Difference between revisions of "Dovecot"
From wiki
(Configure authentication) |
(Fail2Ban) |
||
| Line 88: | Line 88: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | == Fail2Ban == | ||
| + | Create file <code>/etc/fail2ban/jail.d/dovecot.conf</code> with the following content | ||
| + | <syntaxhighlight lang="ini"> | ||
| + | [dovecot] | ||
| + | enabled = true | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | [[Category:Fail2Ban]] | ||
[[Category:Linux Server]] | [[Category:Linux Server]] | ||
Revision as of 08:22, 17 March 2016
 Warning: | This page is a work in progress and is not completed. Important informations might be missing or wrong. |
Install
# apt install dovecot-imapd dovecot-managesieved
Configuration
Create System User
User vmail will be used to store mail related data
# adduser --system --home /var/maildir/ --group vmail
Adding system user `vmail' (UID 104) ...
Adding new group `vmail' (GID 105) ...
Adding new user `vmail' (UID 104) with group `vmail' ...
Creating home directory `/var/maildir/' ...
Authentication
Activate
Edit file /etc/dovecot/conf.d/10-auth.conf and make sure the only included authentication mechanism is passwdfile.
#!include auth-deny.conf.ext
#!include auth-master.conf.ext
#!include auth-system.conf.ext
#!include auth-sql.conf.ext
#!include auth-ldap.conf.ext
!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext
Edit file /etc/dovecot/conf.d/auth-passwdfile.conf.ext and set option default_fields
# Authentication for passwd-file users. Included from 10-auth.conf.
#
# passwd-like file with specified location.
# <doc/wiki/AuthDatabase.PasswdFile.txt>
passdb {
driver = passwd-file
args = scheme=CRYPT username_format=%u /etc/dovecot/users
}
userdb {
driver = passwd-file
args = username_format=%u /etc/dovecot/users
# Default fields that can be overridden by passwd-file
#default_fields = quota_rule=*:storage=1G
default_fields = uid=vmail gid=vmail home=/home/vmail/%u
# Override fields from passwd-file
#override_fields = home=/home/virtual/%u
}
Create file /etc/dovecot/users
# touch /etc/dovecot/users
# chmod 640 /etc/dovecot/users
# chown root:dovecot /etc/dovecot/users
Add a User
First generate an encrypted password for the user
$ doveadm pw -s SHA512-CRYPT
Enter new password:
Retype new password:
{SHA512-CRYPT}$6$o5TBpwJqGhEgsq3G$YGUPIDDkAJGaRYdMrW4kNWQzEyCwyeJAxnnyyphcR8MjPUo4yzUNy55sgAP0Qx73CI72XzUqIFGlKUvir7QkR1
Now add a line to /etc/dovecot/users
# Format is <user>:<password>::::::
# Generate passwords with: doveadm pw -s SHA512-CRYPT
vincent:{SHA512-CRYPT}$6$o5TBpwJqGhEgsq3G$YGUPIDDkAJGaRYdMrW4kNWQzEyCwyeJAxnnyyphcR8MjPUo4yzUNy55sgAP0Qx73CI72XzUqIFGlKUvir7QkR1::::::
Fail2Ban
Create file /etc/fail2ban/jail.d/dovecot.conf with the following content
[dovecot]
enabled = true
