As Dovecot supports multiple mailbox formats, it is useful to be able to convert or synchronise between them.

For example, to convert from mbox to Maildir, you would set:

mail_location=maildir:~/Maildir

in the Dovecot configuration (/etc/dovecot/conf.d/10-mail.conf on Debian) and set the separator:

separator = /

after which for every mailbox / user to migrate, you would run the command:

dsync -u username mirror mbox:~/mail:INBOX=/var/mail/username

where username is the name of the user whose mailbox is to be synchronised.

Sometimes folders fail to sync with dsync - if so, you may manually want to synchronize a folder without synchronizing the entire mailbox. Suppose you want to synchronize a folder named maps and that you have a mbox mailbox at ~/mail containing, amongst others, the maps folder. In that case you would issue:

dsync -u username mirror -m maps mbox:~/mail:INBOX=/var/mail/username

in order to just sync the maps folder.

If you install RoundCube or SquirrelMail you may notice that some of the default folders have not been created in which case you can solve the issue by enabling the autocreate plugin and specifying a list of folders to automatically create when a user logs in.

Edit /etc/dovecot/conf.d/20-imap.conf and enable the autocreate plugin:

mail_plugins = $mail_plugins autocreate

then, at the end of the /etc/dovecot/conf.d/20-imap.conf file, add the following snippet:

# Automatically create folders for compatibility
plugin {
  autocreate = Trash
  autocreate2 = Junk
  autocreate3 = Drafts
  autocreate4 = Sent
  autosubscribe = Trash
  autosubscribe2 = Junk
  autosubscribe3 = Drafts
  autosubscribe4 = Sent
}

Edit /etc/dovecot/10-ssl.conf and enable the line:

ssl_dh_parameters_length = 2048

followed by service dovecot reload.

To enable IMAP compress, edit /etc/dovecot/10-mail.conf and add zlib to the mail_plugins line:

mail_plugins = zlib

This change is only required for Dovecot 2.1 and above.

After that, edit /etc/dovecot/20-mail.conf and add imap_zlib to the mail_plugins line:

protocol imap {
  mail_plugins = $mail_plugins imap_zlib
}

and restart Dovecot.

Edit /etc/dovecot/conf.d/10-ssl.conf and disable SSLv2, SSLv3 and TLSv1:

ssl_protocols = !SSLv2 !SSLv3 !TLSv1

and specify secure strong ciphers:

ssl_cipher_list = ALL:HIGH:!SSLv2:!MEDIUM:!LOW:!EXP:!RC4:!MD5:!aNULL:@STRENGTH

as well as enabling the server-side cipher list only:

ssl_prefer_server_ciphers = yes

In case your machine contains a cryptographic module, you can run most of the cryptographic tasks through the module. To find out which hardware engines are available, issue:

openssl engine

For instance, the output may be:

(rsax) RSAX engine support
(rdrand) Intel RDRAND engine
(dynamic) Dynamic engine loading support

the dynamic engine is not a hardware engine, but rsax and rdrand is.

To use rdrandr, you would add the configuration directive in dovecot:

ssl_crypto_device = rdrand

and reload dovecot.

Usually, the configuration file that contains this directive already can be found at /etc/dovecot/conf.d/10-ssl.conf.

To enable IMAP NOTIFY as per RFC5465, also required for the notify extension, edit /etc/dovecot/conf.d/10-mail.conf and make sure that mailbox_list_index is set to yes.

The METADATA capability can be enabled by editing /etc/dovecot/conf.d/10-mail.conf and specifying a dictionary to preserve metatdata tags.

For instance, one would specify:

mail_attribute_dict = file:%h/sdbox/dovecot-attributes

in order to place a file named dovecot-attributes underneath the user's home directory under ~/sdbox.

Next, enable IMAP METADATA by editing /etc/dovecot/conf.d/20-imap.conf and adding the imap_metadata configuration parameter to the IMAP protocol section:

protocol imap {
  # METADATA extension (RFC 5464)]
  imap_metadata = yes
}