Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
dovecot + vpopmail (migration from courier-authlib)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
jiri.tyr
n00b
n00b


Joined: 08 Feb 2005
Posts: 26
Location: Czech Republic

PostPosted: Sat Sep 06, 2008 5:18 pm    Post subject: dovecot + vpopmail (migration from courier-authlib) Reply with quote

Because the courier-authlib > 0.60.3 does not contain authentication method for vpopmail (authvchkpw) and because all courier-authlib < 0.60.6 are vulnerable (http://www.gentoo.org/security/en/glsa/glsa-200809-05.xml) I decidet to move to dovecot. Here is the description how to do that for IMAPS without MySQL support:

Add vpopmail USE flag:
Code:
echo "net-mail/dovecot vpopmail -mysql" > /etc/portage/package.use


Install dovecot:
Code:
emerge -av dovecot


Edit your config file /etc/dovecot/dovecot.conf:
Code:
grep -vE "(#|^$)" /etc/dovecot/dovecot.conf
protocols = imaps
listen = [::]
disable_plaintext_auth = no
ssl_cert_file = /etc/ssl/dovecot/server.pem
ssl_key_file = /etc/ssl/dovecot/server.key
mail_location = maildir:/var/vpopmail/domains/%d/%n/.maildir
first_valid_uid = 89
protocol imap {
}

auth_verbose = yes
auth_debug = yes
auth default {
  mechanisms = plain
  passdb vpopmail {
  }
  userdb vpopmail {
  }
}


You can check your current configuration:
Code:
dovecot -n
# 1.1.1: /etc/dovecot/dovecot.conf
protocols: imaps
listen: [::]
ssl_cert_file: /etc/ssl/dovecot/server.pem
ssl_key_file: /etc/ssl/dovecot/server.key
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/imap-login
first_valid_uid: 89
mail_location: maildir:/var/vpopmail/domains/%d/%n/.maildir
auth default:
  verbose: yes
  debug: yes
  passdb:
    driver: vpopmail
  userdb:
    driver: vpopmail


If you have a problem with certificates generate new (for 10 years):
Code:
cd /etc/ssl/dovecot
openssl req -new -days 3650 -x509 -nodes -out server.pem -keyout server.key


If you want to debug any other problems, you can use these options in the config file:
Code:
verbose_ssl = yes
mail_debug = yes
auth_verbose = yes
auth_debug = yes


Last edited by jiri.tyr on Mon Oct 13, 2008 2:46 pm; edited 1 time in total
Back to top
View user's profile Send private message
tstrand
n00b
n00b


Joined: 10 Mar 2007
Posts: 5
Location: Sweden

PostPosted: Mon Sep 08, 2008 10:41 am    Post subject: Reply with quote

I thought I would share my first experience with migrating to dovecot from courier-imap. First problem was that no user added folders was showing up in imap list. Found this useful site that helped http://wiki.dovecot.org/Migration/Courier

Basically what helped was adding this in dovecot.conf

namespace private {
prefix = INBOX.
inbox = yes
}

Second really annoying problem was that dovecot simply died randomly with the error message: "Time moved backwards, I'm going to kill myself" Apparently running NTPD on the host most of the time fixes this problem. But it didn't work for us because we running an virtual server in VMWARE ESX cluster and the system clock is trying to sync with the ESX host. The ESX host has NTPD running an clocks are synced.
Most likely the problem we are experiencing is described here: http://lkml.org/lkml/2007/8/23/96

So what we ended up doing for a quickfix was patching /src/lib/ioloop.c with the changes posted here: http://www.dovecot.org/list/dovecot/2008-June/031548.html

*** EDIT ***
Solution to this problem if you are running in an VMware ESX enviroment is to add "notsc" to the kernel line in menu.lst
That resolves this issue for dovecot.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum