Difference between revisions of "Dovecot-extras"
m (→Dovecot) |
(→Sieve) |
||
Line 39: | Line 39: | ||
access=private | access=private | ||
status=enabled | status=enabled | ||
− | for example | + | for example if you want a SSL protected port |
config setprop sieve TCPPORT 5190 | config setprop sieve TCPPORT 5190 | ||
signal-event email-update | signal-event email-update |
Revision as of 09:48, 8 January 2015
dovecot-extras for SME Server
Maintainer
Daniel B. from Firewall Services
Description
dovecot-extras is a contrib to bring 'sieve' support and IMAP acl (sharedmailbox) to dovecot, the imap server
- Shared Mailboxes and IMAP ACL: this feature enables sharing of mail folders between users using IMAP ACL. See http://wiki2.dovecot.org/ACL and http://wiki2.dovecot.org/SharedMailboxes
- Sieve scripts and manage sieve daemon: this feature adds sieve scripts support. Sieve is a script language for server side mail processing when mails arrive in your mailbox. With this, you can create filters, reject mails with a custom message, configure a vacation message, forward some mails etc…. These features are often also available on mail clients (Outlook, Thunderbird, Evolution etc…) but the advantage of using sieve is that everything is processed on server side, as soon as the mail arrive in your INBOX, which means everything will work even if your client is not running. See http://wiki2.dovecot.org/Pigeonhole
Requirements
You need the firewall-services repo to install this contribs
Installation 9.x Only
This contrib is currently held in the fws repository, so the following commands will install on your smeserver.
yum install --enablerepo=fws smeserver-dovecot-extras
You will then need to activate the database changes etc. The 'official' way is to perform
signal-event post-upgrade; signal-event reboot
or if you do not want to restart your computer
signal-event email-update
Configuration
Sieve
There is no panel in the server-manager, You have to use the db command
[root@sme9 ~]# config show sieve sieve=service TCPPort=4190 access=private status=enabled
for example if you want a SSL protected port
config setprop sieve TCPPORT 5190 signal-event email-update
- IP listening
you can change the IP listening (default localhost)
config setprop sieve Listen xxx.xxx.xxx.xxx
or
config setprop sieve Listen "xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy localhost"
signal-event email-update
Dovecot
Additional DB keys to configure dovecot (based on the original documentation here):
- AdminIsMaster (enabled|disabled, default is disabled): if enabled, the admin user will be a master user, and will be able to login as any user. To do so use user1*admin as login and the admin password to log in as user1. If you are using the Sogo groupware contrib this property has to be enabled.
- FullTextIndexing (enabled|disabled, default is disabled): will turn on or off the full text indexing. When this option is enabled, a first search in an IMAP folder will trigger indexation. Next searches will be much faster. Read this page before enabling this option
- LogActions (enabled|disabled, default is disabled): will turn on or off extra logging (flag change, move, copy etc…). **!! Warning !!**: enabling this can generate a huge amount of logs
- Quotas (enabled|disabled, default is enabled): will report the actual used space and the remaining one if the user has a quota limit
- SharedMailbox (enabled|disabled, default is disabled): will turn on or off shared mailbox and IMAP ACL support
After you've configured the prop like you want, for example by
config setprop dovecot AdminIsMaster enabled
run
signal-event email-update
to activate the changes to the configuration database.
- Sieve and dovecot-lda
When Sieve is enabled, dovecot-lda is used to deliver mail in mailboxes (so it can apply sieve scripts) instead of qmail. Dovecot-lda is more ressources intensives than qmail, so you may have performance penalty when users receive a lot of mails (for example, when you use the Bcc qpsmtpd's plugin to copy every mail in one mailbox). You can selectivly disable dovecot-lda for some users, for example, to disable dovecot-lda for user maillog:
db accounts setprop maillog Sieve disabled signal-event email-update
This will let qmail handle mail delivery for this user.
- Sieve and existing procmail / maildrop rules
If smeserver-mailsorting is installed in addition to this contrib, filter rules defined in a user's ~/.procmailrc or ~/.mailfilter file are applied prior to the mail getting passed to dovecot-lda and Sieve.
ShareMailbox is an important feature.
To enable it:
db configuration setprop dovecot SharedMailbox enabled signal-event email-update
When this feature is enabled, a special group named sharedmailbox (automatically created during install) will have:
- x permission on each user home (/home/e-smith/files/users/username) in order to access the Maildir folder (but it won't have any permission to read something else, like the home sub-folder)
- Full read / write access to the Maildir for everyone
This special group is empty (no member), so this has limited impact on the security of the server. Just be sure to never add any user in this group. (It's a system group, and won't appear in the server-manager, so you cannot add members easily).
When a user access its mailbox through the IMAP server, dovecot spawn a new process with the standard user privileges, plus the sharedmailbox group. So basically a user is member of this special group only through dovecot. This configuration allows shared mailbox at the filesystem level. Effective permissions between differents users are enforced by IMAP ACL extension. You need a client which support this (tested with SOGo and Thunderbird using this extension ).
Once enabled, you can grant different access level (read, post, delete, change flags, create sub folders etc.) to other users, or group of users on your IMAP folders.
Uninstall
yum remove smeserver-dovecot-extras signal-event post-upgrade; signal-event reboot
Bugs
Sources for this contribs can be found in Firewall Service's repository [1]