One of our customers requested for a pop server connection and I started searching for a pop server which is capable of working with sendmail already running in his server. He had a server without control panel, with Red Hat Linux release 9 (Shrike). The research ended up with the term Dovecot.

This article describes how to install the Dovecot mail server from source as an imap / pop3 mail server, and how to set up the sieve plugin so that the customers can use the sieve mail filtering language for their mail accounts.

1. Installation

We can download Dovecot from http://dovecot.org. I always prefer stable versions.

[root@host]# wget http://dovecot.org/releases/1.0/dovecot-1.0.9.tar.gz

We also need the sieve plugin source and is available from the same site.

[root@host]# wget http://dovecot.org/releases/sieve/dovecot-sieve-1.0.2.tar.gz

Once these sources are downloaded to the server, we can continue with the installation of dovecot mail server.

[root@host]# cd /usr/src
[root@host]# tar zxfv dovecot-1.0.9.tar.gz
[root@host]# cd dovecot-1.0.9
[root@host]# ./configure
[root@host]# make
[root@host]# make install

Now we need to install the sieve plugin:

[root@host]# cd /usr/src
[root@host]# tar zxfv dovecot-sieve-1.0.2.tar.gz
[root@host]# cd dovecot-sieve-1.0.2
[root@host]# ./configure –with-dovecot=../dovecot-1.0.9
[root@host]# make
[root@host]# make install

2. Configuration

The basic configuration file of dovecot is /usr/local/etc/dovecot.conf and we can create it by doing the following step.

cp -pi /usr/local/etc/dovecot-example.conf /usr/local/etc/dovecot.confserver-id=2
The config file includes option for Imap Protocol, Local Delivery Agent with Sieve plugin, Virtual Users from file and support other programs to authenticate with the dovecot mail server.

My sample dovecot.conf is as follows and based on this, I will explain each parameter in the configuration file.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log

login_dir =/usr/local/var/run/dovecot/login
login_chroot = yes
login_user = dovecot

protocol pop3 {
login_executable = /usr/local/libexec/dovecot/pop3-login
mail_executable = /usr/local/libexec/dovecot/pop3
pop3_enable_last = no
}

auth_executable = /usr/local/libexec/dovecot/dovecot-auth
auth_process_size = 256
auth_cache_ttl = 3600

# Disable SSL for now.
ssl_disable = yes
disable_plaintext_auth = no

# We’re using Mbox format
mail_location = mbox:~/mail:INBOX=/var/mail/%u

# If you’re using POP3, you’ll need this:
pop3_uidl_format = %08Xu%08Xv

auth default {
mechanisms = plain
passdb passwd {
}
passdb shadow {
}
userdb passwd {
}
user = root
}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2.1 Logging

log_path is the log file to use for error messages, instead of sending them to syslog.

info_log_path is the log file to use for informational and debug messages. Default is the same as log_path.

2.2 Login processes

login_dir is the directory where authentication process places authentication UNIX sockets which login needs to be able to connect to.

login_chroot used to chroot login process to the login_dir. If you wish to run the whole Dovecot without roots, do not enable this.

login_user = dovecot User to use for the login process. The user belong to a group where only it has access and it is used to control access for authentication process. Note that this user is NOT used to access mails.

2.3 Authentication

Users are categorized as either system users (in /etc/passwd) or virtual users (not in /etc/passwd). For authentication, I am using the passwd-file for system users. The last lines starting with auth default on dovecot.conf file helps for authentication. Until SSL is configured, allow plaintext authentication using the variable disable_plaintext_auth. Make sure to switch the value of disable_plaintext_auth to Yes when you change the value of ssl_disable to No.

auth_executable shows the executable location.

auth_process_size set the max. process size in megabytes.

auth_cache_ttl is the time to live in seconds for cached data. After this many seconds the cached record is no longer used. This works only with plaintext authentication.

2.4 Mbox specific settings

If you are using mboxes, it is important to have locking configuration. I have following entries in my configuration file.

mbox_read_locks = fcntl
mbox_write_locks = dotlock fcntl

If you use /var/mail/ or /var/spool/mail/ directory for INBOXes, you may need to give Dovecot additional permissions so it can create dotlock files there. The location is specified using mail_location in configuration file /usr/local/etc/dovecot.conf.

2.5 POP3 specific settings

The varibale under this section is included within ‘protocol pop3 {‘ and ‘}’.

login_executable = /usr/local/libexec/dovecot/pop3-login
  specifies the login executable location.

mail_executable = /usr/local/libexec/dovecot/pop3
  POP3 executable location. Changing this allows you to execute other binaries
before the pop3 process is executed.

pop3_enable_last = no
  Support LAST command. Enabling this makes RSET command clear all Seen flags
from messages.

pop3_uidl_format = %08Xu%08Xv
  POP3 UIDL (unique mail identifier) format to use.

pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
POP3 logout format string:
#  %t - number of TOP commands
#  %p - number of bytes sent to client as a result of TOP command
#  %r - number of RETR commands
#  %b - number of bytes sent to client as a result of RETR command
#  %d - number of deleted messages
#  %m - number of messages (before deletion)
#  %s - mailbox size in bytes (before deletion)

3. Running Dovecot

To start the dovecot mail server just type:

[root@host]# /usr/local/sbin/dovecot

To check all running process by the user dovecot, do

[root@host]# ps aux | grep dovecot

If there are any problems just see the log files:

[root@host]# tail -f /var/log/dovecot.log

To verify the config of running dovecot:

[root@host]# /usr/local/sbin/dovecot -n

If everything till now is running ok, you should check the mail server via telnet. To do this just type the below command:

[root@host]# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT
LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS AUTH=PLAIN] Dovecot ready.
1 login savitha savitha
1 OK Logged in.
2 select inbox
* FLAGS (Answered Flagged Deleted Seen Draft)
* OK [PERMANENTFLAGS (Answered Flagged Deleted Seen Draft *)] Flags
permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1194581632] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
2 OK [READ-WRITE] Select completed.

4. Use Sieve

Dovecot plugin reads the .dovecot.sieve file from your mail location. The dovecot.conf file given above, sets the mail location at /var/mail/folders/usename. So you need to create the file:

[root@host]# touch /var/mail/folders/user1/.dovecot.sieve

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
require "fileinto";
if header :comparator "i;ascii-casemap" :contains "Subject" "**SPAM**"  {
        fileinto "Trash";
        stop;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This sieve rule delivers every email where the header subject contains “**SPAM**” to the Trash folder.

About the author:
Savitha Nair works as Sr. Software Engineer (Grade II) in Bobcares.com.
Savitha has worked in Bobcares for 4 years and is an expert in Linux Server administration. She is a passionate advocate of secure linux server administration.