Dovecot Server

Dovecot is a Mail Delivery Agent, written with security primarily in mind. It supports the major mailbox formats: mbox or Maildir. This section explain how to set it up as an imap or pop3 server.


To install a basic Dovecot server with common pop3 and imap functions, run the following command in the command prompt:

sudo apt install dovecot-imapd dovecot-pop3d

There are various other Dovecot modules like dovecot-sieve (mail filtering), dovecot-solr (full text search), ...


To configure Dovecot, you can edit the file /etc/dovecot/dovecot.conf and its included configfiles in /etc/dovecot/conf.d/. By default all installed protocols will be enabled via an include directive in /etc/dovecot/dovecot.conf.

!include_try /usr/share/dovecot/protocols.d/*.protocol

IMAPS and POP3S are more secure because they use SSL encryption to connect. A basic self signed ssl certificate is automatically set up by package ssl-cert and used by dovecot in /etc/dovecot/conf.d/10-ssl.conf.

By default mbox format is configured, if required you can also use maildir. More about that can be found in the comments at /etc/dovecot/conf.d//10-mail.conf Further benefits and details are discussed on the Dovecot web site.

You should configure your Mail Transport Agent (MTA) to transfer the incoming mail to the selected type of mailbox if it is different from the one you have configured.

Once you have configured dovecot, restart the Dovecot daemon in order to test your setup:

sudo systemctl restart dovecot.service

If you have enabled imap, or pop3, you can also try to log in with the commands telnet localhost pop3 or telnet localhost imap2. If you see something like the following, the installation has been successful:

bhuvan@rainbow:~$ telnet localhost pop3
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Dovecot ready.

Dovecot SSL Configuration

Dovecot is now automatically configured to use SSL. It uses the package ssl-cert which provides a self signed certificate. You can edit the file /etc/dovecot/conf.d/10-ssl.conf and amend following lines if you want to set up a custom certificate (See Certificates for more details.):

ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.key

You can get the SSL certificate from a Certificate Issuing Authority or you can create self signed SSL certificate. Please refer to Certificates for details about how to create self signed SSL certificate. Once you create the certificate, you will have a key file and a certificate file that you want to make known in the config shown above.

Firewall Configuration for an Email Server

To access your mail server from another computer, you must configure your firewall to allow connections to the server on the necessary ports.

  • IMAP - 143

  • IMAPS - 993

  • POP3 - 110

  • POP3S - 995