account WHERE localpart='%n' AND domain='%d'

See also

  • Mail for Dovecot LDA configuration, and the rest of the mail system.

External documentation

Retrieved from "http://wikitech-old.wikimedia.org/index.php?title=Dovecot&oldid=12336"
Personal tools
Namespaces

Variants
Actions
Navigation
Ops documentation
Wiki
Toolbox