CSUF LogoCSUF Site Navigation
optics.csufresno.edu

F12 E-Mail & Spam Dovecot

Department of Electrical and Computer Engineering
Associate Professor Gregory R. Kriehn
Forums
Wiki
F12 Dovecot

Dovecot acts as a secure IMAP and/or POP3 server for Linux. I find it useful to run on my server so that I can pull e-mail from it onto my laptop using the POP3 protocol whenever I am away from the university. The nice things about dovecot is that the setup is very simple. Documentation for dovecot can be found at:

http://www.dovecot.org/

If you want to use SSL encryption when using POP3, you will have to pay for an SSL certificate, which is something that I am not willing to do. However, I am not willing to send in a password to my server using plain text authentication either, so I have chosen to use DIGEST-MD5 authentication instead. To look at the available authentication mechanisms for dovecot, see:

http://wiki.dovecot.org/Authentication/Mechanisms

Before configuring dovecot, be sure that you have poked a hole in Port 110 to allow for POP3 connections. See my Firewall page for details. Next, edit the /etc/dovecot.conf file using sudo.

The nice thing about the configuration file is that all of the commented out sections are the default settings for the program. Therefore, we only need to tweek a few things to get it setup properly. To begin, scroll down to the protocol pop3 section. Add the following:
protocols = pop3
protocol pop3 {
   listen = *:110
}
This will ensure that dovecot uses Port 110 for POP3 connections. Next, find the log_path option and add:
log_path = /var/log/dovecot/dovecot.log
We will create the appropriate directory once we are done making changes to the file. Next, search for the mail_location option. Since all of my mail is dumped to /var/mail/[user] on the server via fetchmail (see my fetchmail page), I want to add the following:
mail_location = mbox:~/mail:INBOX=/var/mail/%u
After that, search for the auth default option. Look for the mechanisms line and change it to:
mechanisms = digest-md5
Scroll down a bit to the passdb passwd-file section and add:
passdb passwd-file {
   args = /etc/dovecot.password
}
Since we are going to use digest-md5 encryption, we no longer need to authenticate a connection using PAM. As a result, comment out the passdb pam line:
# passdb pam {
Finally, scroll down slowly and look for the '}' character. Comment it out as well:
}
Save and exit.

Since the log file is going to be stored in /var/log/dovecot, create the directory:
~> sudo mkdir /var/log/dovecot
While we are at it, we may as well setup log rotation for the file as well. Create a /etc/logrotate.d/dovecot file using sudo and add the following:
/var/log/dovecot/dovecot.log {
        notifempty
        weekly
        missingok
        rotate 4
}
Save and exit.

Next, we need to setup a digest-md5 password. This can be done using the dovecotpw command:
~> dovecotpw -s DIGEST-MD5 -u [user]
Type in new password, and you will see a line similar to:
{DIGEST-MD5}0b3f5913123468e3987c5b22bd364954
(Please note that I have used a dummy password here.) Next create a new /etc/dovecot.password file using sudo and copy your password into the file:
[user]:{DIGEST-MD5}0b3f5913123468e3987c5b22bd364954
Substitute your username for [user]. Save and exit, and change the permissions of the file:
~> sudo chmod go-r /etc/dovecot.password
Finally restart the dovecot daemon:
~> sudo service dovecot restart
You should see dovecot successfully stop and restart:
Stopping Dovecot Imap:                                     [  OK  ]
Starting Dovecot Imap:                                     [  OK  ]
Next, on a remote computer, pull up your E-mail client, such as evolution. Click on Edit -> Preferences, select the Account name you are using, and click Edit. Click on Receiving Email, and choose POP under from the pull down menu. Type in your Server name and Username, and make sure that No encryption is selected from the drop down menu for Security. Then select DIGEST-MD5 under Authentication Type and click OK, followed by Close. You should now be able to establish a POP connection back to the server, and pull down your E-Mail.