Differences

This shows you the differences between two versions of the page.

--- fuss:dovecot [2017/09/06 06:41] – office
+++ fuss:dovecot [2020/03/28 19:43] – [Enable METADATA Capability] office
@@ Line 1: / Line 1: @@
+====== Migrate Between Mailbox Formats ======
+As Dovecot supports multiple mailbox formats, it is useful to be able to convert or synchronise between them.
+For example, to convert from ''mbox'' to ''Maildir'', you would set:
+<code>
+mail_location=maildir:~/Maildir
+</code>
+in the Dovecot configuration (''/etc/dovecot/conf.d/10-mail.conf'' on Debian) and set the separator:
+<code>
+separator = /
+</code>
+after which for every mailbox / user to migrate, you would run the command:
+<code bash>
+dsync -u username mirror mbox:~/mail:INBOX=/var/mail/username
+</code>
+where ''username'' is the name of the user whose mailbox is to be synchronised.
+Sometimes folders fail to sync with ''dsync'' - if so, you may manually want to synchronize a folder without synchronizing the entire mailbox. Suppose you want to synchronize a folder named ''maps'' and that you have a ''mbox'' mailbox at ''~/mail'' containing, amongst others, the ''maps'' folder. In that case you would issue:
+<code bash>
+dsync -u username mirror -m maps mbox:~/mail:INBOX=/var/mail/username
+</code>
+in order to just sync the ''maps'' folder.
+====== Automatically Create Folders for Compatibility ======
+If you install RoundCube or SquirrelMail you may notice that some of the default folders have not been created in which case you can solve the issue by enabling the ''autocreate'' plugin and specifying a list of folders to automatically create when a user logs in.
+Edit ''/etc/dovecot/conf.d/20-imap.conf'' and enable the ''autocreate'' plugin:
+<code>
+mail_plugins = $mail_plugins autocreate
+</code>
+then, at the end of the ''/etc/dovecot/conf.d/20-imap.conf'' file, add the following snippet:
+<code>
+# Automatically create folders for compatibility
+plugin {
+  autocreate = Trash
+  autocreate2 = Junk
+  autocreate3 = Drafts
+  autocreate4 = Sent
+  autosubscribe = Trash
+  autosubscribe2 = Junk
+  autosubscribe3 = Drafts
+  autosubscribe4 = Sent
+}
+</code>
+====== Increase DH Group for Logjam ======
+Edit ''/etc/dovecot/10-ssl.conf'' and enable the line:
+<code>
+ssl_dh_parameters_length = 2048
+</code>
+followed by ''service dovecot reload''.
+====== Enable IMAP Compress ======
+To enable [[http://www.ietf.org/rfc/rfc4978.txt|IMAP compress]], edit ''/etc/dovecot/10-mail.conf'' and add ''zlib'' to the ''mail_plugins'' line:
+<code>
+mail_plugins = zlib
+</code>
+This change is only required for Dovecot 2.1 and above.
+After that, edit ''/etc/dovecot/20-mail.conf'' and add ''imap_zlib'' to the ''mail_plugins'' line:
+<code>
+protocol imap {
+  mail_plugins = $mail_plugins imap_zlib
+}
+</code>
+and restart Dovecot.
+====== Disable POODLE, FREAK/Logjam and Heartbleed ======
+Edit ''/etc/dovecot/conf.d/10-ssl.conf'' and disable SSLv2, SSLv3 and TLSv1:
+<code>
+ssl_protocols = !SSLv2 !SSLv3 !TLSv1
+</code>
+and specify secure strong ciphers:
+<code>
+ssl_cipher_list = ALL:HIGH:!SSLv2:!MEDIUM:!LOW:!EXP:!RC4:!MD5:!aNULL:@STRENGTH
+</code>
+as well as enabling the server-side cipher list only:
+<code>
+ssl_prefer_server_ciphers = yes
+</code>
+====== Enable Hardware Cryptography ======
+In case your machine contains a cryptographic module, you can run most of the cryptographic tasks through the module. To find out which hardware engines are available, issue:
+<code bash>
+openssl engine
+</code>
+For instance, the output may be:
+<code>
+(rsax) RSAX engine support
+(rdrand) Intel RDRAND engine
+(dynamic) Dynamic engine loading support
+</code>
+the ''dynamic'' engine is not a hardware engine, but ''rsax'' and ''rdrand'' is.
