Differences

This shows you the differences between two versions of the page.

--- docker_notes:docker-mailserver [2025-06-01 Sun wk22 22:01] – [Dovecot References] baumkp
+++ docker_notes:docker-mailserver [2025-08-16 Sat wk33 19:39] (current) – [exim] baumkp
@@ Line 1: / Line 1: @@
 {{tag>linux docker mail mailserver Alpine dovecot postfix sqlite s6 s6-rc}}
 ======Docker mailserver======
-This mailserver setup follows Workaround's [[https://workaround.org/ispmail-bookworm/|SPmail guide for Debian 12 “Bookworm”]].  Key changes are that instead of installing on Debian 11 virtual machine<sup>1</sup>, with a Maria mysql database<sup>2</sup>, this setup is for installation on latest Alpine linux Docker image with s6-rc init using maria database.  I toyed with sqlite and basically got it functional, however the support apps do not function with sqlite.
+This mailserver setup follows Workaround's [[https://workaround.org/ispmail-bookworm/|SPmail guide for Debian 12 “Bookworm”]].  Key changes are that instead of installing on Debian 12 virtual machine<sup>1</sup>, with a Maria mysql database<sup>2</sup>, this setup is for installation on latest Alpine linux Docker image with s6-rc init using maria database.  I toyed with sqlite and basically got it functional, however the support apps do not function with sqlite, so I went back to using MySQL/MariaDB.
 //As this follows Workaround's [[https://workaround.org/ispmail-bookworm/|SPmail guide for Debian 12 “Bookworm”]], significant amounts of text have been copied and generally modified from there. **I hereby credit Workaround's author Christoph Haas.**  Furthermore Christoph's guide is very descriptive and should be referenced to get a better understanding of how to put together a mailserver.//
@@ Line 371: / Line 371: @@
 =====dovecot=====
-''/etc/dovecot/conf.d''
+In Dovecot <2.4.x the main configuration are in files ''/etc/dovecot/conf.d'', although /etc/dovecot/dovecot.conf is still used and can be used for all configuration. In Dovecot >= 2.4.x the main configuration is in /etc/dovecot/dovecot.conf, however configuration files in /etc/dovecot/conf.d may also still be used.  That being said, Dovecot version 2.4.x has significant breaking configuration setting changes from earlier versions.
 <code>/ # dovecot --version
 .3.20 (80a5ac675d) </code>
@@ Line 377: / Line 377: @@
   *''doveconf -n''  to print parameters specifically changed in main.cf
-Dovecot version 2.4.0 seems to have broken the configuration files from 2.3.x and earlier.  Alpine Linux version 3.22 from May 2025 used Dovecot 2.4.1 and while I can use an older version of Alpine eventually I would need to upgrade Dovecot to the new configuration file syntax.  Basically Dovecot now recommends placing all configuration in one configuration file instead of many, ''/etc/dovecot/dovecot.conf''.  It does allow the previous  configuration files under /etc/dovecot/conf.d to be used by the directive ''!include conf.d/*.conf'' in the dovecot.conf file.  The later directives will overwrite previous. Below is a copy on my update dovecot.conf file that appears to function on Dovecot 2.4.1.
+Alpine Linux version 3.22 from May 2025 used Dovecot 2.4.1 and while I can use an older version of Alpine eventually I would need to upgrade Dovecot to the new configuration file syntax.  Basically Dovecot now recommends placing all configuration in one configuration file instead of many, ''/etc/dovecot/dovecot.conf''.  It does allow the previous  configuration files under /etc/dovecot/conf.d to be used by the directive ''!include conf.d/*.conf'' in the dovecot.conf file.  The later directives will overwrite previous. Below is a copy on my update dovecot.conf file that appears to function on Dovecot 2.4.1. See [[https://doc.dovecot.org/2.4.1/core/settings/syntax.html#config-version|Dovecot Config File Syntax ]]
+++++Discussion on configuration files|
+I suspect the ''conf.d'' directory breakdown style configuration files is a bit of a legacy hangover from where the configuration files also effectively included many comments and commented options. Breaking into smaller files helps navigate this style of configuration.  The past 10+ years where search engines can be used to easily find configuration information and example configuration files the fully documented configuration files are no longer as necessary.  A single simplified configuration file with reference to online help files makes more sense and is easier to navigated.  I prefer the single file to multiple files.
+The only other issue is use of override files in ''conf.d'' versus default distributors conf file.  I do not believe this is or was the fundamental intent of dovecot use of ''conf.d''.
