Fedora 29
Sponsored Link

Dovecot : Install / Configure
2018/11/13
 
Install Dovecot to configure POP/IMAP server.
[1] Install Dovecot.
[root@mail ~]#
dnf -y install dovecot
[2] This example shows to configure to provide SASL function to Postfix.
[root@mail ~]#
vi /etc/dovecot/dovecot.conf
# line 30: uncomment and change ( if not use IPv6 )

listen = *, ::
[root@mail ~]#
vi /etc/dovecot/conf.d/10-auth.conf
# line 10: uncomment and change ( allow plain text auth )

disable_plaintext_auth =
no
# line 100: add

auth_mechanisms = plain
login
[root@mail ~]#
vi /etc/dovecot/conf.d/10-mail.conf
# line 30: uncomment and add

mail_location =
maildir:~/Maildir
[root@mail ~]#
vi /etc/dovecot/conf.d/10-master.conf
# line 107-111: uncomment and add like follows

# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    user = postfix
    group = postfix
}
[root@mail ~]#
vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change (not require SSL)

ssl =
no
[root@mail ~]#
systemctl start dovecot

[root@mail ~]#
systemctl enable dovecot

[3] If SELinux is enabled, change polocy.
[root@mail ~]#
dnf -y install checkpolicy policycoreutils-python-utils
[root@mail ~]#
vi my-dovecot.te
# create new

module my-dovecot 1.0;

require {
        type dovecot_t;
        type proc_security_t;
        type smtp_port_t;
        class tcp_socket name_bind;
        class file getattr;
}

#============= dovecot_t ==============
allow dovecot_t proc_security_t:file getattr;
allow dovecot_t smtp_port_t:tcp_socket name_bind;

[root@mail ~]#
checkmodule -m -M -o my-dovecot.mod my-dovecot.te

checkmodule: loading policy configuration from my-dovecot.te
checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 19) to my-dovecot.mod
[root@mail ~]#
semodule_package --outfile my-dovecot.pp --module my-dovecot.mod

[root@mail ~]#
semodule -i my-dovecot.pp

[4] If Firewalld is running, allow POP/IMAP service. POP uses 110/TCP, IMAP uses 143/TCP.
[root@mail ~]#
firewall-cmd --add-service={pop3,imap} --permanent

success
[root@mail ~]#
firewall-cmd --reload

success
Matched Content
 
Tweet