23b1777850
o Synchronise README.FreeBSD with current reality.
o Improve security a little by adding a 'dovecot-auth'
user and group.
PR: 53875
Submitted by: Dominic Marks <dominic.marks@btinternet.com> (maintainer)
86 lines
2.8 KiB
Text
86 lines
2.8 KiB
Text
#
|
|
# README.FreeBSD
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
-> 2003/06/28 (NEW)
|
|
|
|
o The authentication mechanism is different on FreeBSD 4 and 5.
|
|
For the default configuration set the following variables in
|
|
your dovecot.conf according to your version of FreeBSD.
|
|
|
|
+ FreeBSD 4 (DEFAULT)
|
|
|
|
auth_passdb = passwd
|
|
auth_user = dovecot-auth
|
|
|
|
+ FreeBSD 5
|
|
|
|
auth_passdb = pam *
|
|
auth_user = root
|
|
|
|
-> 2003/04/15
|
|
|
|
o Dovecot will not allow users with a user or group id of 0 to
|
|
login. Because of this you will not be able to open root's
|
|
mailbox, or any of the mailboxes of users in the wheel group.
|
|
|
|
+ 2003/06/28 (NEW)
|
|
Dovecot now has four configuration variables which allow you to
|
|
set the high and low boundaries for acceptable user and group ids.
|
|
You still can not login to root's mailbox with Dovecot however.
|
|
The default configuration which comes with the port is now
|
|
configured to accept connections from users in the wheel group,
|
|
my patch which added the allow_zero_gid variable below has been
|
|
removed. Update your configurations to match.
|
|
|
|
+ 2003/04/15 (DEPRECIATED)
|
|
It is now possible to change this behavior to allow wheel users to
|
|
check their mailboxes with Dovecot. Add the following line to your
|
|
dovecot.conf:
|
|
|
|
allow_zero_gid = yes
|
|
|
|
o The configuration which is supplied with this port is installed into
|
|
PREFIX/etc/dovecot-example.conf and PREFIX defaults to /usr/local.
|
|
I have attempted to choose what appears to be the best mixture of
|
|
performance and compatibility and set Dovecot up to start POP3 and
|
|
IMAP services for all the local users of the machine. This should be
|
|
enough for the simplest sites to get up and running straight away.
|
|
|
|
o Enabling SSL services should be easy, the Dovecot port is configured
|
|
by default to keep its SSL information under /var/dovecot/ssl, if you
|
|
already have certificates you wish to use then you can override this
|
|
in the configuration. If you don't have a certificate and wish to
|
|
make your own it should be as simple as:
|
|
|
|
# cd PREFIX/share/doc/dovecot/
|
|
# vi dovecot-openssl.conf
|
|
|
|
Add information which describes your enivironment.
|
|
|
|
# sh mkcert.sh
|
|
|
|
Execute the certificate generator. This will put a new certificate
|
|
and private key under /var/dovecot/ssl.
|
|
|
|
# cd PREFIX/etc/
|
|
# vi dovecot.conf
|
|
|
|
Reconfigure Dovecot to use SSL.
|
|
|
|
The variables you will want to set in dovecot.conf to allow a SSL
|
|
secured POP3 and IMAP service are:
|
|
|
|
protocols = imap imaps pop3 pop3s
|
|
ssl_disable = no
|
|
|
|
You may wish to also change the following variables to reflect the
|
|
location of SSL certificates on your system.
|
|
|
|
ssl_cert_file = /var/dovecot/ssl/certs/imapd.pem
|
|
ssl_key_file = /var/dovecot/ssl/private/imapd.pem
|
|
|
|
Thanks,
|
|
Dominic Marks <dominic.marks@btinternet.com>
|