====== Initial preparation ====== First of all, you need to install the application package. Next, you need to delete the standard settings files, since we will not use them in this project. Installing the package: doas pkg_add -v dovecot Deleting standard configuration files: cd /etc/dovecot/ doas rm -rf * ====== Postman creation ====== For the safe operation of the mail system, you need to create an additional user. We also create a folder for storing user mailboxes. doas groupadd -ov -g 1100 mailman doas useradd -v -d /var/spool/vmail -g 1100 -s /sbin/nologin -u 1100 -c "Mail man" mailman doas mkdir -p /var/spool/vmail doas chown mailman:mailman /var/spool/vmail ====== Setting service limits ====== By default, resource limits are set for system services. But they are not enough for normal operation of the mail service, so you need to specify an additional value. /etc/login.conf: dovecot:\ :openfiles-cur=1024:\ :openfiles-max=2048:\ :tc=daemon: ====== Generating encryption keys ====== In this project, letters will be stored on the server disk in encrypted form. Therefore, you need to create encryption keys. cd ~/ openssl ecparam -name prime256v1 -genkey | openssl pkey -out ecprivkey.pem openssl pkey -in ecprivkey.pem -pubout -out ecpubkey.pem doas mv ecprivkey.pem /etc/dovecot/ecprivkey.pem doas mv ecpubkey.pem /etc/dovecot/ecpubkey.pem doas chown _dovecot:_dovecot /etc/dovecot/ecprivkey.pem doas chown _dovecot:_dovecot /etc/dovecot/ecpubkey.pem doas chmod 600 /etc/dovecot/ecpubkey.pem doas chmod 400 /etc/dovecot/ecprivkey.pem ====== Config file for Dovecot ====== doas touch /etc/dovecot/dovecot.conf # Dovecot configuration file for my project protocols = imap lmtp mail_plugins = $mail_plugins quota mail_crypt service imap-login { inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 993 ssl = yes } user = _dovecot group = _dovecot executable = /usr/local/libexec/dovecot/imap-login } service auth { user = _dovecot group = _dovecot executable = /usr/local/libexec/dovecot/auth } service lmtp { unix_listener lmtp { mode = 0600 user = mailman group = mailman } executable = /usr/local/libexec/dovecot/lmtp } service quota-warning { executable = script /usr/local/libexec/dovecot/quota-warning.sh unix_listener quota-warning { mode = 0600 user = mailman group = mailman } } plugin { mail_crypt_global_private_key = ====== Quota exceeded notifications ====== In this project, notifications will be sent to the user when the quota chapel is reached. For this feature to work, you need to create an additional script. doas touch /usr/local/libexec/dovecot/quota-warning.sh doas chmod +x /usr/local/libexec/dovecot/quota-warning.sh /usr/local/libexec/dovecot/quota-warning.sh: #!/bin/sh cat << EOF | /usr/local/libexec/dovecot/dovecot-lda -d $2 -o "plugin/quota=maildir:User quota:noenforcing" From: admin@example.com Subject: Quota warning Your mailbox is now $1% full. EOF ====== Create user file ====== Next, you need to create a site with users, which will be used to authorize users in the system. doas touch /etc/dovecot/users.txt And we create our first user doveadm pw -s BLF-CRYPT -u admin@example.com /etc/dovecot/users.txt: admin@example.com:{BLF-CRYPT}$2y$05$nigbXBiayNV/OaDAdS3aqOBlN.rcvkrOyfv6Y4QJl9RTT7jxA4sXC ====== Restricting access to settings ====== doas chmod 640 /etc/dovecot/dovecot.conf doas chmod 640 /etc/dovecot/users.txt ====== First start ====== doas rcctl -d enable dovecot doas rcctl -d start dovecot doas rcctl -d start dovecot doing _rc_parse_conf doing _rc_quirks dovecot_flags empty, using default >< doing rc_check dovecot doing rc_start doing _rc_wait start doing rc_check doing _rc_write_runfile (ok)