Dovecot basics
Written by Kirill Filatov, on 27 January 2025.
Tags:
#dovecot
#mail
Dovecot basics
I found exhausting to configure dovecot. So this text is a try to give very basic config you can boldly start with.
First of all you should understand what dovecot exactly does.
Dovecot implements imap, pop and lmtp. That’s all (I consionsly miss sieve here for this is quite different topic).
So dovecot needs to authentificate users (passdb driver) and give access to each user mail dirs (userdb driver). That’s generaly all settings you should have except general settings such as tls or helping settings such as logging. Let’s take a look at basic Dovecot config structure. You can find whole file here.
Config
I prefer to have all config in one file rather than jumping over conf.d. So I usualy disable conf.d include and use local.conf in main dovecot.conf file like this:
#!include conf.d/*.conf
!include_try local.conf
# SSL section
ssl_cert = </path/to/crt \# mind the < sign
ssl_key = </path/to/key
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
# Protocols section
protocols = lmtp imap
protocol imap {
mail_plugins = $mail_plugins imap_sieve
mail_max_userip_connections = 25
}
# Services section
service lmtp {
unix_listener lmtp {
}
}
service imap-login {
inet_listener imaps {
port = 993
}
}
# Passdb, Userdb sections
passdb {
driver = passwd # use passwd-file for separate file in /etc/passwd format
# driver = bsdauth # bsd analogue for passwd
# args = scheme=SHA512-CRYPT username_format=%u /etc/dovecot/users
}
userdb {
driver = passwd
override_fields = home=/var/mail/%u/
# args = username_format=%u /etc/dovecot/users
}
# Maildir section
mail_location = maildir:~/Maildir
Logging
By default dovecot writes logs to syslog with default mail facility. You can redirect logs in your sysylog configuration. Another posibility is to use log_path instruction for writing to file. See more in documentation.
Basic Commands
# Get all current settings
doveconf -a
# Get non-default settings
doveconf -nP
# Get default param values
doveconf -d
# Generate password with doveadm
doveadm pw -s SHA512
# Find log path with current setup
doveadm log find
# Get built options (useful when dovecot is installed from package)
dovecot –build-options