Note this goes with the Postfix guide.
You could run the IMAP server on another system/container, but as the passwords are managed locally, for now, in the Postfix guide, there’s no other choice. It also needs to point on the same Maildir location anyway.
apt -y install dovecot-imapd
cd /etc/dovecot/
cp -pi dovecot.conf dovecot.conf.dist
cd conf.d/
cp -pi 10-auth.conf 10-auth.conf.dist
vi 10-auth.conf
disable_plaintext_auth = yes
auth_mechanisms = plain login
cp -pi 10-mail.conf 10-mail.conf.dist
vi 10-mail.conf
mail_location = maildir:~/Maildir
cp -pi 10-master.conf 10-master.conf.dist
vi 10-master.conf
DISABLE imaps
DISABLE pop3*
DISABLE submission* (WTF we already got that with postfix)
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
#user = postfix
#group = postfix
}
cp -pi /etc/dovecot/conf.d/10-ssl.conf /etc/dovecot/conf.d/10-ssl.conf.dist
#ls -lhF /etc/ssl/certs/ssl-cert-snakeoil.pem
#ls -lhF /etc/ssl/private/ssl-cert-snakeoil.key
ls -lhF /etc/letsencrypt/live/DOMAIN.TLD/fullchain.pem
ls -lhF /etc/letsencrypt/live/DOMAIN.TLD/privkey.pem
vi /etc/dovecot/conf.d/10-ssl.conf
ssl = yes
#ssl_cert = </etc/ssl/certs/ssl-cert-snakeoil.pem
#ssl_key = </etc/ssl/private/ssl-cert-snakeoil.key
ssl_cert = </etc/letsencrypt/live/DOMAIN.TLD/fullchain.pem
ssl_key = </etc/letsencrypt/live/DOMAIN.TLD/privkey.pem
#since v2.3
ssl_dh = </root/dh.pem
cp -pi 20-imap.conf 20-imap.conf.dist
vi 20-imap.conf
imap_client_workarounds = tb-extra-mailbox-sep
handy symlink,
cd ~/ ln -s /etc/dovecot
the Postfix auth needs to be ready
ls -lhF /var/spool/postfix/private/auth
systemctl restart dovecot
which dovecot dovecot stop ps auxww | grep dovecot dovecot