6.配置dovecot
编辑/etc/dovecot/conf.d/auth-sql.conf.ext,如果没有此文件可以从/usr/share/doc/dovecot-core/dovecot/example-config/conf.d/auth-sql.conf.ext复制一个过来 ,编辑后的内容如下:
文件:/etc/dovecot$ sudo vi dovecot-sql.conf.ext 上面的路径不对。。
[plain] view plaincopy
29行
# Database driver: mysql, pgsql, sqlite
driver = mysql
[plain] view plaincopy
66行
# Examples:
# connect = host=192.168.1.1 dbname=users
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#
connect = host=localhost dbname=mail user=mail password=mailpassword
[plain] view plaincopy
73行
# Default password scheme.
#
# List of supported schemes is in
# http://wiki2.dovecot.org/Authentication/PasswordSchemes
#
default_pass_scheme = MD5-CRYPT
pop3,imap登录时验证
[plain] view plaincopy
103行
# Define the query to obtain a user password.
password_query = \
SELECT username as user, password, ‘/var/vmail/%d/%n’ as userdb_home, \
‘maildir:/var/vmail/%d/%n’ as userdb_mail, 150 as userdb_uid, 8 as userdb_gid \
FROM mailbox WHERE username = ‘%u’ AND active = ‘1’
[plain] view plaincopy
134行
# Define the query to obtain user information.
user_query = \
SELECT ‘/var/vmail/%d/%n’ as home, ‘maildir:/var/vmail/%d/%n’ as mail, \
150 AS uid, 8 AS gid, concat(‘dirsize:storage=’, quota) AS quota \
FROM mailbox WHERE username = ‘%u’ AND active = ‘1’
下一步编辑/etc/dovecot/conf.d/10-auth.conf 文件如下
[plain] view plaincopy
9行
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you’re connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
disable_plaintext_auth = yes
[plain] view plaincopy
99行
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
# gss-spnego
# NOTE: See also disable_plaintext_auth setting.
auth_mechanisms = plain login
[plain] view plaincopy
122行
此处修改不知道是否正确。。。。是否应该加载dovecot-sql.conf.ext这个文件还是加载默认的auth-sql.conf.ext这个文件?
##
## Password and user databases
##
#
# Password database is used to verify user’s password (and nothing more).
# You can have multiple passdbs and userdbs. This is useful if you want to
# allow both system users (/etc/passwd) and virtual users to login without
# duplicating the system users into virtual database.
#
#
#
# User database specifies where mails are located and what user/group IDs
# own them. For single-UID configuration use “static” userdb.
#
#
#!include auth-deny.conf.ext
#!include auth-master.conf.ext
#!include auth-system.conf.ext
# Use the SQL database configuration rather than any of these others.
!include auth-sql.conf.ext
#!include auth-ldap.conf.ext
#!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext
接下来,配置dovecot的虚拟邮箱用户目录,编辑/etc/dovecot/conf.d/10-mail.conf改变如下:
[plain] view plaincopy
30行 原来配置已经人工注释。
# Location for users’ mailboxes. The default is empty, which means that Dovecot
# tries to find the mailboxes automatically. This won’t work if the user
# doesn’t yet have any mail, so you should explicitly tell Dovecot the full
# location.
#
# If you’re using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
# isn’t enough. You’ll also need to tell Dovecot where the other mailboxes are
# kept. This is called the “root mail directory”, and it must be the first
# path given in the mail_location setting.
#
# There are a few special variables you can use, eg.:
#
# %u – username
# %n – user part in user@domain, same as %u if there’s no domain
# %d – domain part in user@domain, empty if there’s no domain
# %h – home directory
#
# See doc/wiki/Variables.txt for full list. Some examples:
#
# mail_location = maildir:~/Maildir
# mail_location = mbox:~/mail:INBOX=/var/mail/%u
# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
#
# <doc/wiki/MailLocation.txt>
#
mail_location = maildir:/var/vmail/%d/%n
[plain] view plaincopy
107行
# System user and group used to access mails. If you use multiple, userdb
# can override these by returning uid or gid fields. You can use either numbers
# or names. <doc/wiki/UserIds.txt>
mail_uid = vmail
mail_gid = mail
[plain] view plaincopy
172行
# Valid UID range for users, defaults to 500 and above. This is mostly
# to make sure that users can’t log in as daemons or other system users.
# Note that denying root logins is hardcoded to dovecot binary and can’t
# be done even if first_valid_uid is set to 0.
#
# Use the vmail user uid here.
first_valid_uid = 150
last_valid_uid = 150
编辑/etc/dovecot/conf.d/10-master.conf
[plain] view plaincopy
service auth {
# auth_socket_path points to this userdb socket by default. It’s typically
# used by dovecot-lda, doveadm, possibly imap process, etc. Its default
# permissions make it readable only by root, but you may need to relax these
# permissions. Users that have access to this socket are able to get a list
# of all usernames and get results of everyone’s userdb lookups.
unix_listener auth-userdb {
mode = 0600 //90行
user = vmail
group = mail
}
unix_listener /var/spool/postfix/private/auth { //96行 去掉注释
mode = 0660
# Assuming the default Postfix user and group
user = postfix // 与group 手动新增
group = postfix
}
改变dovecot的权限,确保vmail用户能正常访问:
[plain] view plaincopy
chown -R vmail:dovecot /etc/dovecot
chmod -R o-rwx /etc/dovecot
评论区