This page is part of the EmailServer article. Dovecot for POP3 and IMAPDovecot is an excellent and flexible POP3 and IMAP mail server. Its performance is outstanding and it can be setup to manage large amounts of emails. If you haven't got it on your system, you can build it from source or just use the ubiquitous yum: # yum install dovecot # chkconfig dovecot --levels 235 on First, we need to tell Dovecot where to find our emails: as you remember, we told Postfix to use maildirs in the user directories instead of the default mbox. Edit the protocols = imap imaps pop3 pop3s listen = [::] ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem ssl_key_file = /etc/pki/dovecot/private/dovecot.pem login_dir = /var/run/dovecot/login login_greeting = Welcome to oBlue. mail_location = maildir:/mail/%u mail_full_filesystem_access = no maildir_copy_with_hardlinks = yes protocol imap { imap_max_line_length = 65536 login_greeting_capability = no imap_client_workarounds = outlook-idle } protocol pop3 { pop3_uidl_format = %08Xu%08Xv pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } protocol lda { postmaster_address = postmaster@example.com } auth default { mechanisms = plain passdb pam { } userdb passwd { } user = root } dict { } plugin { Restart Dovecot ( SSL for IMAP and POPIn the older article for Fedora Core 4 we used stunnel to encrypt our seucred POP and IMAP channels. You can access that article on the SecureAccess page where we still use stunnel for securing email we send to the server.. To change a bit, we're going to follow Dovecot standard configuration and allow it to use SSL directly for POP3S and IMAPS. First, remove the existing cert files, we're going to replace them later: # rm /etc/pki/dovecot/certs/dovecot.pem Then edit the [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] # country (2 letter code) C=HK # State or Province Name (full name) ST=Hong Kong # Locality Name (eg. city) L=Central # Organization (eg. company) O=ACME Publishing Ltd # Organizational Unit Name (eg. section) OU=Main Office # Common Name (*.example.com is also possible) CN=mail.example.com # E-mail contact emailAddress=postmaster@example.com [ cert_type ] nsCertType = server Now all we need is to run the small script that the dovecot people have nicely provided to generate the key. # /usr/libexec/dovecot/mkcert.sh Note that you may need to change the path to the exact version on your system. That's it, you should now be able to connect to the server after configuring your client to use SSL. < Postfix | EmailServer | AmavisdNew > Leave your comments below |