Dovecotのインストールと設定

yumを使ってDovecotをインストールします。

yum -y install dovecot

Dovecotの設定を行います。

vi /etc/dovecot/dovecot.conf

[bash]
# Protocols we want to be serving.
#protocols = imap pop3 lmtp
protocols = imap #POP3を使わずIMAPだけ使う。
[/bash]

認証設定ファイルを修正します。

vi /etc/dovecot/conf.d/10-auth.conf

[bash]
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you’re connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
# See also ssl=required setting.
#disable_plaintext_auth = yes
disable_plaintext_auth = no

# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
# gss-spnego
# NOTE: See also disable_plaintext_auth setting.
#auth_mechanisms = plain
auth_mechanisms = plain login
[/bash]

Maildir形式に変更します。

vi /etc/dovecot/conf.d/10-mail.conf

[bash]
# See doc/wiki/Variables.txt for full list. Some examples:
#
# mail_location = maildir:~/Maildir
mail_location = maildir:~/Maildir #コメントを外す
# mail_location = mbox:~/mail:INBOX=/var/mail/%u
# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
[/bash]

SSLを有効にします。

vi /etc/dovecot/conf.d/10-ssl.conf

[bash]
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
# plain imap and pop3 are still allowed for local connections
#ssl = required
ssl = required

# PEM encoded X.509 SSL/TLS certificate and private key. They’re opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
#ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_cert = </etc/letsencrypt/live/mail.astermark.com/fullchain.pem
#ssl_key = </etc/pki/dovecot/private/dovecot.pem
ssl_key = </etc/letsencrypt/live/mail.astermark.com/privkey.pem
[/bash]

SSLを使わないIMAPを無効化し、PostfixがDovecotの認証を使えるようにします。

vi /etc/dovecot/conf.d/10-master.conf

[bash]
# inet_listener imap {
# #port = 143
# }
# inet_listener imaps {
# #port = 993
# #ssl = yes
# }
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}

# # Postfix smtp-auth
# unix_listener /var/spool/postfix/private/auth {
# mode = 0666
# }
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
[/bash]

コメント

タイトルとURLをコピーしました