+++++
+====dovecot.conf====
 ++++/etc/dovecot/dovecot.conf|
-<code># Start new configs with the latest Dovecot version numbers here:
+# Start new configs with the latest Dovecot version numbers here:\\
-dovecot_config_version = 2.4.1
+[[https://doc.dovecot.org/main/core/summaries/settings.html#dovecot_config_version|dovecot_config_version]] = 2.4.1\\
-dovecot_storage_version = 2.4.1
+[[https://doc.dovecot.org/main/core/summaries/settings.html#dovecot_storage_version|dovecot_storage_version]] = 2.4.1\\
-#mail_debug = yes
+#[[https://doc.dovecot.org/main/core/summaries/settings.html#mail_debug|mail_debug]] = yes\\
-#log_debug = category=ssl
+#[[https://doc.dovecot.org/main/core/summaries/settings.html#log_debug|log_debug]] = category=ssl\\
-mail_cache_max_size = 128M
+[[https://doc.dovecot.org/main/core/summaries/settings.html#mail_cache_max_size|mail_cache_max_size]] = 128M\\
-auth_mechanisms = plain login
+[[https://doc.dovecot.org/main/core/summaries/settings.html#auth_mechanisms|auth_mechanisms]] = plain login\\
-info_log_path = /var/log/dovecot-info.log
+[[https://doc.dovecot.org/main/core/summaries/settings.html#info_log_path|info_log_path]] = /var/log/dovecot-info.log\\
-log_path = /var/log/dovecot.log
+[[https://doc.dovecot.org/main/core/summaries/settings.html#log_path|log_path]] = /var/log/dovecot.log\\
-mail_driver = maildir
+[[https://doc.dovecot.org/main/core/summaries/settings.html#mail_driver|mail_driver]] = maildir\\
-mail_path = ~/Maildir
+mail_path = ~/Maildir\\
-mail_plugins {
+mail_plugins {\\
-  quota = yes
+  quota = yes\\
-}
+}\\
-#sieve_plugins {
+#sieve_plugins {\\
-#  sieve_extprograms = yes
+#  sieve_extprograms = yes\\
-#}
+#}\\
-managesieve_notify_capability = mailto
+managesieve_notify_capability = mailto\\
-managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
+managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext\\
-mbox_write_locks = fcntl
+mbox_write_locks = fcntl\\
-namespace inbox {
+namespace inbox {\\
-  inbox = yes
+  inbox = yes\\
-  mailbox Drafts {
+  mailbox Drafts {\\
-    special_use = \Drafts
+    special_use = \Drafts\\
-  }
+  }\\
-  mailbox Junk {
+  mailbox Junk {\\
-    special_use = \Junk
+    special_use = \Junk\\
-  }
+  }\\
-  mailbox Sent {
+  mailbox Sent {\\
-    special_use = \Sent
+    special_use = \Sent\\
-  }
+  }\\
-  mailbox "Sent Messages" {
+  mailbox "Sent Messages" {\\
-    special_use = \Sent
+    special_use = \Sent\\
-  }
+  }\\
-  mailbox Trash {
+  mailbox Trash {\\
-    special_use = \Trash
+    special_use = \Trash\\
-  }
+  }\\
-  prefix =
+  prefix = \\
-}
+}\\
-quota "Shared quota" {
+quota "Shared quota" {\\
-#quota = maildir:User quota
+#quota = maildir:User quota\\
-  quota_status_nouser = DUNNO
+  quota_status_nouser = DUNNO\\
-  quota_status_overquota = 452 4.2.2 Mailbox is full and cannot receive any more emails
+  quota_status_overquota = 452 4.2.2 Mailbox is full and cannot receive any more emails\\
-  quota_status_success = DUNNO
+  quota_status_success = DUNNO\\
-  warning warn-95 {
+  warning warn-95 {\\
-    quota_storage_percentage = 95
+    quota_storage_percentage = 95 \\
-    execute quota-warning {
+    execute quota-warning {\\
-      args = 95 %{user}
+      args = 95 %{user}\\
-      }
+      }\\
-    }
+    }\\
-  warning warn-80 {
+  warning warn-80 {\\
-    quota_storage_percentage = 80
+    quota_storage_percentage = 80\\
-    execute quota-warning {
+    execute quota-warning {\\
-      args = 80 %{user}
+      args = 80 %{user}\\
-      }
+      }\\
-    }
+    }\\
-}
+}\\
-#sieve = file:~/sieve;active=~/.dovecot.sieve
+#sieve = file:~/sieve;active=~/.dovecot.sieve\\
