Howto: Linux Dovecot Secure IMAPS / POP3S SSL Server configuration

Posted on in Categories , , , , , , , , , , , last updated July 16, 2007

Q. How do I configure Dovecot IMAPS and POP3s server using SSL certificate? Can I use SSL certificates generated for Postfix mail server?

A. Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats.

You need to enable POP3s and IMAPS. Open default configuration file:
# vi /etc/dovecot.conf
Make sure POP3S and IMAPS are enabled:
protocols = imaps pop3s

Next you must set PEM encoded X.509 SSL/TLS certificate and private key. They’re opened before dropping root privileges, so keep the key file unreadable by anyone but root (see how create certificate CSR and configure certificates for Postfix):
ssl_cert_file = /etc/postfix/ssl/smtp.theos.in.crt
ssl_key_file = /etc/postfix/ssl/smtp.theos.in.key

If key file is password protected, give the password using ssl_key_password directive:
ssl_key_password = myPassword

Save and close the file. Restart Dovecot server:
# /etc/init.d/dovecot restart

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 1 comments/add one below):

1 comment

  1. Hi vivek gite ,
    did you configure was very nice, go through that configuration
    then how can write .fetchmailrc entry poll from gmail mail server using pop3s
    what should be entry for .fetchmailrc is this configuration ?
    Example :
    poll pop.gmail.com
    uidl
    proto pop3s
    auth password
    user “[email protected]
    pass “linux”
    is linux
    keep

Leave a Comment