Horst

User Tools

Site Tools

Trace:
dovecot

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
dovecot [2021/02/11 12:49] admindovecot [2023/12/13 19:30] (current) admin
Line 9: Line 9:
 <code>rm -rf /etc/dovecot/*</code> <code>rm -rf /etc/dovecot/*</code>
  
-<del>Dann wird in der /etc/dovecot/dovecot.conf der Eintrag "listen" geändert. anstatt+Diffie Hellman Parameter für Dovecot erstellen.
  
-<code>listen = *, ::</code>+<code>openssl dhparam -out /etc/dovecot/dh4096.pem 4096</code>
  
-trägt man dort seine IPv4 und v6 Adressen ein.+Dann wird /etc/dovecot/dovecot.conf erstellt
  
-Dann geht es weiter in das Verzeichnis /etc/dovecot/conf.d/. Dort wird zuerst die Datei 10-auth.conf angepasst. Auf Plaintext, da wir ja eine TLS Verschlüsselung haben, es da also keine Gefahr gibt. +<code> 
-Folgende Zeilen anpassen: +#mail_debug = no 
-<code>disable_plaintext_auth = no +## 
-auth_mechanisms = plain login +## Aktivierte Protokolle 
-</code>+##
  
-Dann im selben Verzeichnis die Datei 10-ssl.conf anpassen, und dort unsere Letsencrypt Zertifikate eintragen.+protocols = imap lmtp sieve 
  
-<code> +## 
-ssl = required +## TLS Config 
-ssl_cert = </etc/acme.sh/mail.mysystems.tld/fullchain.pem +## Quelle: https://ssl-config.mozilla.org/#server=dovecot&version=2.3.9&config=intermediate&openssl=1.1.1d&guideline=5.4 
-ssl_key = </etc/letsencrypt/live/mail.example.com/privkey.pem+## 
 +ssl = yes 
 +disable_plaintext_auth=no 
 +ssl_cert = </etc/letsencrypt/live/mail.domain.tld/fullchain.pem 
 +ssl_key = </etc/letsencrypt/live/mail.domain.tld/privkey.pem
 ssl_dh = </etc/dovecot/dh4096.pem ssl_dh = </etc/dovecot/dh4096.pem
 ssl_min_protocol = TLSv1.2 ssl_min_protocol = TLSv1.2
 ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
-ssl_prefer_server_ciphers = no</code></del>+ssl_prefer_server_ciphers = no 
 + 
 + 
 +## 
 +## Dovecot services 
 +## 
 + 
 +service imap-login { 
 +    inet_listener imap { 
 +        port = 143 
 +    } 
 +
 + 
 +service managesieve-login { 
 +    inet_listener sieve { 
 +        port = 4190 
 +    } 
 +
 + 
 +service lmtp { 
 +     unix_listener lmtp { 
 +     #mode = 0666 
 +      }  
 +    user = vmail 
 +
 + 
 +service auth { 
 +    ### Auth socket für LMTP-Dienst 
 +    unix_listener auth-userdb { 
 +        mode = 0660 
 +        user = vmail 
 +        group = vmail 
 +    } 
 +
 + 
 + 
 +## 
 +##  Protocol settings 
 +## 
 + 
 +protocol imap { 
 +    mail_plugins = $mail_plugins quota imap_quota imap_sieve 
 +    mail_max_userip_connections = 50 
 +    imap_idle_notify_interval = 29 mins 
 +
 + 
 +protocol lmtp { 
 +    postmaster_address = postmaster@mail.domain.tld 
 +    mail_plugins = $mail_plugins sieve notify push_notification 
 +
 + 
 + 
 +## 
 +## Client authentication 
 +## 
 + 
 +disable_plaintext_auth = yes 
 +auth_mechanisms = plain login 
 +auth_username_format = %Lu 
 + 
 +passdb { 
 +    driver = sql 
 +    args = /etc/dovecot/dovecot-sql.conf 
 +
 + 
 +userdb { 
 +    driver = sql 
 +    args = /etc/dovecot/dovecot-sql.conf 
 +
 + 
 + 
 +## 
 +## Address tagging 
 +## 
 +recipient_delimiter = + 
 + 
 + 
 +## 
 +## Mail location 
 +## 
 + 
 +mail_uid = vmail 
 +mail_gid = vmail 
 +mail_privileged_group = vmail 
 + 
 +mail_home = /var/vmail/%d/%n 
 +mail_location = maildir:~/mail:LAYOUT=fs 
 + 
 +## 
 +## Mailbox configuration 
 +## 
 + 
 +namespace inbox { 
 +    inbox = yes 
 + 
 +    mailbox Junk { 
 +        auto = subscribe 
 +        special_use = \Junk 
 +    } 
 + 
 +    mailbox Trash { 
 +        auto = subscribe 
 +        special_use = \Trash 
 +    } 
 + 
 +    mailbox Drafts { 
 +        auto = subscribe 
 +        special_use = \Drafts 
 +    } 
 + 
 +    mailbox Sent { 
 +        auto = subscribe 
 +        special_use = \Sent 
 +    } 
 +
 + 
 + 
 +## 
 +## Mail plugins 
 +## 
 + 
 +plugin { 
 +    sieve_plugins = sieve_imapsieve sieve_extprograms 
 +    sieve_before = /var/vmail/sieve/global/spam-global.sieve 
 +    sieve = file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve 
 + 
 +    ### 
 +    ### Spam learning 
 +    ### 
 +    # From elsewhere to Spam folder 
 +    imapsieve_mailbox1_name = Junk 
 +    imapsieve_mailbox1_causes = COPY 
 +    imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve 
 + 
 +    # From Spam folder to elsewhere 
 +    imapsieve_mailbox2_name = * 
 +    imapsieve_mailbox2_from = Junk 
 +    imapsieve_mailbox2_causes = COPY 
 +    imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve 
 + 
 +    sieve_pipe_bin_dir = /usr/bin 
 +    sieve_global_extensions = +vnd.dovecot.pipe 
 + 
 +    quota = maildir:User quota 
 +    quota_exceeded_message = Benutzer %u hat das Speichervolumen überschritten. / User %u has exhausted allowed storage space. 
 +
 + 
 +</code> 
 + 
 +Und dann noch das /etc/dovecot/dovecot-sql.conf 
 + 
 +<code> 
 +driver=mysql 
 +connect = "host=localhost dbname=vmail user=vmail password=DatenbankPasswort" 
 + 
 +default_pass_scheme = BLF-CRYPT 
 + 
 +password_query = SELECT username, domain, password FROM credentials WHERE username = '%Ln' AND domain = '%Ld'; 
 + 
 +user_query = SELECT 2000 AS uid, 2000 as gid, '/var/vmail/%Ld/%Ln' AS home; 
 +</code>
dovecot.1613047759.txt.gz · Last modified: 2021/02/11 12:49 by admin
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki