Here are tips and suggestions for using the Dovecot IMAP server on Debian Linux and running under the Daemontools program developed by DJB.

Download and Build

Download the latest version of Dovecot. I put all source code in /usr/local/src. CD to there and untar the source with this command. Note: This page may be out of sync with the latest version. Check the Dovecot download page to be sure (http://www.dovecot.org/download.html):

cd /usr/local/src
wget -c http://www.dovecot.org/releases/1.1/dovecot-1.1.2.tar.gz
tar xzvf dovecot-1.x.x.tar.gz

Now cd to the resulting Dovecot source dir and start to configure and build Dovecot. I am using only one option but your requirments may be different so do ./configure --help to review all the options available. I decided to not use Dovecot's pop3 server as I already have Qmail's pop server set up. So my config file has this option to turn it off:

./configure --without-pop3d

Now continue on with the make and make install commands to build and install Dovecot.

Setup and Configuration

You must first create the dovecot user. This is not a login account but is used to run the application. The following command works on Debian. Other Linux variants may be slightly different so check the man page to be sure:

useradd -m -b /var/run -s /bin/false dovecot

The configuration file makes use of vpopmail for user authentication. This is a plain text form of authentication so in order to be secure, TLS or SSL should be used. And of course, this assumes that you have vpopmail installed. The location of the file using the default install is: /usr/local/etc/dovecot.conf. Also take note that this file is for version 1.1.2 of Dovecot. Earlier versions may not be compatible. Here is the complete configuration file I use:


One unique thing about the dovecot.conf file for daemontools is the line which configures logging to stderr. This will be clearer when the run script is considered. Other items to notice are the standard vpopmail user and group id's designated by the four first_valid_, last_valid_ entries. These are typically 89 if you followed the vpopmail configuration instructions. The certificates which will be used for TLS and/or SSL encryption are the same ones qmail uses for TLS in the SMTP service.

I also disable plain text login which prevents any user from logging in without a secure connection. This will not prevent an attempt but authentication will not be checked against the selected mechanism without a secure connection. An insecure attempt will result in a warning message which alerts the user to the fact that they are using an insecure connection and may have just compromised their login information.

The items under namespace private will allow for existing courier IMAP style folders. This is useful if you are migrating from courier IMAP.

Daemontools Config

Setup the service directories for dovecot under daemontools. I like to put all of my services to be run by daemon tools in a central location which is under /var/supervise/. But any location will work.

mkdir -p /var/supervise/dovecot/log
chmod 755 /var/supervise/dovecot /var/supervise/dovecot/log

Now setup the run script in /var/supervise/dovecut/run (or wherever you set up the service dirs).

#!/bin/sh
#
PATH="/usr/bin:/bin"
exec /usr/local/sbin/dovecot -F 2>&1

This is a very straightforward run script with the exception of the -F. This option tells Dovecot to run in the foreground instead of as a daemon. Dovecot will not work under daemontools running in daemon mode (nor will any program). You will also note the common 2>&1 which tells the shell to pipe all error messages to standard output.

The log run file (located in /var/supervise/dovecot/log/run) can also be very simple. Here is mine which puts all log messages in /var/log/dovecot:

#!/bin/sh
#
VQ="/var/qmail"
exec env - PATH="$VQ/bin:/usr/local/bin:/usr/bin:/bin" \
   multilog t n1024 s1048576 /var/log/dovecot

Make both run files executable and set permissions:

chmod 755 /var/supervise/dovecot/run /var/supervise/dovecot/log/run

Now start up the dovecot service in the standard way by linking to the /service/ directory:

cd /service
ln -s /var/supervise/dovecot/run ./ 

Testing

Using the tail command on the dovecot multilog file will allow you to watch the connections in real time while you test:

cd /var/log/dovecot
tail -n 25 -F current | tai64nlocal

Now, in a separate terminal, try connecting to the IMAP port of your server where dovecot is running. Telnet to port 143 of your server (standard IMAP port). Issue these commands:

a001 CAPABILITY
a002 logout

Here is an example of output with a successful install:

user@puter:~$ telnet your.mail.server.com 143
Trying 10.10.1.66...
Connected to your.mail.server.com.
Escape character is '^]'.
* OK Message in dovecot.conf.
a001 CAPABILITY
* CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT
LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS AUTH=PLAIN
a001 OK Capability completed.
a002 logout
* BYE Logging out
a002 OK Logout completed.
Connection closed by foreign host.

If you want to do a more complete test via the terminal, here are some commands for testing IMAP with TLS. I have added some comments to these commands which are in parenthesis on the far right:

openssl s_client -starttls imap -crlf -connect 1.2.3.4:143
a01 login username passwd
a02 list "Maildir" "*"     (list all folders)
a03 SELECT INBOX
a04 FETCH 1:* FLAGS        (flags is kind of like status.  This is asking for 
                             status of all messages in the INBOX).
a05 FETCH 1 full           (get full header for the most recent message)
a06 FETCH 1 body[text]     (get body of message)
a07 logout

To delete a message:

a08 store 3 +FLAGS (\Deleted)  (The number here is the message number)
a09 expunge                    (expunge will commit the delete)

If you are successful using these commands to view and delete messages, you should have a working Dovecot IMAP server. You are now ready to use a normal IMAP client (such as Thunderbird for example). Settings for a particular IMAP client should be easy so fire it up and give it a try!

References