With existing data use this dovecot conf
New installs without existing email data.
For new installations, without any email data, I typically use this version. This uses a universal namespace for the names so it works better with Dovecot 2.3.x and email clients similar to how the cPanel and other ones do out of the box
Install spamasassin via cyberpanel for new installations without existing email data and files all spam into “INBOX.Junk”
backup configs:
cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-bak_$(date ‘+%Y-%m-%d_%H:%M:%S’);
cp /etc/postfix/master.cf /etc/postfix/master.cf-bak_$(date ‘+%Y-%m-%d_%H:%M:%S’);
cp /etc/postfix/main.cf /etc/postfix/main.cf-bak_$(date ‘+%Y-%m-%d_%H:%M:%S’);
and
cp /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf-bak-sieve
cp /etc/postfix/master.cf /etc/postfix/master.cf-bak-sieve
cp /etc/postfix/main.cf /etc/postfix/main.cf-bak-sieve
Please NOTE:
TO reverse these modifications the below commands can be used.
cp /etc/dovecot/dovecot.conf-bak /etc/dovecot/dovecot.conf
cp /etc/postfix/master.cf-bak /etc/postfix/master.cf
cp /etc/postfix/main.cf-bak /etc/postfix/main.cf
service dovecot restart && service postfix restart;
service dovecot status && service postfix status;
Install the required packages
Ubuntu
apt-get install -y dovecot-managesieved dovecot-sieve net-tools pflogsumm
Centos
yum install nano net-tools dovecot-pigeonhole postfix-perl-scripts -y
Empty the current config
/etc/dovecot/dovecot.conf
copy in the new base one via nano. Replace server.example.com with your hostname and example.com with your domain name.
nano /etc/dovecot/dovecot.conf
protocols = imap pop3 sieve
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/home/vmail/%d/%n/Maildir
#mail_location = mdbox:/home/vmail/%d/%n/Mdbox
ssl_cert = <cert.pem
ssl_key = <key.pem
mail_plugins = zlib
mdbox_rotate_size = 2M
namespace inbox {
type = private
separator = .
prefix = INBOX.
inbox = yes
mailbox Drafts {
special_use = \Drafts
auto = subscribe
}
mailbox Junk {
special_use = \Junk
auto = create
}
mailbox “Junk Mail” {
special_use = \Junk
auto = no
}
mailbox “Junk E-mail” {
special_use = \Junk
auto = no
}
mailbox spam {
special_use = \Junk
auto = no
}
mailbox Spam {
special_use = \Junk
auto = no
}
mailbox Trash {
special_use = \Trash
auto = subscribe
}
mailbox Sent {
special_use = \Sent
auto = subscribe
}
mailbox “Sent Mail” {
special_use = \Sent
auto = no
}
mailbox “Sent Messages” {
special_use = \Sent
auto = no
}
mailbox Archive {
special_use = \Archive
auto = create
}
mailbox “Archives” {
special_use = \Archive
auto = no
}
}
service auth {
unix_listener auth-master {
mode = 0600
user = vmail
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
user = root
}
service auth-worker {
user = root
}
protocol lda {
log_path = /home/vmail/dovecot-deliver.log
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = [email protected]
mail_plugins = zlib
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = $mail_plugins zlib
}
protocol imap {
mail_plugins = $mail_plugins zlib imap_zlib
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
plugin {
zlib_save = gz
zlib_save_level = 6
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service managesieve {
}
protocol sieve {
managesieve_max_line_length = 65536
managesieve_implementation_string = dovecot
log_path = /var/log/dovecot-sieve-errors.log
info_log_path = /var/log/dovecot-sieve.log
}
plugin {
sieve = /home/vmail/%d/%n/dovecot.sieve
sieve_global_path = /etc/dovecot/sieve/default.sieve
sieve_dir = /home/vmail/%d/%n/sieve
sieve_global_dir = /etc/dovecot/sieve/global/
}
protocol lda {
mail_plugins = $mail_plugins sieve quota
postmaster_address = [email protected]
hostname = server.example.com
auth_socket_path = /var/run/dovecot/auth-master
log_path = /var/log/dovecot-lda-errors.log
info_log_path = /var/log/dovecot-lda.log
}
protocol lmtp {
mail_plugins = $mail_plugins sieve quota
log_path = /var/log/dovecot-lmtp-errors.log
info_log_path = /var/log/dovecot-lmtp.log
}
service stats {
unix_listener stats-reader {
user = vmail
group = vmail
mode = 0660
}
unix_listener stats-writer {
user = vmail
group = vmail
mode = 0660
}
}
Create directories and permissions.
mkdir -p /etc/dovecot/sieve/global
touch /var/log/{dovecot-lda-errors.log,dovecot-lda.log}
touch /var/log/{dovecot-sieve-errors.log,dovecot-sieve.log}
touch /var/log/{dovecot-lmtp-errors.log,dovecot-lmtp.log}
touch /etc/dovecot/sieve/default.sieve
chown vmail: -R /etc/dovecot/sieve
chown vmail:mail /var/log/dovecot-*
nano /etc/dovecot/sieve/default.sieve
require “fileinto”;
if header :contains “X-Spam-Flag” “YES” {
fileinto “INBOX.Junk”;
}
Sieve the global spam filter
sievec /etc/dovecot/sieve/default.sieve
Restart and check services are up and then test.
service dovecot restart && service postfix restart && service spamassassin restart;
service dovecot status && service postfix status && service spamassassin status;
Start tailing logs:
tail -f /var/log/{maillog,mail.log,mail.err,syslog}
Sent your test Junk email with the below in the body of the email:
XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X
If you get the this message but are not seeing the email in the inbox and permissions and everything else is right:
delivered via spamassassin service)
Open config file and change the below line
nano /etc/postfix/master.cf
From:
spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
To:
spamassassin unix - n n - - pipe flags=DROhu user=vmail:vmail argv=/usr/bin/spamc -f -e /usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
If this is on Ubuntu the line might need to be using the Ubuntu lib path of /usr/lib/dovecot/deliver
spamassassin unix - n n - - pipe flags=DROhu user=vmail:vmail argv=/usr/bin/spamc -f -e /usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}
Optional things that might be needed.
If you get this error:
spamc[7957]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused
Disable IPv6:
Append below lines in /etc/sysctl.conf:
nano /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
To make the settings effective, execute :
sysctl -p
Add missing spamd user:
groupadd spamd
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
chown spamd:spamd /var/log/spamassassin
service spamassassin restart
Create this file with the below value to ensure spamd listening on localhost
[root@srv ~]# cat /etc/mail/spamassassin/spamc.conf
-d 127.0.0.1
[root@srv ~]#
/etc/sysconfig/spamassassin
/etc/default/spamassassin
Resources: