Initial configuration required from installation of Dovecot on CentOS to startup.
Publication date:January 4, 2021
INFOMARTION > Initial configuration required from installation of Dovecot on CentOS to startup.
summary
This is the initial configuration procedure required to install and start Dovecot on CentOS. This description assumes CentOS7. The incoming protocols are configured as imaps (IMAP over SSL) and pop3s (POP3 over SSL).
Since it is set up in conjunction with Postfix, please also set up Postfix from here in advance.
The versions are as follows
| CentOS Version | 7.6 (1810) |
|---|---|
| Postfix Version | 2.10.1 |
| Dovecot Version | 2.2.36 |
Table of Contents
1. install
This section describes the setup of Dovecot from installation to startup.
1-1. Installing Dovecot
Execute Dovecot installation by yum command. Please work as root user.
[username@hostname ~]$ su -
[root@hostname ~]# yum -y install dovecot
1-2. Startup Confirmation
To confirm that the installation was successful, check the startup. Note that Dovecot does not require start as an argument when starting.
[root@hostname ~]# /usr/sbin/dovecot
[root@hostname ~]# ps aux | grep dovecot
root 1470 0.0 0.1 16092 1156 ? Ss 18:38 0:00 /usr/sbin/dovecot
dovecot 1471 0.0 0.1 9752 1120 ? S 18:38 0:00 dovecot/anvil
root 1472 0.0 0.1 9884 1320 ? S 18:38 0:00 dovecot/log
root 1474 0.0 0.2 12916 2384 ? S 18:38 0:00 dovecot/config
root 1476 0.0 0.0 112824 968 pts/0 R+ 18:38 0:00 grep --color=auto dovecot
If there is a process running as dovecot user as described above, it is OK. Let's stop it.
[root@hostname ~]# /usr/sbin/dovecot stop
2. Setting details
2-1. initialization
We will set up the initial configuration of Dovecot.
[root@hostname ~]# vi /etc/dovecot/dovecot.conf
Correct as follows
#protocols = imap pop3 lmtp
~omission~
#listen = *, ::
~omission~
#login_greeting = Dovecot ready.
protocols = imap pop3
~omission~
listen = *
~omission~
login_greeting = pop3 and imap ready.
protocols" specifies the protocols to connect to Dovecot.
listen" is the IP to be allowed to connect. Since it is "*", there are no restrictions on the IP to connect to. If you have a specific IP to connect to, specify a specific IP for security. The "::" is a setting for IPv6, but since IPv6 will not be used this time, delete it. By deleting it, only IPv4 will be accepted.
login_greeting" is the message when connecting. It is not necessary to change it, but for security purposes, change the message so that no one will know it is dovecot when they connect.
2-2. POP3 and IMAP Settings
We will be configuring port 110, the well-known port for POP3, and port 143, the well-known port for IMAP. We would like to use the authentication method in conjunction with Postfix for authentication.
[root@hostname ~]# vi /etc/dovecot/conf.d/10-master.conf
Correct as follows
service imap-login {
inet_listener imap {
#port = 143
}
~omission~
service pop3-login {
inet_listener pop3 {
#port = 110
}
service imap-login {
inet_listener imap {
port = 143
}
~omission~
service pop3-login {
inet_listener pop3 {
port = 110
}
2-3. Dovecot Authentication Method Settings
Add login to the Dovecot authentication method.
[root@hostname ~]# vi /etc/dovecot/conf.d/10-auth.conf
Correct as follows
#disable_plaintext_auth = yes
~omission~
auth_mechanisms = plain
disable_plaintext_auth = no
~omission~
auth_mechanisms = login plain
2-4. Changed mail storage method to "Maildir" format
Set the mail storage location to each user's home directory (under "/home/xxx/").
[root@hostname ~]# vi /etc/dovecot/conf.d/10-mail.conf
Correct as follows
#mail_location =
~omission~
namespace inbox {
# Namespace type: private, shared or public
#type = private
# Hierarchy separator to use. You should use the same separator for all
# namespaces or some clients get confused. '/' is usually a good one.
# The default however depends on the underlying mail storage format.
#separator =
# Prefix required to access this namespace. This needs to be different for
# all namespaces. For example "Public/".
#prefix =
# Physical location of the mailbox. This is in same format as
# mail_location, which is also the default for it.
#location =
mail_location = maildir:~/Maildir
~omission~
namespace inbox {
# Namespace type: private, shared or public
#type = private
# Hierarchy separator to use. You should use the same separator for all
# namespaces or some clients get confused. '/' is usually a good one.
# The default however depends on the underlying mail storage format.
#separator =
# Prefix required to access this namespace. This needs to be different for
# all namespaces. For example "Public/".
#prefix =
# Physical location of the mailbox. This is in same format as
# mail_location, which is also the default for it.
location = maildir:~/Maildir
2-5. Authentication Settings
Enable ssl settings.
