Virtual Accounts with CRAM-MD5 The major disadvantage of PLAIN text passwords on the server of course is that they are readable.  Even if your communication with the server is encrypted it is troubling to have readable passwords on the server.  You can easily change this by using the dovecotpw command and creating encrypted ...

One of the newest features of Ubuntu 9.04 is the Postfix Mail Server/Dovecot enhancements to make it easier to set up a mail server.  This article is a review of those improvements and a tutorial on how to fix several problems that were experienced. Before you jump to any conclusions about the new features it is important to ...

Authentication with Dovecot PLAIN authentication has the advantage of being supported by all clients.  Certainly the disadvantage is that you have visible passwords on the wire, but that is easy to solve with SSL/TLS.  This means that it is easier to set up SSL/TLS  and PLAIN passwords than it is to fight the many hassles that come ...

See Dovecot installation below for details on how to set up Dovecot.  In this section, the focus will be on creating passwords for users on multiple domains with Dovecot. Edit your /etc/dovecot.conf file to reflect these changes } default_mail_env = maildir:/var/spool/vhosts/%d/%n auth_mechanisms = plain DIGEST-MD5 ...

Testing the SSL Connections # openssl s_client -connect localhost:993 CONNECTED(00000003) depth=0 /OU=IMAP server/CN=imap.example.com/emailAddress=postmaster@example.com verify error:num=18:self signed certificate verify return:1 depth=0 /OU=IMAP server/CN=imap.example.com/emailAddress=postmaster@example.com verify ...

Creating a Keys First edit the file /etc/pki/dovecot-openssl.cnf.  In this file create all of the settings for your site.  Now move into  the /usr/share/doc/dovecot-1.0/examples folder and you will see an executable called mkcert.sh.  Run that executable to create the necessary keys. ./mkcert.sh Copy the keys to the correct location, deleting the default keys. cp dovecot.pem  /etc/pki/dovecot/certs cp dovecot.pem  ...

Check for TLS Support in Postfix By running this command you can verify that TLS is supported by your version of Postfix.  Each of these parameters should exist. # postconf -d | grep tls lmtp_enforce_tls = no lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_starttls_timeout = 300s lmtp_tls_CAfile = lmtp_tls_CApath = lmtp_tls_cert_file ...

One thing that you can do is run this command to verify it is listening on the correct port numbers: netstat -aunt This should show that Dovecot is listening on ports 143 and 110 for IMAP and POP3. Check if Dovecot is Listening Another test is to connect to Dovecot using telnet on port 143.  Here is an example with the output ...