<!-- NOTES - Notes here --> <!-- GOAL ONE-LINER --> <p>Create a subset of configuration files required for IMAP server (Dovecot).</p> <p>These configuration files enable Dovecot to connect to MySQL in order to retrieve information about valid domains, users and aliases.</p> <!-- RATIONALE --> <!-- NUANCE --> <h2>Procedure</h2> <!-- NARRATIVE FORM --> <p>Tell Dovecot to use the SQL-stored passwords instead of system credentials: Toggle <a href="https://wiki2.dovecot.org/UserDatabase/Prefetch">prefetch</a> method to enable lookup of a user and the corresponding password in one command: Inform Dovecot about how to see whether a user exist, and if so to fetch its settings (uid, gid, homedir etc.):</p> <!-- STEP BY STEP --> <ol> <li> <p>Edit <code>/etc/dovecot/conf.d/10-auth.conf</code> to make Dovecot stop using the configuration file that employs the OS facilitated user authentication (/etc/passwd) and start using the configuration file that employs SQL based authentication:</p> <pre><code class="language-diff">- !include auth-system.conf.ext + #!include auth-system.conf.ext</code></pre> <pre><code class="language-diff">- #!include auth-sql.conf.ext + !include auth-sql.conf.ext</code></pre> </li> <li> <p>Edit <code>/etc/dovecot/conf.d/auth-sql.conf.ext</code> to have Dovecot use prefetch for better performance (using one query instead of two as the data resides in the same DB) and spam filtering reasons:</p> <pre><code class="language-diff"> # "prefetch" user database means that the passdb already provided the # needed information and there's no need to do a separate userdb lookup. # <doc/wiki/UserDatabase.Prefetch.txt> - #userdb { - # driver = prefetch - #} + userdb { + driver = prefetch + }</code></pre> </li> <li> <p>Append <code>/etc/dovecot/dovecot-sql.conf.ext</code> with info required for storage information (location and userrights) and credential (user and password) data retrieval from the database:</p> <pre><code class="language-diff">+ default_pass_scheme = SHA512-CRYPT + driver = mysql + connect = "host=127.0.0.1 dbname=mailserver user=mailadmin password=<MYSQL PASSWORD>" + user_query = SELECT CONCAT('/var/vmail/', `domain`, '/', `username`) AS `home`, `uid`, `gid` FROM `users` WHERE `username` = '%n' AND `domain` = '%d' LIMIT 1; + password_query = SELECT \ + CONCAT(`username`, '@', `domain`) AS `user`, \ + `password`, \ + CONCAT('/var/vmail/', `domain`, '/', `username`) AS `userdb_home`, \ + `uid` AS `userdb_uid`, \ + `gid` AS `userdb_gid` \ + FROM `users` WHERE `username` = '%n' AND `domain` = '%d' LIMIT 1;</code></pre> <p><code><MYSQL PASSWORD></code> being the password of choice defined during <a href="/mailserver/dovecot-mysql-config/Mail-server_Database-preparation">database preparation</a>.</p> </li> <li> <p>Reload the configuration files into Dovecot to effectuate the changes:</p> <pre><code class="language-shell">service dovecot reload</code></pre> </li> </ol> <!-- REFERENCES -->