Red Hat Enterprise Linux 5 Administration Unleashed

Using POP and IMAP 375By default, the line lists the protocols for IMAP, IMAP over SSL, POP, and POP over SSL. Ifyou don’t want to enable all of these, remove the unwanted ones from the list. Next, startDovecot with the service dovecot start command as root.The /etc/dovecot.conf file contains many more options for customizing Dovecot. Thecomments in the configuration file offer brief descriptions of the variables. Refer to the/usr/share/doc/dovecot-/configuration.txt, the other files in the /usr/share/doc/dovecot-/ directory, and dovecot.org for details.Enabling POP and IMAP with SSLTo use the secure versions of POP and IMAP (pop3s and imaps), you need to generate anSSL certificate. Dummy certificates are generated when the dovecot RPM package isinstalled, but they should only be used for testing purposes because they do not show thecorrect hostname for the email server or location. A self-signed certificate can be generatedwith the /usr/share/doc/dovecot-/examples/mkcert.sh script. An SSLcertificate issued by a trusted third party can be purchased from sites such asverisign.com.Before running the mkcert.sh script, modify /etc/pki/dovecot/dovecot-openssl.cnfwith the correct values for your server. For example, the CN option for Common Nameneeds to be set to the domain name of the email server. Also, in mkcert.sh, you need tomodify the location of the SSLDIR variable to the default directory Dovecot expects theSSL keys to be located in. It should read as follows:SSLDIR=${SSLDIR-/etc/pki/dovecot}The mkcert.sh script will not override existing keys, so move the default keys created,/etc/pki/dovecot/certs/dovecot.pem and /etc/pki/dovecot/private/dovecot.pem, intoa backup directory or rename them. The script also assumes the dovecot-openssl.cnf fileis in the current working directory, so change into the /etc/pki/dovecot/ directory asroot, and execute the script using the full path to its location: /usr/share/doc/dovecot-/examples/mkcert.sh, where is the version of Dovecot installed. Ifthe script successfully creates the keys, the output will look similar to the following:18Generating a 1024 bit RSA private key....++++++......................................................++++++writing new private key to ‘/etc/pki/dovecot/private/dovecot.pem’-----subject= /C=US/ST=North Carolina/L=Raleigh/OU=IMAPserver/CN=host.example.com/emailAddress=postmaster@example.comSHA1 Fingerprint=B3:93:A8:A8:51:1F:28:08:41:12:14:B5:72:5E:5B:4B:83:B0:88:4BTo test the connection, use the command telnet localhost , where is 110for POP, 143 for IMAP, 995 for POP over SSL, and 993 for IMAP over SSL. If Dovecot isconfigured properly and listening for connections, you should see the following: