====== Initial preparation ======
First of all, you need to install the application package. Next, you need to delete the standard settings files, since we will not use them in this project.
Installing the package:
doas pkg_add -v dovecot
Deleting standard configuration files:
cd /etc/dovecot/
doas rm -rf *
====== Postman creation ======
For the safe operation of the mail system, you need to create an additional user. We also create a folder for storing user mailboxes.
doas groupadd -ov -g 1100 mailman
doas useradd -v -d /var/spool/vmail -g 1100 -s /sbin/nologin -u 1100 -c "Mail man" mailman
doas mkdir -p /var/spool/vmail
doas chown mailman:mailman /var/spool/vmail
====== Setting service limits ======
By default, resource limits are set for system services. But they are not enough for normal operation of the mail service, so you need to specify an additional value.
/etc/login.conf:
dovecot:\
:openfiles-cur=1024:\
:openfiles-max=2048:\
:tc=daemon:
====== Generating encryption keys ======
In this project, letters will be stored on the server disk in encrypted form. Therefore, you need to create encryption keys.
cd ~/
openssl ecparam -name prime256v1 -genkey | openssl pkey -out ecprivkey.pem
openssl pkey -in ecprivkey.pem -pubout -out ecpubkey.pem
doas mv ecprivkey.pem /etc/dovecot/ecprivkey.pem
doas mv ecpubkey.pem /etc/dovecot/ecpubkey.pem
doas chown _dovecot:_dovecot /etc/dovecot/ecprivkey.pem
doas chown _dovecot:_dovecot /etc/dovecot/ecpubkey.pem
doas chmod 600 /etc/dovecot/ecpubkey.pem
doas chmod 400 /etc/dovecot/ecprivkey.pem
====== Config file for Dovecot ======
doas touch /etc/dovecot/dovecot.conf
# Dovecot configuration file for my project
protocols = imap lmtp
mail_plugins = $mail_plugins quota mail_crypt
service imap-login {
inet_listener imap {
address = *
port = 143
}
inet_listener imaps {
address = *
port = 993
ssl = yes
}
user = _dovecot
group = _dovecot
executable = /usr/local/libexec/dovecot/imap-login
}
service auth {
user = _dovecot
group = _dovecot
executable = /usr/local/libexec/dovecot/auth
}
service lmtp {
unix_listener lmtp {
mode = 0600
user = mailman
group = mailman
}
executable = /usr/local/libexec/dovecot/lmtp
}
service quota-warning {
executable = script /usr/local/libexec/dovecot/quota-warning.sh
unix_listener quota-warning {
mode = 0600
user = mailman
group = mailman
}
}
plugin {
mail_crypt_global_private_key =
====== Quota exceeded notifications ======
In this project, notifications will be sent to the user when the quota chapel is reached. For this feature to work, you need to create an additional script.
doas touch /usr/local/libexec/dovecot/quota-warning.sh
doas chmod +x /usr/local/libexec/dovecot/quota-warning.sh
/usr/local/libexec/dovecot/quota-warning.sh:
#!/bin/sh
cat << EOF | /usr/local/libexec/dovecot/dovecot-lda -d $2 -o "plugin/quota=maildir:User quota:noenforcing"
From: admin@example.com
Subject: Quota warning
Your mailbox is now $1% full.
EOF
====== Create user file ======
Next, you need to create a site with users, which will be used to authorize users in the system.
doas touch /etc/dovecot/users.txt
And we create our first user
doveadm pw -s BLF-CRYPT -u admin@example.com
/etc/dovecot/users.txt:
admin@example.com:{BLF-CRYPT}$2y$05$nigbXBiayNV/OaDAdS3aqOBlN.rcvkrOyfv6Y4QJl9RTT7jxA4sXC
====== Restricting access to settings ======
doas chmod 640 /etc/dovecot/dovecot.conf
doas chmod 640 /etc/dovecot/users.txt
====== First start ======
doas rcctl -d enable dovecot
doas rcctl -d start dovecot
doas rcctl -d start dovecot
doing _rc_parse_conf
doing _rc_quirks
dovecot_flags empty, using default ><
doing rc_check
dovecot
doing rc_start
doing _rc_wait start
doing rc_check
doing _rc_write_runfile
(ok)