Make your personal mail server part 4: Dovecot installation

This post is the fourth part of a series of posts on setting up a mail server for your personal use.

Previous part: Public certificates with Let’s Encrypt

In this entry we’ll cover the installation and configuration of the Dovecot mail server. As in the other entries, we’ll assume that the target system is running Ubuntu 16.04. Also we’ll assume that the Full Qualified Domain Name on the local network for the mail server is ubuntu.localdomain i.e. the name of the host is ubuntu and the of the local domain is localdomain. While setting up the domain is not mandatory for the IMAP server, it will become useful when we will setup the MTA (postfix).

Installation

We’ll make a minimal installation for now. Extras such as antispam, server side filters, and full text search will be covered in a later post.

$ sudo apt-get install dovecot-imapd

Configuration

edit /etc/dovecot/dovecot.conf and enable the following options

listen = *, ::

If you plan to use only webmail you can change the above to

listen = 127.0.0.1

or any other local address that you may have configured on your machine for increased security.

Now we’ll configure Dovecot to use Maildir as a mail storage format. Maildir is a filesystem-based format that uses a file for every single message. It is also well supported by a number of other mail servers. This means that you can easily backup the emails and, if you need to, you can move the data to another software without much hassle (of course you can always transfer it via IMAP protocol, but this is usually slower and may have some pitfalls).

This also has the drawback that you will need a system account for every user that need to access the email but since we are setting it up for personal use, I don’t think it is problematic. Similarly, while it is not the most performant alternative available on Dovecot, this should not be an issue unless you have thousand of users.

Configuration of Maildir is done with the following entry in /etc/dovecot/conf.d/10-mail.conf

mail_location = maildir:~/Maildir

This will put the user’s mail in his own home folder. In the past this meant configuring Dovecot (and also the MTA, if I am not mistaken) to properly handle permissions on the folder. I didn’t had this problem when installing on Ubuntu 16.04, so maybe it is a problem of the past. In any case you can refer to the official documentation for more details.

If you have followed the previous part and configured the certificates for the host mymailserver.example.com, you can use them also for Dovecot, by modifying as follows /etc/dovecot/conf.d/10-ssl.conf:

ssl = required
ssl_cert = </etc/letsencrypt/live/mymailserver.example.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/mymailserver.example.com/privkey.pem

After a restart with

$ sudo systemctl restart dovecot

the IMAP server should be up and running. You should be able to point your mail application to your address. Assuming that the machine is reachable from the internet and you opened/forwarded the relevant ports, you can access it through the hostname mymailserver.example.com with either the port 993 or 143.

Configuring LMTP (Somewhat optional)

If your MTA (e.g. Postfix) delivers the email directly to the Maildir (this should be the case for the default configuration of Postfix in Ubuntu), you can stop here, since no more configuration is needed. It is a good idea though to let the MTA deliver the email through Dovecot, because this will let you use more of Dovecot’s functionality, like server side filtering. You can enable the LMTP server with the following steps:

$ sudo apt-get install dovecot-lmtpd

Edit the file /etc/dovecot/conf.d/10-master.conf, find the section starting with “service lmtp” and configure it as follows:

 service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
	mode = 0666
  }
}

This will setup a unix socket in the given path (the path depends on which MTA you will use, the example above will work with Postfix). Be sure to give enough permissions on the file so that the other software can open and write to it, since it will be created by the root user.

Also, we need to tell dovecot to map name@domain to name for authentication purpouses, otherwise it will keep telling us that the destination user is unknown. This is done by setting the following in /etc/dovecot/10-auth.conf

auth_username_format = %n

With the usual

$ sudo systemctl restart dovecot

That’s it ! What is lacking now is a way to populate the server with our mails. This will be the topic of the following entry of the serie.