Skip to content

Server configuration: Dovecot v.1

Jump to bottom Edit New page
MrSleeps edited this page Aug 9, 2016 · 4 revisions

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. This page explains how to configure Dovecot to authenticate users using Vexim database and serve them their e-mail.

Note: this manual is for Dovecot v.1. If you are using Dovecot v.2, you should refer to the other manual instead. Also note that this manual is not being maintained and might become outdated as Vexim development progresses. You are welcome to improve it however. It was written based on personal experience setting up Dovecot 1.2.15 to work with Vexim under Debian 6.0 (Squeeze).

Setting up Dovecot v.1 to work with Vexim is indeed rather trivial:

  1. Edit /etc/dovecot/dovecot.conf. It is documented rather extensively, at least in Debian, so I won't go through everything. The things I had to change for Vexim auth to work were the following:

    • first_valid_uid must be low enough for vexim user to be able to log in. For example:

      first_valid_uid = 100

    • comment out the passdb pam block, and uncomment the passdb sql block instead. My passdb sql looks like this:

      passdb sql {
  # Path for SQL configuration file
  args = /etc/dovecot/dovecot-sql.conf
}

    • I have also uncommented the userdb prefetch block:

      userdb prefetch {
}

  2. Edit /etc/dovecot/dovecot-sql.conf. Again, it is well documented, so I won't go into detail. With comments stripped out, my dovecot-sql.conf looks like following:

    driver = mysql
connect = host=/var/run/mysqld/mysqld.sock dbname=vexim user=vexim password=CHANGE
default_pass_scheme = CRYPT
password_query = \
  SELECT `username` AS `user`, `crypt` AS `password`, \
    `pop` AS `userdb_home`, `uid` AS `userdb_uid`, `gid` AS `userdb_gid` \
  FROM `users` WHERE `username` = '%u'

    Dovecot expects the SELECT to return a set of columns with particular names, hence usage of the AS keyword above.

  3. Just restart Dovecot, and it should work.

SSL/TLS encryption should always be used to protect your mails and login credentials. You can use the same certificates you created for Exim. There is nothing specific to Vexim here, so just follow the official SSL configuration guide from the Dovecot Wiki. For the cipher selection, we recommend to use a current set of "secure" ciphers, bettercrypto.org provides some reviewed default configs in a PDF file.

Add a custom footer
Add a custom sidebar
Clone this wiki locally