+To use ''rdrandr'', you would add the configuration directive in dovecot:
+<code>
+ssl_crypto_device = rdrand
+</code>
+and reload dovecot.
+Usually, the configuration file that contains this directive already can be found at ''/etc/dovecot/conf.d/10-ssl.conf''.
+====== Enable NOTIFY ======
+To enable IMAP NOTIFY as per RFC5465, also required for the notify extension, edit ''/etc/dovecot/conf.d/10-mail.conf'' and make sure that ''mailbox_list_index'' is set to ''yes''.
+====== Enable METADATA Capability ======
+[[https://tools.ietf.org/html/rfc5464|The METADATA capability]] can be enabled by editing ''/etc/dovecot/conf.d/10-mail.conf'' and specifying a dictionary to preserve metatdata tags.
+For instance, one would specify:
+<code>
+mail_attribute_dict = file:%h/sdbox/dovecot-attributes
+</code>
+in order to place a file named ''dovecot-attributes'' underneath the user's home directory under ''~/sdbox''.
+Next, enable IMAP METADATA by editing ''/etc/dovecot/conf.d/20-imap.conf'' and adding the ''imap_metadata'' configuration parameter to the IMAP protocol section:
+<code>
+protocol imap {
+  # METADATA extension (RFC 5464)]
+  imap_metadata = yes
+}
+</code>
+====== Create Public Broadcast Mailbox for All Users ======
+Sometimes it is useful to have a public mailbox that is accessible by all users where messages can be placed that are of public interest. For instance, company news, mail orders, server settings, or various notifications could be stored inside the mail server itself and conveniently accessed by all users.
+The following example creates a public mailbox in ''mbox'' format at ''/var/mail/public/'' whilst retaining "Seen" flags for each user under their home directory at ''~/.support''. "Mailboxes" (containing several mails/messages) can then be placed under ''/var/mail/public'' and offered to users as read-only. Furthermore, the configuration makes sure that each user becomes subscribed to the mailbox whenever the users check their E-Mail.
+In effect, this "trick" can be used to avoid mailing lists whenever the message to be sent to all users is not urgent enough to appear as a new E-Mail and having a long-standing reference is desirable (similar to documentation).
+Edit ''dovecot.conf'' or ''10-mail.conf'' under Debian-based distributions and add a public mailbox:
+<code>
+# Public mailbox
+namespace {
+  type = public
+  prefix = Support/
+  location = mbox:/var/mail/public/:INDEX=~/.support
+  subscriptions = yes
+  list = children
+  mailbox "News" {
+      auto = subscribe
+  }
+  mailbox "Mail Orders" {
+     auto = subscribe
+  }
+}
+</code>
+where:
+  * ''Support/'' is the name of the top-level folder that will appear in every user mailbox,
+  * all ''mailbox'' sections define mailboxes in mbox format that will appear underneath the ''Support/'' top-level folder.
+Following the example above, for the mailboxes ''News'' and ''Mail Orders'' two mbox files would have to be created under ''/var/mail/public'' named ''News'' and ''Mail Orders'':
+<code bash>
+touch /var/mail/public/{News,"Mail Orders"}
+</code>
+The standard mbox format is a concatenation of raw E-Mail data separated by a single line:
+<code>
+From address@host Sat Jan 01 12:00:00 2000
+</code>
+that describes when the mail was stored. All other standard E-Mail header fields (ie: ''Subject'', ''To'', ''From'') do not need to be modified such that mails can be added to the mailboxes easily by hand.
+For example, the ''/var/mail/public/News'' file could be formatted with the following contents:
+<code>
+From support@localhost Sat Jan 01 12:00:00 2000
+From: "admin" <admin@server.tld>
+Subject: New Backup Server
+To: support@server.tld
+We have a new backup server!
+Cheers,
+admin
+From support@localhost Sat Jan 01 12:00:00 2000
+From: "admin" <admin@server.tld>
+Subject: The Server is Down!
+To: support@server.tld
+The backup server does not work anymore, please do not use it.
+Cheers,
+admin
+</code>
+and will appear as two separate mails under the ''Support/News'' IMAP folder.
+The ''/var/mail/public'' folder can be shared via Samba and the files edited conveniently in order to add mails.