====== Installation Dovecot (suite Postfix / Dovecot) ======

  - Faire un backup des fichiers de configuration: <code bash>cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.orig
cp /etc/dovecot/conf.d/10-mail.conf /etc/dovecot/conf.d/10-mail.conf.orig
cp /etc/dovecot/conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf.orig
cp /etc/dovecot/dovecot-sql.conf.ext /etc/dovecot/dovecot-sql.conf.ext.orig
cp /etc/dovecot/conf.d/10-master.conf /etc/dovecot/conf.d/10-master.conf.orig
cp /etc/dovecot/conf.d/10-ssl.conf /etc/dovecot/conf.d/10-ssl.conf.orig</code>
  - Editer le fichier /etc/dovecot/dovecot.conf <code bash>nano /etc/dovecot/dovecot.conf</code> Et ajouter la ligne <code>postmaster_address=postmaster at domaine.com</code> Si vous souhaitez désactiver LMTP ou POP3 il suffit de préciser dans ce fichier les protocols <code>protocols = imap pop3 lmtp</code>
  - Modifier le fichier /etc/dovecot/conf.d/10-mail.conf <code bash>nano /etc/dovecot/conf.d/10-mail.conf</code> et modifier la ligne mail_location: <code>mail_location = maildir:/srv/mail/%d/%n/</code>
  - Créer un groupe & un utilisateur vmail, lui associer le dossier de stockage: <code bash>groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /srv/mail
chown -R vmail:vmail /srv/mail</code>
  - Editer le fichier qui gère les authentifications <code bash>nano /etc/dovecot/conf.d/10-auth.conf</code> Et y apporter les modifications suivantes: <code>disable_plaintext_auth = yes
auth_mechanisms = plain login
...
!include auth-sql.conf.ext</code>
  - Editer le fichier du module sql <code bash>nano /etc/dovecot/conf.d/auth-sql.conf.ext</code>Et l'adapter de la sorte: <code>passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
#Commenter ceci
#userdb {
#  driver = sql
#  args = /etc/dovecot/dovecot-sql.conf.ext
#}
#...
userdb {
  driver = static
  args = uid=vmail gid=vmail home=/srv/mail/%d/%n
}</code>
  - Editer le fichier sql <code bash>nano /etc/dovecot/dovecot-sql.conf.ext</code>Et mettre les 4 lignes suivantes. Attention, il faut bien sur adapter avec les données de votre serveur <code>driver = mysql
connect = host=127.0.0.1 dbname=posogodo user=blabla-ro password=sddsfsdfsdf
default_pass_scheme = SHA512-CRYPT
password_query = SELECT concat(a.user,'@',b.`domain` ) as user, password FROM posogodo.mailboxes a left join posogodo.domains b on a.t_domains = b.id where a.active='1' and b.active='1' and concat(a.user,'@',b.`domain` ) = '%u';</code>
  - Vérifier si ça fonctionne: <code bash>doveadm auth login -x service=imap user@domain.be TestPwd123</code>
  - Modifier les droits sur les fichiers de configuration <code bash>chown -R vmail:dovecot /etc/dovecot
chmod -R o-rwx /etc/dovecot</code>












nano /etc/dovecot/conf.d/10-master.conf

service imap-login {
  inet_listener imap {
    port = 0  
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
}

service pop3-login {
  inet_listener pop3 {
    port = 0  
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}

service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    #mode = 0666i
    mode = 0600
    user = postfix
    group = postfix
  }
  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port = 
  #}
}

service auth {

 unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    user = postfix
    group = postfix
  }

  unix_listener auth-userdb {
    mode = 0600
    user = vmail
  }
  user = dovecot
}

service auth-worker {
  user = vmail
}

cert.pem       chain.pem      fullchain.pem  privkey.pem    README         
root@mail2:/etc/dovecot# ls /etc/letsencrypt/live/mail2.makeitsimple.be/

nano /etc/dovecot/conf.d/10-ssl.conf
ssl = required
ssl_cert = </etc/letsencrypt/live/mail2.makeitsimple.be/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail2.makeitsimple.be/privkey.pem

===== Sources =====
  * https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql/#dovecot