Continuing the previous entry in which we set up an MTA with OpenSMTPd, this time we will make it easier to download the received mail using any mail client that supports IMAP. As in the previous one, we will use the system users to authenticate ourselves. We will also continue to keep simplicity as a basic principle, which leads us to use Dovecot.

Requirements

As this is the continuation of the previous one, we will say that we need an updated FreeBSD system with OpenSMTPd installed and functional, as we left it last time.

Installation

pkg install dovecot

Configuration

The example configuration after installation is located in a different directory, so we need to move it to its final location, and once there we can adapt it and use it.

cp -r /usr/local/etc/dovecot/example-config/* /usr/local/etc/dovecot/

Deactivate POP3 and Submission

The POP3 protocol no longer makes much sense nowadays, so we are going to prevent Dovecot from serving it. On the other hand, we have already configured OpenSMTPd to handle submission, so we will disable it. We have to leave LMTP since our MTA needs to be able to deliver mail to the MDA.

sed -ip 's/^protocols/protocols = imap lmtp/g' /usr/local/etc/dovecot/dovecot.conf

Configure TLS

We will use the same certificates that we had for OpenSMTPd. If the location of the certificates or the names change, remember to adapt the configuration file.

sed -ip 's/^ssl_key/ssl_key =<\/usr\/local\/etc\/mail\/ssl\/private\/mail.correo.com.key.pem/g' /usr/local/etc/dovecot/conf.d/10-ssl.conf
sed -ip 's/^ssl_cert/ssl_cert =<\/usr\/local\/etc\/mail\/ssl\/certs\/mail.correo.com.cert.pem/g' /usr/local/etc/dovecot/conf.d/10-ssl.conf
sed -ip 's/^#ssl = yes/ssl = required/' /usr/local/etc/dovecot/conf.d/10-ssl.conf

Configuring mailboxes

Dovecot uses standard mailboxes with Draft, Junk, Trash, Sent and Inbox folders. Moreover, they are not created automatically, so mail clients will give errors when connecting and trying to subscribe the folders. For this reason we are going to make Dovecot create them automatically.

Edit /usr/local/etc/dovecot/conf.d/15-mailboxes.conf as follows:

...
namespace inbox {
  # These mailboxes are widely used and could perhaps be created automatically:
  mailbox Drafts {
    special_use = \Drafts
    auto = create
  }
  mailbox Junk {
    special_use = \Junk
    auto = create
  }
  mailbox Trash {
    special_use = \Trash
    auto = create
  }

  # For \Sent mailboxes there are two widely used names. We'll mark both of
  # them as \Sent. User typically deletes one of them if duplicates are created.
  mailbox Sent {
    special_use = \Sent
    auto = create
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
...

Habilitar e iniciar el demonio

sysrc dovecot_enable="YES"
service dovecot start

Tests

Dovecot logs its events in /var/log/maillog, so this is the first place we will go to check how things are going and if the daemon starts correctly.

tail /var/log/maillog
<22>1 2022-12-25T06:45:33.699554+02:00 mail.correo.com dovecot 13317 - - master: Dovecot v2.3.19.1 (9b53102964) starting up for imap, lmtp

And, of course, we check that the configured protocols are being listened to:

sockstat -4l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
root     dovecot    13317 35 tcp4   *:143                 *:*
root     dovecot    13317 36 tcp4   *:993                 *:*

Configuring a client

Now we can configure a mail client to subscribe and synchronize the mailbox. As so far the only valid users are the system ones, the ones in /etc/passwd, we will omit the @correo.com in the authentication configuration.

IMAP

  • Incoming mail server: mail.correo.com:143
  • Security: STARTTLS
  • Authentication: Password, normal
  • Credentials: username/password

SMTP

  • Outgoing mail server: mail.correo.com:587
  • Security: STARTTLS
  • Autenticación: Password, normal
  • Credentials: username/password