-sieve_script_driver = file
+sieve_script_driver = file\\
-sieve_script_active_path = ~/.dovecot.sieve
+sieve_script_active_path = ~/.dovecot.sieve\\
-sieve_script_type = after
+sieve_script_type = after \\
-sieve_script_path = /etc/dovecot/sieve-after
+sieve_script_path = /etc/dovecot/sieve-after\\
-protocols = imap lmtp
+protocols = imap lmtp\\
-service auth {
+service auth {\\
-  unix_listener /var/spool/postfix/private/auth {
+  unix_listener /var/spool/postfix/private/auth {\\
-    group = postfix
+    group = postfix\\
-    mode = 0660
+    mode = 0660\\
-    user = postfix
+    user = postfix\\
-  }
+  }\\
-}
+}\\
-service lmtp {
+service lmtp {\\
-  unix_listener /var/spool/postfix/private/dovecot-lmtp {
+  unix_listener /var/spool/postfix/private/dovecot-lmtp {\\
-    group = postfix
+    group = postfix\\
-    mode = 0600
+    mode = 0600\\
-    user = postfix
+    user = postfix\\
-  }
+  }\\
-}
+}\\
-service quota-status {
+service quota-status {\\
-  executable = quota-status -p postfix
+  executable = quota-status -p postfix\\
-  unix_listener /var/spool/postfix/private/quota-status {
+  unix_listener /var/spool/postfix/private/quota-status {\\
-    user = postfix
+    user = postfix\\
-  }
+  }\\
-}
+}\\
-service quota-warning {
+service quota-warning {\\
-  executable = script /usr/local/bin/quota-warning.sh
+  executable = script /usr/local/bin/quota-warning.sh\\
-  unix_listener quota-warning {
+  unix_listener quota-warning {\\
-    group = vmail
+    group = vmail\\
-    mode = 0660
+    mode = 0660\\
-    user = vmail
+    user = vmail\\
-  }
+  }\\
-}
+}\\
-ssl = required
+ssl = required\\
-ssl_server_cert_file = /app/certificates/kptree.net.cer
+ssl_server_cert_file = /app/certificates/kptree.net.cer\\
-ssl_server_dh_file = /etc/dovecot/dh.pem
+ssl_server_dh_file = /etc/dovecot/dh.pem \\
-ssl_server_key_file = /app/certificates/kptree.net.key
+ssl_server_key_file = /app/certificates/kptree.net.key\\
-ssl_server_prefer_ciphers = server
+ssl_server_prefer_ciphers = server\\
-ssl_min_protocol = TLSv1.2
+ssl_min_protocol = TLSv1.2\\
-sql_driver = mysql
+sql_driver = mysql\\
-mysql localhost {
+mysql localhost {\\
-  host = mail_db
+  host = mail_db \\
-  dbname = mailserver
+  dbname = mailserver\\
-  user = mailserver
+  user = mailserver \\
-  password = K6oF4xOZFIo2cYrwTQ03jQWwx7t2my
+  password = K6oF4xOZFIo2cYrwTQ03jQWwx7t2my\\
-}
+}\\
-passdb sql {
+passdb sql {\\
-  query = SELECT password FROM virtual_users WHERE email='%{user}'
+  query = SELECT password FROM virtual_users WHERE email='%{user}'\\
-}
+}\\
-userdb sql {
+userdb sql {\\
   query = SELECT email as user, \
   concat('*:bytes=', quota) AS quota_rule, \
   '/var/vmail/%{user | domain}/%{user | username}' AS home, \
 AS uid, 5000 AS gid \
-  FROM virtual_users WHERE email='%{user}'
+  FROM virtual_users WHERE email='%{user}'\\
-  iterate_query = SELECT email AS user FROM virtual_users
+  iterate_query = SELECT email AS user FROM virtual_users\\
-}
+}\\
-protocol lmtp {
+protocol lmtp {\\
-  mail_plugins = " quota sieve"
+  mail_plugins = " quota sieve"\\
-}
+}\\
-protocol imap {
+protocol imap {\\
-  mail_plugins = " quota imap_quota"
+  mail_plugins = " quota imap_quota"\\
-}
+}\\
-#!include conf.d/*.conf  </code>
+#!include conf.d/*.conf\\
 ++++
@@ Line 635: / Line 640: @@
 ====dovecot logging====
+====dovecot pigeonhole====
+Pigeonhole is the name of the project that adds support for the [[http://www.sieve.info/|Sieve language (RFC 5228)]] and the [[http://tools.ietf.org/html/rfc5804|ManageSieve protocol (RFC 5804)]] to the [[http://www.dovecot.org/|Dovecot Secure IMAP Server]].
