<-OpenSUSE-small-server

Dovecot

Dovecot is necessary to make the mail available from the outside of the server. It's an imap and pop3 server.

It is pretty hard to configure, and the doc in it's wiki is hard to find. But once the doc find, you have all the debugging tools available.

The main configuration is in /etc/dovecot/dovecot.conf and, of course, dovecot have to be initiated in the services run levels and is after that available as rcdovecot.

The base directory is /var/run/dovecot

See http://wiki.dovecot.org/MailServerOverview, http://wiki.dovecot.org/HowTo/SimpleVirtualInstall and http://wiki.dovecot.org/TestInstallation.

Notez qu'on sort d'une session IMAP/Telnet en tapant ". logout" (point, espace, logout).

For imap (the only choice I chose), you need to open the port 143 on the firewall. 110 for pop3 (you can type imap or pop3 in the YaST form field).

After installing on openSUSE, the user dovecot:dovecot already exists. Change in dovecot.conf the necessary protocols (pop3, pop3s, imap, imaps). begin with non crypted system, then try using ssh/ssl.

I used ~/Maildir as mail location.

Make Dovecot Secure

This mean use TLS configuration from http://wiki.dovecot.org/SSL.

In Thunderbird I had to configure "pop3" (not pop3s), tls and no secured authentification. It's pop3 also in Dovecot.

This certificate creation have to be done each year (365 days) - done in August 13, 2009.

On my openSUSE 11.1, no automatic key was created, I had to do so manually, finding the script and the config file in /usr/share/doc/package/dovecot.

"Especially important field is the CN (Common Name) field, which should contain your server's host name"

There no use to import a key in the mail client, thunderbird (at least) imports it itself and ask if it's the good one. You can probably say "permanently" is you don't fear a man in the middle attack on your first connection.

For this to work, don't forget to open the firewall pop3s and/or imaps protocols (in YaST you can enter the protocol name, including in the advanced fields), add the relavant protocol also on the dovecot.config file and add also the location of the two key files (uncomment the path).

I had also to change the auth default from "PLAIN" to "login" (not sure it was necessary) and "ssl_disable = no". That last one may be the only relevant change in dovecot.conf.

auth default {
mechanisms = login