Email server with Dovecot in FreeBSD
Continuing the previous entry in which we set up an MTA with OpenSMTPd, this time we will make it easier to download the received mail using any mail client that supports IMAP. As in the previous one, we will use the system users to authenticate ourselves. We will also continue to keep simplicity as a basic principle, which leads us to use Dovecot.
Requirements
As this is the continuation of the previous one, we will say that we need an updated FreeBSD system with OpenSMTPd installed and functional, as we left it last time.
Installation
pkg install dovecot
Configuration
The example configuration after installation is located in a different directory, so we need to move it to its final location, and once there we can adapt it and use it.
cp -r /usr/local/etc/dovecot/example-config/* /usr/local/etc/dovecot/
Deactivate POP3 and Submission
The POP3 protocol no longer makes much sense nowadays, so we are going to prevent Dovecot from serving it. On the other hand, we have already configured OpenSMTPd to handle submission, so we will disable it. We have to leave LMTP since our MTA needs to be able to deliver mail to the MDA.
sed -ip 's/^protocols/protocols = imap lmtp/g' /usr/local/etc/dovecot/dovecot.conf
Configure TLS
We will use the same certificates that we had for OpenSMTPd. If the location of the certificates or the names change, remember to adapt the configuration file.
sed -ip 's/^ssl_key/ssl_key =<\/usr\/local\/etc\/mail\/ssl\/private\/mail.correo.com.key.pem/g' /usr/local/etc/dovecot/conf.d/10-ssl.conf
sed -ip 's/^ssl_cert/ssl_cert =<\/usr\/local\/etc\/mail\/ssl\/certs\/mail.correo.com.cert.pem/g' /usr/local/etc/dovecot/conf.d/10-ssl.conf
sed -ip 's/^#ssl = yes/ssl = required/' /usr/local/etc/dovecot/conf.d/10-ssl.conf
Configuring mailboxes
Dovecot uses standard mailboxes with Draft, Junk, Trash, Sent and Inbox folders. Moreover, they are not created automatically, so mail clients will give errors when connecting and trying to subscribe the folders. For this reason we are going to make Dovecot create them automatically.
Edit /usr/local/etc/dovecot/conf.d/15-mailboxes.conf as follows:
...
namespace inbox {
# These mailboxes are widely used and could perhaps be created automatically:
mailbox Drafts {
special_use = \Drafts
auto = create
}
mailbox Junk {
special_use = \Junk
auto = create
}
mailbox Trash {
special_use = \Trash
auto = create
}
# For \Sent mailboxes there are two widely used names. We'll mark both of
# them as \Sent. User typically deletes one of them if duplicates are created.
mailbox Sent {
special_use = \Sent
auto = create
}
mailbox "Sent Messages" {
special_use = \Sent
}
...
Habilitar e iniciar el demonio
sysrc dovecot_enable="YES"
service dovecot start
Tests
Dovecot logs its events in /var/log/maillog, so this is the first place we will go to check how things are going and if the daemon starts correctly.
tail /var/log/maillog
<22>1 2022-12-25T06:45:33.699554+02:00 mail.correo.com dovecot 13317 - - master: Dovecot v2.3.19.1 (9b53102964) starting up for imap, lmtp
And, of course, we check that the configured protocols are being listened to:
sockstat -4l
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root dovecot 13317 35 tcp4 *:143 *:*
root dovecot 13317 36 tcp4 *:993 *:*
Configuring a client
Now we can configure a mail client to subscribe and synchronize the mailbox. As so far the only valid users are the system ones, the ones in /etc/passwd, we will omit the @correo.com in the authentication configuration.
IMAP
- Incoming mail server: mail.correo.com:143
- Security: STARTTLS
- Authentication: Password, normal
- Credentials: username/password
SMTP
- Outgoing mail server: mail.correo.com:587
- Security: STARTTLS
- Autenticación: Password, normal
- Credentials: username/password