[root@hostname ~]# vi /etc/dovecot/conf.d/10-ssl.conf
Correct as follows
ssl = required
~omission~
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
ssl = required
~omission~
ssl_cert = </etc/pki/tls/certs/localhost.crt
ssl_key = </etc/pki/tls/private/localhost.key
Set "ssl_cert" and "ssl_key" according to your environment. Set the path where the server certificate is stored.
SSL settings are required in advance, so if you have not set up SSL settings, please do so first. Please refer to the following.
Initial configuration required from installation of Apache on CentOS to startup
Next, configure settings related to passwords. Use "auth-system.conf.ext".
[root@hostname ~]# vi /etc/dovecot/conf.d/auth-system.conf.ext
Correct as follows
passdb {
driver = pam
# [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
# [cache_key=<key>] [<service name>]
#args = dovecot
}
~omission~
#passdb {
#driver = shadow
# [blocking=no]
#args =
#}
#passdb {
#driver = pam
# [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
# [cache_key=<key>] [<service name>]
#args = dovecot
#}
~omission~
passdb {
driver = shadow
# [blocking=no]
#args =
}
2-6. Startup Confirmation
The configuration is now complete, so check to see if Dovecot starts with the configuration completed. Note that "start" is not required as an argument.
[root@hostname ~]# /usr/sbin/dovecot
[root@hostname ~]# ps aux | grep dovecot
root 1716 0.0 0.1 16092 1184 ? Ss 22:09 0:00 /usr/sbin/dovecot
dovecot 1717 0.0 0.1 9752 1120 ? S 22:09 0:00 dovecot/anvil
root 1718 0.0 0.1 9884 1312 ? S 22:09 0:00 dovecot/log
root 1720 0.5 0.2 12916 2396 ? S 22:09 0:00 dovecot/config
root 1722 0.0 0.0 112824 972 pts/0 S+ 22:09 0:00 grep --color=auto dovecot
If there is a process running as the dovecot user as described above, the configuration has been successfully completed and the process is running. Now that the startup has been confirmed, let's stop the process.
[root@hostname ~]# /usr/sbin/dovecot stop
2-7. Automatic startup setting
Lastly, although it is not required, it is hard to start Dovecot every time the server is rebooted, so we will configure Dovecot to start automatically when the server is started. Register the systemctl command to the systemctl command. Please note that this procedure is for CentOS7, so if you are using other than CentOS7, you need to use the Service command.
Check if "/usr/lib/systemd/system/dovecot.service" exists. If not, create "dovecot.service" as follows Execute as root user.
[root@hostname ~]# touch /etc/systemd/system/dovecot.service
[root@hostname ~]# vi /etc/systemd/system/dovecot.service
The following information is provided
[Unit]
#Description.
Description=Dovecot
#Control before and after execution
#Before=xxx.service
After = network.target
[Service]
#User and group designation
User=root
Group=root
#Once activated, set the status to Activated.
Type=oneshot
RemainAfterExit=yes
#Start, stop, reload
ExecStart=/usr/sbin/dovecot
ExecStop=/usr/sbin/dovecot stop
ExecReload=/usr/sbin/dovecot reload
[Install]
#runlevel3 equivalent setting
WantedBy=multi-user.target
Next, register it with the systemctl command.
[root@hostname ~]# systemctl enable dovecot
[root@hostname ~]# systemctl is-enabled dovecot
enabled
[root@hostname ~]# systemctl list-unit-files --type=service | grep dovecot
dovecot.service enabled
[root@hostname ~]# systemctl daemon-reload
3. summary
We have described the initial configuration required when Dovecot is installed.
I struggled with the setup quite a bit, so if you are building a Dovecot, please refer to this page.
Thank you for taking the time to read this to the end.
■INFORMATION
Please click here to go to the top page of INFORMATION.
■PROFILE
Please click here to view the profile.
■For inquiries, please contact