mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
256 lines
7.1 KiB
Plaintext
256 lines
7.1 KiB
Plaintext
#
|
|
# Dovecot configuration for Postfix Admin
|
|
# Originally written by: Massimo <AndyCapp> Danieli
|
|
# Revised by: Sampsa Hario <shario> for Dovecot v1.0
|
|
# Revised by: David Goodwin <david@palepurple.co.uk> for Dovecot 2.1.x (2014/01/02)
|
|
#
|
|
|
|
More complete Dovecot documentation:
|
|
|
|
http://wiki.dovecot.org/Quota
|
|
http://wiki.dovecot.org/Quota/Dict
|
|
http://www.opensourcehowto.org/how-to/mysql/mysql-users-postfixadmin-postfix-dovecot--squirrelmail-with-userprefs-stored-in-mysql.html
|
|
|
|
|
|
Here are the relevant parts of Dovecot v2.1.x configuration for Postfixadmin setup.
|
|
|
|
Please refer to Dovecot documentation for complete information.
|
|
|
|
The setup gets userdb and passdb info from MySQL as well as quotas, and
|
|
uses dict backend to store used quotas as key=value pairs so that they can
|
|
be viewed real-time in Postfixadmin.
|
|
|
|
|
|
1. Dovecot setup
|
|
-----------------
|
|
|
|
A basic /etc/dovecot/dovecot.conf is as follows, this was generated using 'dovecot -n' on a vanilla install and then
|
|
changing to talk to a PostgreSQL or MySQL database.
|
|
|
|
# BEGIN /etc/dovecot/dovecot.conf:
|
|
# Change this to where your mail root is, this needs to match whatever structure postfix expects....
|
|
# See also: https://wiki.dovecot.org/MailLocation - %d domain, %u full username, %n user part (%u with no domain)
|
|
mail_location = maildir:/var/mail/vmail/%u/
|
|
|
|
namespace inbox {
|
|
inbox = yes
|
|
location =
|
|
mailbox Drafts {
|
|
special_use = \Drafts
|
|
}
|
|
mailbox Junk {
|
|
special_use = \Junk
|
|
}
|
|
mailbox Sent {
|
|
special_use = \Sent
|
|
}
|
|
mailbox "Sent Messages" {
|
|
special_use = \Sent
|
|
}
|
|
mailbox Trash {
|
|
special_use = \Trash
|
|
}
|
|
prefix =
|
|
}
|
|
|
|
protocols = "imap pop3"
|
|
# change to 'no' if you don't have ssl cert/keys, and comment out ssl_cert/ssl_key
|
|
ssl = yes
|
|
|
|
ssl_cert = </etc/dovecot/private/dovecot.pem
|
|
ssl_key = </etc/dovecot/private/dovecot.pem
|
|
|
|
# login is for outlook express smtpd auth
|
|
auth_mechanisms = plain login
|
|
|
|
# If you're having trouble, try uncommenting these:
|
|
#auth_debug = yes
|
|
#auth_debug_passwords = yes
|
|
|
|
userdb {
|
|
driver = sql
|
|
args = /etc/dovecot/dovecot-sql.conf
|
|
}
|
|
|
|
passdb {
|
|
driver = sql
|
|
args = /etc/dovecot/dovecot-sql.conf
|
|
}
|
|
|
|
# Uncomment this if you want Postfix to be able to do smtpd auth through dovecot
|
|
# At a minimum Postfix probably needs smtpd_sasl_type = dovecot
|
|
# And additionally: smtpd_sasl_path = private/auth
|
|
#service auth {
|
|
# unix_listener /var/spool/postfix/private/auth {
|
|
# mode = 0660
|
|
# user = postfix
|
|
# group = postfix
|
|
# }
|
|
#}
|
|
|
|
# Needs to match Postfix virtual_uid_maps
|
|
first_valid_uid = 1001
|
|
|
|
# allow plaintext auth (change to 'yes' to block plaintext passwords)
|
|
disable_plaintext_auth = no
|
|
|
|
#END
|
|
|
|
|
|
2. Dovecot *sql setup
|
|
----------------------
|
|
|
|
Below you'll find the relevant part of dovecot-sql.conf file regarding our
|
|
setup.
|
|
|
|
Things you will probably need to change are db connection settings (connect=)
|
|
and the default_pass_scheme.
