yumを使ってDovecotをインストールします。
yum -y install dovecot
Dovecotの設定を行います。
vi /etc/dovecot/dovecot.conf
# Protocols we want to be serving. #protocols = imap pop3 lmtp protocols = imap #POP3を使わずIMAPだけ使う。
認証設定ファイルを修正します。
vi /etc/dovecot/conf.d/10-auth.conf
# Disable LOGIN command and all other plaintext authentications unless # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP # matches the local IP (ie. you're connecting from the same computer), the # connection is considered secure and plaintext authentication is allowed. # See also ssl=required setting. #disable_plaintext_auth = yes disable_plaintext_auth = no # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey # gss-spnego # NOTE: See also disable_plaintext_auth setting. #auth_mechanisms = plain auth_mechanisms = plain login
Maildir形式に変更します。
vi /etc/dovecot/conf.d/10-mail.conf
# See doc/wiki/Variables.txt for full list. Some examples: # # mail_location = maildir:~/Maildir mail_location = maildir:~/Maildir #コメントを外す # mail_location = mbox:~/mail:INBOX=/var/mail/%u # mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
SSLを有効にします。
vi /etc/dovecot/conf.d/10-ssl.conf
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> # disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps # plain imap and pop3 are still allowed for local connections #ssl = required ssl = required # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf #ssl_cert = </etc/pki/dovecot/certs/dovecot.pem ssl_cert = </etc/letsencrypt/live/mail.astermark.com/fullchain.pem #ssl_key = </etc/pki/dovecot/private/dovecot.pem ssl_key = </etc/letsencrypt/live/mail.astermark.com/privkey.pem
SSLを使わないIMAPを無効化し、PostfixがDovecotの認証を使えるようにします。
vi /etc/dovecot/conf.d/10-master.conf
# inet_listener imap { # #port = 143 # } # inet_listener imaps { # #port = 993 # #ssl = yes # } inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } # # Postfix smtp-auth # unix_listener /var/spool/postfix/private/auth { # mode = 0666 # } # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix }
コメント