Dovecot

Die verschiedenen Dovecot-Komponenten erledigen hier folgenden Aufgaben:
* POP/IMAP Server
* lokale Mailzustellung mit dovecot-lda
* Mailfilter / Abwesenheitsnachrichten per Sieve
* Authentication Backend für SMTP User
cat > /etc/dovecot/dovecot-sql.conf.ext <<EOF
driver = mysql 
connect = host=dbserver dbname=vpopmail user=vpopmail password=secret
default_pass_scheme = SSHA256 

password_query = \
  SELECT pw_name as username, pw_domain as domain, pw_passwd as password, pw_dir as userdb_home \
  FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d'

user_query = SELECT pw_dir as home \
  FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d'

iterate_query = SELECT concat(pw_name,'@',pw_domain) AS user FROM vpopmail
cat > /etc/dovecot/conf.d/99-local.conf <<EOF
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
doveconf: Warning: service auth { client_limit=1000 } is lower than required under max. load (1250)
doveconf: Warning: service anvil { client_limit=1000 } is lower than required under max. load (1003)
# OS: Linux 4.15.18-9-pve x86_64 Debian 9.6 
auth_cache_negative_ttl = 0
auth_cache_size = 50 M
auth_debug = yes
auth_mechanisms = plain cram-md5
auth_verbose = yes
auth_verbose_passwords = sha1:8
debug_log_path = /var/log/dovecot/debug.log
default_process_limit = 250
disable_plaintext_auth = no
first_valid_uid = 89
last_valid_uid = 89
log_path = /var/log/dovecot/dovecot.log
login_greeting = Serverpilot.net Mail Service
mail_gid = 89
mail_home = maildir:/var/mail/vhosts/%d/%n
mail_location = maildir:~/.maildir
mail_plugins = quota
mail_uid = 89
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = 
}
passdb {
  driver = pam
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  quota = maildir:User quota
  quota_rule = *:storage=10M
  quota_rule2 = Trash:storage=+1M
  sieve = /home/vpopmail/domains/%d/%n/sieve/active-script.sieve
  sieve_default = /home/vpopmail/sieve/default.sieve
  sieve_default_name = Standardfilter
  sieve_dir = /home/vpopmail/domains/%d/%n/sieve/scripts/
}
protocols = imap pop3 sieve
service auth {
  unix_listener auth-master {
    group = vpopmail
    mode = 0600
    user = vpopmail
  }
  unix_listener auth-qmail {
    group = nofiles
    mode = 0600
    user = qmaild
  }
}
service imap-login {
  process_min_avail = 5
  service_count = 0
}
ssl = no
ssl_cert = </etc/dovecot/ssl/serverpilot.net.crt
ssl_cipher_list = ALL:!EXPORT:!LOW:!MEDIUM:!aNULL:+RC4:@STRENGTH
ssl_dh_parameters_length = 2048
ssl_protocols = TLSv1.2 TLSv1.1 SSLv3 TLSv1
userdb {
  driver = passwd
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  debug_log_path = /var/log/dovecot/lda-debug.log
  hostname = mail.serverpilot.net
  log_path = /var/log/dovecot/lda.log
  mail_plugin_dir = /usr/lib/dovecot/modules
  mail_plugins = quota sieve
  postmaster_address = nic@rackport.net
  sendmail_path = /var/qmail/bin/sendmail
}
protocol imap {
  mail_max_userip_connections = 40
}

EOF
# dovecot-lda läuft als Benutzer vpopmail und muss hier ein log schreiben!
mkdir -m775 /var/log/dovecot
chown vpopmail /var/log/dovecot

Sieve

Zum Vorsortieren von Spam bzw. zum Einrichten von Abwesenheitsnachrichten soll die Filtersprache Sieve zum Einsatz kommen. Über den ManageSieve Dienst können die Nutzer dies selber einrichten (per Plugin in Roundcube) – damit die User einen Startpunkt haben, stellen wir ein Muster-Script bereit.

mkdir /home/vpopmail/sieve
cat > /home/vpopmail/sieve/default.sieve <<EOF
require ["fileinto","vacation"];
# rule:[Urlaub]
if false # true
{
	vacation :subject "Abwesenheitsnachricht" "Ich befinde mich derzeit im Urlaub, ihre Mail wird nicht gelesen oder weitergeleitet.";
}
# rule:[Spam]
if false # header :is "X-Spam-Status" "Yes"
{
	fileinto "Junk";
}
EOF
# Das Script muss dann noch kompiliert werden
sievec /home/vpopmail/sieve/default.sieve

Weiter gehts danach mit der Einrichtung von vpopmail