 ====Dovecot References====
   *Doc Dovecot:
     *[[https://doc.dovecot.org/|Dovecot Community Edition Documentation]]
-    *Dovecot 2.3.x
+    *Dovecot 2.4.x
-      *[[https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/|Dovecot SSL configuration]]
+      *[[https://dovecot.org/mailman3/archives/list/dovecot@dovecot.org/message/WYKOYFBRIC622755CYOZQJV7IO7RKUM6/|Dovecot 2.4 - Example config]]
-      *[[https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/#simple-virtual-install-smtp-auth|Simple Virtual User Installation]]
+    ++++Dovecot 2.3.x|
-      *[[https://doc.dovecot.org/configuration_manual/namespace/|Namespaces]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/dovecot_ssl_configuration/|Dovecot SSL configuration]]
-      *[[https://doc.dovecot.org/settings/plugin/|Plugin Settings]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/howto/simple_virtual_install/#simple-virtual-install-smtp-auth|Simple Virtual User Installation]]
-      *[[https://doc.dovecot.org/configuration_manual/mail_location/|Mail Location Settings]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/namespace/|Namespaces]]
-      *[[https://doc.dovecot.org/admin_manual/doveadm_mailbox_commands/|Doveadm Mailbox Commands]]
+      *[[https://doc.dovecot.org/2.3/settings/plugin/|Plugin Settings]]
-      *[[https://doc.dovecot.org/configuration_manual/authentication/password_schemes/|Password Schemes]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/mail_location/|Mail Location Settings]]
-      *[[https://doc.dovecot.org/configuration_manual/authentication/sql/|SQL]]
+      *[[https://doc.dovecot.org/2.3/admin_manual/doveadm_mailbox_commands/|Doveadm Mailbox Commands]]
-      *[[https://doc.dovecot.org/admin_manual/logging/|Dovecot Logging]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/authentication/password_schemes/|Password Schemes]]
-      *[[https://doc.dovecot.org/configuration_manual/quota_plugin/|Quota Plugin]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/authentication/sql/|SQL]]
+      *[[https://doc.dovecot.org/2.3/admin_manual/logging/|Dovecot Logging]]
+      *[[https://doc.dovecot.org/2.3/configuration_manual/quota_plugin/|Quota Plugin]]
         *Other:
           *[[http://rob0.nodns4.us/|Postfix, DNS and general Linux system administration and consulting]]
           *[[http://rob0.nodns4.us/howto/3-dovecot|F. Dovecot configuration]]
           *[[https://serverfault.com/questions/803533/dovecot-storing-mails-in-var-mail-but-mail-location-set-to-maildir-var-mail-v|Dovecot storing mails in /var/mail, but mail_location set to maildir:/var/mail/vhosts/%d/%n]]
+++++
 =====Certificates SSL/TSL=====
 Early on, before 2015 there were not many free SSL certificate providers. I used StartSSL for a free certificate.  They would purchased by a company that managed to get their certificate deregister...... So StartSSL basically became non-usable circa 2017.  Fourtunately a better solution came about a year or 2 earlier called LetsEncrypt. This could be used with certbot to get free certificates and eventually free wildcard certificates. Then came Traefik which handled certificates.
@@ Line 1023: / Line 1033: @@
   *[[https://easyengine.io/tutorials/mail/swaks-smtp-test-tool/|swaks – SMTP test tool]]
   *[[https://commandmasters.com/commands/swaks-linux/|How to Use the Command 'swaks' (with Examples)]]
+=====exim=====
+After updating my VM from Debian 12 to 13 the mailserver container refused to start as it indicated that port 25 was already in use.
+It would seem that Debian 13 automatically installed and starts Exim, some kind of system email client.
+The solution was simply to stop and disable Exim from running, ''sudo 'systemctl stop/disable exim4''
+The method to find the program using the port was the command ''sudo lsof -i :25''
 =====References=====
   *Workaround.org [[https://workaround.org/ispmail/bullseye/|ISPmail guide for Debian 11 “Bullseye”]]