|
|
|
|
#BEGIN /etc/dovecot/dovecot-sql.conf
|
|
|
|
connect = host=localhost dbname=postfix user=postfix password=postfix
|
|
# Use either
|
|
driver = mysql
|
|
# Or
|
|
# driver = pgsql
|
|
|
|
# Default password scheme - change to match your Postfixadmin setting.
|
|
# depends on your $CONF['encrypt'] setting:
|
|
# md5crypt -> MD5-CRYPT
|
|
# md5 -> PLAIN-MD5
|
|
# cleartext -> PLAIN
|
|
default_pass_scheme = MD5-CRYPT
|
|
|
|
# Query to retrieve password. user can be used to retrieve username in other
|
|
# formats also.
|
|
|
|
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
|
|
|
|
# Query to retrieve user information, note uid matches dovecot.conf AND Postfix virtual_uid_maps parameter.
|
|
# MYSQL:
|
|
user_query = SELECT CONCAT('/var/mail/vmail/', maildir) AS home, 1001 AS uid, 1001 AS gid, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active='1'
|
|
# PostgreSQL:
|
|
# user_query = SELECT '/var/mail/vmail/' || maildir AS home, 1001 AS uid, 1001 AS gid,
|
|
# '*:bytes=' || quota AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
|
|
|
|
# see: https://doc.dovecot.org/configuration_manual/authentication/sql/#id6
|
|
iterate_query = SELECT username as user FROM mailbox WHERE active = '1'
|
|
|
|
#END /etc/dovecot/dovecot-sql.conf
|
|
|
|
|
|
|
|
3. Permissions
|
|
--------------
|
|
|
|
Applicable to those older versions of Postfixadmin (before v 3.4) (see also https://github.com/postfixadmin/postfixadmin/pull/491)
|
|
|
|
With Dovecot 2.3.11 (ish?), if you are using the Postfixadmin dovecot password hashing backend - so your Postfixadmin configuration looks like
|
|
|
|
`$CONF['encrypt'] = 'dovecot:something';`
|
|
|
|
then the system user account running the PostfixAdmin code (normally the webserver user
|
|
account, like www-data or http or nobody) will need ...
|
|
|
|
* read access to any SSL certificate files defined in /etc/dovecot/dovecot.conf
|
|
(check: ssl_key, ssl_cert)
|
|
|
|
* read/write access to /run/dovecot/stats-writer
|
|
* Fixable with: `usermod -aG dovecot www-data``
|
|
|
|
Please note, Postfixadmin does not need to run on the same server as the Dovecot server.
|
|
|
|
See also the following tickets which contain discussions and solutions :
|
|
|
|
* https://github.com/postfixadmin/postfixadmin/issues/381 (Unable to login after Dovecot upgrade)
|
|
* https://github.com/postfixadmin/postfixadmin/issues/398 (Dovecotpw needs to read my TLS cert and private key)
|
|
|
|
|
|
4. Dovecot v1.0 quota support (optional)
|
|
----------------------------------------
|
|
|
|
Please note that you need to use Dovecot's own local delivery agent to
|
|
enforce and update quotas. Then you can view real-time used quotas in
|
|
Postfixadmin.
|
|
|
|
Add to dovecot.conf:
|
|
|
|
## IMAP quota
|
|
protocol imap {
|
|
mail_plugins = quota
|
|
}
|
|
|
|
## POP quota
|
|
protocol pop3 {
|
|
mail_plugins = quota
|
|
}
|
|
|
|
## Local Delivery Agent
|
|
protocol lda {
|
|
mail_plugins = quota
|
|
}
|
|
|
|
## Dictionary DB proxy
|
|
dict {
|
|
quota = mysql:/etc/dovecot-dict-quota.conf
|
|
}
|
|
|
|
## Default quota values
|
|
plugin {
|
|
quota = dict:storage=200000 proxy::quota
|
|
}
|
|
|
|
|
|
Change dovecot-sql.conf to return quota values:
|
|
|
|
for MySQL:
|
|
user_query = SELECT maildir, 1001 AS uid, 1001 AS gid, CONCAT('dict:storage=',floor(quota/1000),' ::proxy::quota') as quota FROM mailbox WHERE username = '%u' AND active='1'
|
|
|
|
for PostgreSQL:
|
|
user_query = SELECT maildir, 1001 AS uid, 1001 AS gid, 'dict:storage=' || floor(quota/1000) || '::proxy::quota' as quota FROM mailbox WHERE username = '%u' AND active='1'
|
|
|
|
|
|
Create file dovecot-dict-quota.conf.
|
|
|
|
For dovecot 1.0 & 1.1, use this as a template:
|
|
|
|
driver = mysql
|
|
connect = host=localhost dbname=postfix user=postfix password=postfix
|
|
default_pass_scheme = MD5-CRYPT
|
|
table = quota
|
|
select_field = current
|
|
where_field = path
|
|
username_field = username
|
|
|
|
If you use dovecot 1.2 or newer, use this:
|
|
|
|
connect = host=localhost dbname=postfix user=postfix password=postfix
|
|
map {
|
|
pattern = priv/quota/storage
|
|
table = quota2
|
|
username_field = username
|
|
value_field = bytes
|
|
}
|
|
map {
|
|
pattern = priv/quota/messages
|
|
table = quota2
|
|
username_field = username
|
|
value_field = messages
|
|
}
|
|
|
|
|
|
Create database in Mysql:
|
|
(This is automatically done by postfixadmin's setup.php)
|
|
|
|
Enable quota support in Postfixadmin config.inc.php:
|
|
|
|
$CONF['used_quotas'] = 'YES';
|
|
$CONF['quota'] = 'YES';
|
|
|
|
Note: The above text describes the configuration for dovecot 1.0 & 1.1 quota table format.
|
|
|
|
If you use dovecot 1.2 or newer,
|
|
- use the 'quota2' table (also created by setup.php)
|
|
- set $CONF['new_quota_table'] = 'YES'
|
|
|