As Dovecot supports multiple mailbox formats, it is useful to be able to convert or synchronise between them.

For example, to convert from mbox to Maildir, you would set:

mail_location=maildir:~/Maildir

in the Dovecot configuration (/etc/dovecot/conf.d/10-mail.conf on Debian) and set the separator:

separator = /

after which for every mailbox / user to migrate, you would run the command:

dsync -u username mirror mbox:~/mail:INBOX=/var/mail/username

where username is the name of the user whose mailbox is to be synchronised.

Sometimes folders fail to sync with dsync - if so, you may manually want to synchronize a folder without synchronizing the entire mailbox. Suppose you want to synchronize a folder named maps and that you have a mbox mailbox at ~/mail containing, amongst others, the maps folder. In that case you would issue:

dsync -u username mirror -m maps mbox:~/mail:INBOX=/var/mail/username

in order to just sync the maps folder.

If you install RoundCube or SquirrelMail you may notice that some of the default folders have not been created in which case you can solve the issue by enabling the autocreate plugin and specifying a list of folders to automatically create when a user logs in.

Edit /etc/dovecot/conf.d/20-imap.conf and enable the autocreate plugin:

mail_plugins = $mail_plugins autocreate

then, at the end of the /etc/dovecot/conf.d/20-imap.conf file, add the following snippet:

# Automatically create folders for compatibility
plugin {
  autocreate = Trash
  autocreate2 = Junk
  autocreate3 = Drafts
  autocreate4 = Sent
  autosubscribe = Trash
  autosubscribe2 = Junk
  autosubscribe3 = Drafts
  autosubscribe4 = Sent
}

Edit /etc/dovecot/10-ssl.conf and enable the line:

ssl_dh_parameters_length = 2048

followed by service dovecot reload.

To enable IMAP compress, edit /etc/dovecot/10-mail.conf and add zlib to the mail_plugins line:

mail_plugins = zlib

This change is only required for Dovecot 2.1 and above.

After that, edit /etc/dovecot/20-mail.conf and add imap_zlib to the mail_plugins line:

protocol imap {
  mail_plugins = $mail_plugins imap_zlib
}

and restart Dovecot.

Edit /etc/dovecot/conf.d/10-ssl.conf and disable SSLv2, SSLv3 and TLSv1:

ssl_protocols = !SSLv2 !SSLv3 !TLSv1

and specify secure strong ciphers:

ssl_cipher_list = ALL:HIGH:!SSLv2:!MEDIUM:!LOW:!EXP:!RC4:!MD5:!aNULL:@STRENGTH

as well as enabling the server-side cipher list only:

ssl_prefer_server_ciphers = yes

In case your machine contains a cryptographic module, you can run most of the cryptographic tasks through the module. To find out which hardware engines are available, issue:

openssl engine

For instance, the output may be:

(rsax) RSAX engine support
(rdrand) Intel RDRAND engine
(dynamic) Dynamic engine loading support

the dynamic engine is not a hardware engine, but rsax and rdrand is.

To use rdrandr, you would add the configuration directive in dovecot:

ssl_crypto_device = rdrand

and reload dovecot.

Usually, the configuration file that contains this directive already can be found at /etc/dovecot/conf.d/10-ssl.conf.

To enable IMAP NOTIFY as per RFC5465, also required for the notify extension, edit /etc/dovecot/conf.d/10-mail.conf and make sure that mailbox_list_index is set to yes.

The METADATA capability can be enabled by editing /etc/dovecot/conf.d/10-mail.conf and specifying a dictionary to preserve metatdata tags.

For instance, one would specify:

mail_attribute_dict = file:%h/sdbox/dovecot-attributes

in order to place a file named dovecot-attributes underneath the user's home directory under ~/sdbox.

Next, enable IMAP METADATA by editing /etc/dovecot/conf.d/20-imap.conf and adding the imap_metadata configuration parameter to the IMAP protocol section:

protocol imap {
  # METADATA extension (RFC 5464)]
  imap_metadata = yes
}

Sometimes it is useful to have a public mailbox that is accessible by all users where messages can be placed that are of public interest. For instance, company news, mail orders, server settings, or various notifications could be stored inside the mail server itself and conveniently accessed by all users.

The following example creates a public mailbox in mbox format at /var/mail/public/ whilst retaining "Seen" flags for each user under their home directory at ~/.support. "Mailboxes" (containing several mails/messages) can then be placed under /var/mail/public and offered to users as read-only. Furthermore, the configuration makes sure that each user becomes subscribed to the mailbox whenever the users check their E-Mail.

In effect, this "trick" can be used to avoid mailing lists whenever the message to be sent to all users is not urgent enough to appear as a new E-Mail and having a long-standing reference is desirable (similar to documentation).

Edit dovecot.conf or 10-mail.conf under Debian-based distributions and add a public mailbox:

# Public mailbox
namespace {
  type = public
  prefix = Support/
  location = mbox:/var/mail/public/:INDEX=~/.support
  subscriptions = yes
  list = children

  mailbox "News" {
      auto = subscribe
  }

  mailbox "Mail Orders" {
     auto = subscribe
  }
}

where:

• Support/ is the name of the top-level folder that will appear in every user mailbox,
• all mailbox sections define mailboxes in mbox format that will appear underneath the Support/ top-level folder.

Following the example above, for the mailboxes News and Mail Orders two mbox files would have to be created under /var/mail/public named News and Mail Orders:

touch /var/mail/public/{News,"Mail Orders"}

The standard mbox format is a concatenation of raw E-Mail data separated by a single line:

From address@host Sat Jan 01 12:00:00 2000

that describes when the mail was stored. All other standard E-Mail header fields (ie: Subject, To, From) do not need to be modified such that mails can be added to the mailboxes easily by hand.

For example, the /var/mail/public/News file could be formatted with the following contents:

From support@localhost Sat Jan 01 12:00:00 2000
From: "admin" <admin@server.tld>
Subject: New Backup Server
To: support@server.tld

We have a new backup server!

Cheers,
admin

From support@localhost Sat Jan 01 12:00:00 2000
From: "admin" <admin@server.tld>
Subject: The Server is Down!
To: support@server.tld

The backup server does not work anymore, please do not use it.

Cheers,
admin

and will appear as two separate mails under the Support/News IMAP folder.

The /var/mail/public folder can be shared via Samba and the files edited conveniently in order to add mails.