(:redirect Dovecot.Install:)
Here is how I set up dovecot.
$ doas pkg_add dovecot
In /etc/dovecot/dovecot.conf, add these lines at the very bottom:
service lmtp {
user = vmail
}
#auth_verbose=yes
#auth_debug=yes
#auth_debug_passwords=yes
#mail_debug=yes
#auth_verbose_passwords=sha1
verbose_ssl=yes
You can turn on debugging, verbose ssl, and so forth as you need to help troubleshoot.
In /etc/dovecot/conf.d/10-auth.conf, I make these changes:
#!include auth-system.conf.ext
passdb {
args = scheme=blf-crypt /etc/mail/passwd
driver = passwd-file
}
userdb {
args = uid=vmail gid=vmail home=/var/vmail/%25d/%25n
driver = static
}
Comment out auth-system.conf.ext and add the new passdb/userdb conf settings.
In /etc/dovecot/conf.d/10-mail.conf:
mail_location = maildir:/var/vmail/%25d/%25n/Maildir
In /etc/dovecot/conf.d/10-ssl.conf, I make these changes:
ssl = required
...
ssl_cert = </etc/ssl/ircnow.org.fullchain.pem
ssl_key = </etc/ssl/private/ircnow.org.key
ssl_dh_parameters_length = 2048
As hinted in the instructions in the dovecot README in /usr/local/share/doc/pkg-readmes/dovecot, you want to add to /etc/login.conf:
dovecot:\
:openfiles-cur=4096:\
:openfiles-max=8192:\
:tc=daemon:
WARNING: You must use tabs and not spaces. If you use spaces in /etc/login.conf, the settings will not work.
NOTE: Allowing more open files than suggested in the README can help if you have many IP addresses.
Then rebuild login.conf.db:
# [ -f /etc/login.conf.db ] && cap_mkdb /etc/login.conf
Troubleshooting
$ openssl s_client -starttls imap -connect username.coconut.ircnow.org:143