ISPmail (5): Cài đặt Dovecot

Dovecot có nhiệm vụ:

  • lấy email từ Postfix và cất giữ trên đĩa
  • chạy các bộ lọc sieve của người dùng
  • cho phép người dùng lấy email qua POP3 hay IMAP

Setting up Dovecot

Vì bảo mật, chúng ta cần tạo một mới system user để làm chủ mọi mailbox. (user vmail thuộc nhóm vmail)

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /var/vmail -m
chown -R vmail:vmail /var/vmail

Chúng ta sẽ dùng ${hostname}${svr_pwd} nên phải chắc các biến này đang có hiệu lực.

Các file cấu hình của Dovecot thường nằm ở /etc/dovecot/conf.d/

## 10-auth.conf ##
sed 's/#?\(auth_mechanisms \)/\1= plain login/
s/^\(!include auth-system.conf.ext\)/#\1/
s/#?\(!include auth-sql.conf.ext\)/\1/
s/^\(!include auth-ldap.conf.ext\)/#\1/
s/^\(!include auth-passwdfile.conf.ext\)/#\1/
s/^\(!include auth-checkpassword.conf.ext\)/#\1/
s/^\(!include auth-vpopmail.conf.ext\)/#\1/
s/^\(!include auth-static.conf.ext\)/#\1/' -i /etc/dovecot/conf.d/10-auth.conf

## auth-sql.conf.ext ##
sed '/^userdb {/ {
:x;N;/.*\n}$/!bx
s/\(userdb {\n\).*\(\n}\)/\1   driver = sql\n   args = \/etc\/dovecot\/dovecot-sql.conf.ext\2/}' -i /etc/dovecot/conf.d/auth-sql.conf.ext

## 10-mail.conf ##
sed 's|^\(mail_location =\).*$|\1 maildir:~/Maildir|
s/^#\(mail_plugins =\).*$/\1 quota/' -i /etc/dovecot/conf.d/10-mail.conf

# 10-master-.conf ##
sed 's|^\(service auth {\)|\1\n  # Postfix smtp-auth\n  unix_listener /var/spool/postfix/private/auth {\n    mode = 0660\n    user = postfix\n    group = postfix\n  }\n|' -i /etc/dovecot/conf.d/10-master.conf

## 10-ssl.conf ##
sed 's|^\(ssl_cert =\).*$|\1 </etc/letsencrypt/live/${hostname}/fullchain.pem|
s|^\(ssl_key =\).*$|\1 </etc/letsencrypt/live/${hostname}/privkey.pem\nssl = required|' -i /etc/dovecot/conf.d/10-ssl.conf

## /etc/dovecot/dovecot-sql.conf.ext ##
cat >> /etc/dovecot/dovecot-sql.conf.ext <<EOT
driver = mysql
connect = host=127.0.0.1 dbname=mailserver
user=mailserver
password=${svr_pwd}
user_query = SELECT email as user, \
  concat('*:bytes=', quota) AS quota_rule, \
  '/var/vmail/%d/%n' AS home, \
  5000 AS uid, 5000 AS gid \
  FROM virtual_users WHERE email='%u'
password_query = SELECT password FROM virtual_users WHERE email='%u'
iterate_query = SELECT email AS user FROM virtual_users
EOT

chown root:root /etc/dovecot/dovecot-sql.conf.ext
chmod go= /etc/dovecot/dovecot-sql.conf.ext

## Khởi động lại Dovecot ##
systemctl restart dovecot

Script

#!/bin/bash
# Tên script: 04.dovecot.sh
# Cấu hình Dovecot
# © 2020 LNT <lnt@ly-le.info>
# version 20200801
#
echo 'Cấu hình Dovecot...'
HOSTNAME=$(hostname)
DOMAIN=${HOSTNAME#*.}
SEL_PWD=$(sed -n '/mailselect/{n;s/\s*password: \(.*\)/\1/;p;q}' ~/${DOMAIN}.txt)

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /var/vmail -m
chown -R vmail:vmail /var/vmail
echo ## 10-auth.conf ##
sed 's/.*\(auth_mechanisms =\).*/\1 plain login/
s/.*\(!include auth-system.conf.ext\)/#\1/
s/.*\(!include auth-sql.conf.ext\)/\1/
s/.*\(!include auth-ldap.conf.ext\)/#\1/
s/.*\(!include auth-passwdfile.conf.ext\)/#\1/
s/.*\(!include auth-checkpassword.conf.ext\)/#\1/
s/.*\(!include auth-vpopmail.conf.ext\)/#\1/
s/.*\(!include auth-static.conf.ext\)/#\1/
' -i /etc/dovecot/conf.d/10-auth.conf
echo '## auth-sql.conf.ext ##'
sed '/^userdb {/ {
:x;N;/.*}$/!bx
s/\(userdb {\n\).*\(\n}\)/\1   driver = sql\n   args = \/etc\/dovecot\/dovecot-sql.conf.ext\2/}' -i /etc/dovecot/conf.d/auth-sql.conf.ext
sed 's|^\(mail_location =\).*$|\1 maildir:~/Maildir|
/namespace inbox/{:loop;/separator =/!{n; b loop};s/.*/  separator = ./}
s/^#\(mail_plugins =\).*$/\1 quota/' -i /etc/dovecot/conf.d/10-mail.conf
grep -q 'Postfix smtp\-auth' /etc/dovecot/conf.d/10-master.conf || sed 's|^\(service auth {\)|\1\n  
# Postfix smtp-auth\n  unix_listener /var/spool/postfix/private/auth {\n    mode = 0660\n    user = postfix\n    group = postfix\n  }\n|' 
-i /etc/dovecot/conf.d/10-master.conf
sed "s|^\(ssl_cert =\).*$|\1 </etc/letsencrypt/live/${HOSTNAME}/fullchain.pem|
s|^\(ssl_key =\).*$|\1 </etc/letsencrypt/live/${HOSTNAME}/privkey.pem\nssl = required|" -i /etc/dovecot/conf.d/10-ssl.conf
###
grep -q '^user_query' /etc/dovecot/dovecot-sql.conf.ext || cat >> /etc/dovecot/dovecot-sql.conf.ext <<EOF
driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=mailselect password=${SEL_PWD}
user_query = SELECT email as user, concat('*:bytes=', quota) AS quota_rule,'/var/vmail/%d/%n' AS home, 5000 AS uid, 5000 AS gid FROM virtual_users WHERE email='%u'
password_query = SELECT password FROM virtual_users WHERE email='%u'
iterate_query = SELECT email AS user FROM virtual_users
EOF
chown root:root /etc/dovecot/dovecot-sql.conf.ext
chmod go= /etc/dovecot/dovecot-sql.conf.ext
##log
grep -q '^log_path' /etc/dovecot/dovecot.conf || cat >> /etc/dovecot/dovecot.conf <<EOF
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
debug_log_path = /var/log/dovecot-debug.log
EOF
echo 'Restart Dovecot ...'
systemctl restart dovecot

Comments Off on ISPmail (5): Cài đặt Dovecot

Filed under Software

Comments are closed.