diff options
Diffstat (limited to 'doc/wiki/QuickConfiguration.txt')
| -rw-r--r-- | doc/wiki/QuickConfiguration.txt | 209 |
1 files changed, 209 insertions, 0 deletions
diff --git a/doc/wiki/QuickConfiguration.txt b/doc/wiki/QuickConfiguration.txt new file mode 100644 index 0000000..9e1be7a --- /dev/null +++ b/doc/wiki/QuickConfiguration.txt @@ -0,0 +1,209 @@ +Quick Configuration +=================== + +If you just want to get Dovecot running with typical configuration in a typical +environment, here's what you'll have to do: + +Contents + + + 1. Quick Configuration + + 1. TLDR; Just want it running + + 2. Configuration file + + 1. Installing from sources + + 2. Split configuration files + + 3. Hints about writing configuration files + + 3. Authentication + + 4. Mail Location + + 5. Mbox + + 6. Maildir + + 7. Client Workarounds + + 8. SSL and Plaintext Authentication + + 9. NFS + + 10. Running + +TLDR; Just want it running +-------------------------- + +Here is a very simple basic configuration with single vmail user to be placed +as dovecot.conf. Please note that some distros split configuration under +/etc/dovecot/conf.d, which, while it can be useful, is not required. + +You need to create group vmail and user vmail. + +---%<------------------------------------------------------------------------- +mail_home=/srv/mail/%Lu +mail_location=sdbox:~/Mail + +## this is sometimes needed +#first_valid_uid = uid-of-vmail-user + +# if you want to use system users +passdb { + driver = pam +} + +userdb { + driver = passwd + args = blocking=no + override_fields = uid=vmail gid=vmail +} + +ssl=yes +ssl_cert=</path/to/cert.pem +ssl_key=</path/to/key.pem +# if you are using v2.3.0-v2.3.2.1 (or want to support non-ECC DH algorithms) +# since v2.3.3 this setting has been made optional. +#ssl_dh=</path/to/dh.pem + +namespace { + inbox = yes + separator = / +} +---%<------------------------------------------------------------------------- + +Configuration file +------------------ + +Prebuilt packages usually install the configuration files into '/etc/dovecot/'. +You'll find the correct path by running: + +---%<------------------------------------------------------------------------- +doveconf -n | head -n 1 +---%<------------------------------------------------------------------------- + +It's a good idea to read through all the config files and see what settings you +might want to change. + +Installing from sources +----------------------- + +If you compiled and installed Dovecot from sources, Dovecot has installed only +a '/usr/local/etc/dovecot/README' file, which contains the path to the +installed example configuration files, usually +'/usr/local/share/doc/dovecot/example-config'. Copy them to etc/: + +---%<------------------------------------------------------------------------- +cp -r /usr/local/share/doc/dovecot/example-config/* /usr/local/etc/dovecot/ +---%<------------------------------------------------------------------------- + +Split configuration files +------------------------- + +The default configuration starts from 'dovecot.conf', which contains an +'!include conf.d/*.conf' statement to read the rest of the configuration. The +idea is that the settings are nicely grouped into different files to make it +easier for new admins to scan through related settings. It doesn't matter which +config file you add which setting. In the production system it's often easier +to just have a single 'dovecot.conf' file, which you can create easily using + +---%<------------------------------------------------------------------------- +doveconf -nP > dovecot.conf +---%<------------------------------------------------------------------------- + +Hints about writing configuration files +--------------------------------------- + + * Usually it does not matter in which file you write the setting, however, + later settings replace earlier ones. If you use the same section multiple + times, the settings are merged together. + * Before v2.3, boolean settings in the 'plugin' section interpret /any/ value + as *true*, even '0', 'no' and 'false'. + * To read the content of a file, for instance for the SSL certificate option, + prefix the filename with a '<', e.g.: + +---%<------------------------------------------------------------------------- +ssl_cert = </etc/ssl/certs/imap.pem +---%<------------------------------------------------------------------------- + +Authentication +-------------- + +You'll probably be using <PAM> [PasswordDatabase.PAM.txt] authentication. See +the <PAM> [PasswordDatabase.PAM.txt] page for how to configure it. A typical +configuration with Linux would be to create '/etc/pam.d/dovecot' which +contains: + +---%<------------------------------------------------------------------------- +auth required pam_unix.so +account required pam_unix.so +---%<------------------------------------------------------------------------- + +If you're using something else, see <password databases> [PasswordDatabase.txt] +and <user databases> [UserDatabase.txt]. + +Mail Location +------------- + +You can let Dovecot do its automatic mail location detection, but if that +doesn't work, you can set the location manually in 'mail_location' setting. See +<MailLocation.txt> for more information. + +Mbox +---- + +Make sure that all software accessing the mboxes are using the same locking +methods in the same order. The order is important to prevent deadlocking. From +Dovecot's side you can change these from 'mbox_read_locks' and +'mbox_write_locks' settings. See <MboxLocking.txt> for more information. + +If you're using '/var/mail/' directory for INBOXes, you may need to set +'mail_privileged_group = mail' so Dovecot can create dotlocks there. + +For better performance you may want to set 'mbox_very_dirty_syncs = yes' +option. + +Maildir +------- + +For better performance you may want to set 'maildir_very_dirty_syncs = yes' +option. + +Client Workarounds +------------------ + +Check 'imap_client_workarounds' and 'pop3_client_workarounds' and see if you +want to enable more of them than the defaults. + +SSL and Plaintext Authentication +-------------------------------- + +If you intend to use SSL, set 'ssl_cert' and 'ssl_key' settings. Otherwise set +'ssl = no'. Easiest way to get SSL certificates built is to use Dovecot's +'doc/mkcert.sh' script. See <SSL.txt>. + +By default 'disable_plaintext_auth = yes', which means that Dovecot will fail +the authentication if the client doesn't use SSL (or use <non-plaintext +authentication> [Authentication.Mechanisms.txt]). This is recommended in most +situations, since it prevents leaking passwords. However, if you don't offer +SSL for some reason, you'll probably want to set 'disable_plaintext_auth = no'. + +Since v2.3.3 you only need ssl_key and ssl_cert, leaving ssl_dh unset (and +removing ssl-parameters.dat if left over from 2.2) will prevent using non-EC DH +algorithms. + +NFS +--- + +If you're using NFS or some other remote filesystem that's shared between +multiple computers, you should read <NFS.txt>. + +Running +------- + +See <RunningDovecot.txt> and <Logging.txt>. + +(This file was created from the wiki on 2019-06-19 12:42) |