Initial commit

etc/dovecot/dovecot-dict-sql.conf.ext

@@ -0,0 +1,12 @@
+connect = host=localhost dbname=postfix user=postfix password=YOUR_PASSWORD
+
+map {
+  pattern = shared/last-login/$user
+  table = mailbox
+  value_field = last_login
+  value_type = uint
+
+  fields {
+    username = $user
+  }
+}

etc/dovecot/dovecot-sql.conf.ext

@@ -0,0 +1,10 @@
+connect = host=localhost dbname=postfix user=postfix_readonly password=YOUR_PASSWORD
+driver = mysql
+
+# Query to retrieve password. user can be used to retrieve username in other formats also.
+password_query = SELECT username AS user, CONCAT(password_hash_type, password) AS password, CONCAT(domain, '/', local_part, '/') AS maildir, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) AS userdb_quota_rule FROM mailbox WHERE username = CONCAT('%n', '@', COALESCE((SELECT target_domain FROM alias_domain WHERE alias_domain = '%d' AND active='1'), '%d')) AND active='1'
+
+# Query to retrieve user information, note uid matches dovecot.conf AND Postfix virtual_uid_maps parameter.
+user_query = SELECT CONCAT(domain, '/', local_part, '/') AS maildir, 5000 AS uid, 5000 AS gid, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = CONCAT('%n', '@', COALESCE((SELECT target_domain FROM alias_domain WHERE alias_domain = '%d' AND active='1'), '%d')) AND active='1'
+
+iterate_query = SELECT username AS user FROM mailbox

etc/dovecot/dovecot.conf

@@ -0,0 +1,180 @@
+#general settings
+listen = *, ::
+login_greeting = Server ready.
+mmap_disable = yes
+mail_fsync = always
+mail_nfs_index = yes
+mail_nfs_storage = yes
+info_log_path = /dev/null
+auth_verbose = no
+auth_verbose_passwords = no
+auth_debug = no
+auth_debug_passwords = no
+mail_debug = no
+verbose_ssl = no
+mail_location = maildir:/var/mail/vmail/%d/%n
+mail_plugins = $mail_plugins mail_crypt zlib
+mailbox_list_index = yes
+
+#plugin setup
+plugin {
+  mail_crypt_save_version = 2
+  mail_crypt_global_private_key = </etc/dovecot/ecprivkey.pem
+  mail_crypt_global_public_key = </etc/dovecot/ecpubkey.pem
+  zlib_save = gz
+  zlib_save_level = 6
+  quota_grace = 10%%
+  quota_status_success = DUNNO
+  quota_status_nouser = DUNNO
+  quota_status_overquota = "552 5.2.2 Mailbox is full"
+  quota = count:User quota
+  quota_rule = *:bytes=50M
+  quota_vsizes = yes
+  last_login_dict = proxy::lastlogin
+  last_login_key = last-login/%u
+}
+
+#auth settings
+disable_plaintext_auth = yes
+auth_cache_size = 1M
+auth_cache_ttl = 5mins
+auth_cache_negative_ttl = 5mins
+auth_default_realm = danwin1210.de
+auth_username_chars = 
+auth_mechanisms = plain login
+
+#TLS parameters
+ssl = required
+ssl_cert = </etc/acme.sh/danwin1210.de_ecc/fullchain.cer
+ssl_key = </etc/acme.sh/danwin1210.de_ecc/danwin1210.de.key
+ssl_client_ca_dir = /etc/ssl/certs
+ssl_dh = </etc/dovecot/dh.pem
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = HIGH:!PSK:!aNULL:!MD5:!SHA:!CAMELLIA:!AES+SHA256:!AES+SHA384;
+ssl_curve_list = X448:X25519:secp521r1:secp384r1
+ssl_prefer_server_ciphers = yes
+
+#protocol setup
+protocols = "imap pop3 lmtp"
+protocol lmtp {
+	postmaster_address = postmaster@danwin1210.de
+}
+protocol imap {
+  mail_plugins = $mail_plugins quota imap_quota imap_zlib last_login
+}
+protocol pop3 {
+  mail_plugins = $mail_plugins last_login
+}
+
+#service setup
+service anvil {
+  unix_listener anvil-auth-penalty {
+    #disable since we don't have IP info
+    mode = 0
+  }
+}
+service auth {
+  unix_listener auth-userdb {
+    mode = 0666
+    user = postfix
+    group = postfix
+  }
+  unix_listener /var/spool/postfix/private/auth {
+    mode = 0666
+    user = postfix
+    group = postfix
+  }
+
+  inet_listener {
+    port = 12345
+  }
+
+  user = dovecot
+  group = dovecot
+  client_limit=2448
+}
+service auth-worker {
+  unix_listener auth-worker {
+    mode = 0666
+    user = dovecot
+    group = dovecot
+  }
+}
+service imap {
+  service_count = 1000
+  client_limit = 1
+}
+service imap-login {
+  inet_listener imap {
+    port = 143
+  }
+  service_count = 1000
+  vsz_limit = 1G
+  process_min_avail = 4
+}
+service lmtp {
+  unix_listener /var/spool/postfix/private/dovecot-lmtp {
+    mode = 0660
+    user = postfix
+    group = postfix
+  }
+  user = vmail
+  group = vmail
+}
+service pop3 {
+  service_count = 1000
+  client_limit = 1
+}
+service pop3-login {
+  inet_listener pop3 {
+    port = 110
+  }
+  service_count = 1000
+  vsz_limit = 1G
+}
+service quota-status {
+  executable = quota-status -p postfix
+  inet_listener quota-status {
+    port = 12340
+  }
+  client_limit = 1
+}
+
+#SQL queries
+passdb {
+  driver = sql
+  args = /etc/dovecot/dovecot-sql.conf.ext
+}
+userdb {
+  driver = prefetch
+}
+userdb {
+  driver = sql
+  args = /etc/dovecot/dovecot-sql.conf.ext
+}
+dict {
+  lastlogin = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
+  user = dovecot
+  group = dovecot
+}
+
+#namespace configuration
+namespace inbox {
+  inbox = yes
+  mailbox Drafts {
+    special_use = \Drafts
+  }
+  mailbox Junk {
+    special_use = \Junk
+  }
+  mailbox Trash {
+    special_use = \Trash
+  }
+
+  mailbox Sent {
+    special_use = \Sent
+  }
+  mailbox "Sent Messages" {
+    special_use = \Sent
+  }
+}