![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
#author("2025-03-21T02:01:45+00:00","default:iseki","iseki") #author("2025-03-24T11:54:34+00:00","default:iseki","iseki") * Dovecot - IMAP, POP3 サーバ - see also [[Postfix]] ** Dovecot 設定 [#ped81c07] *** IMAPS (pam) [#j5d51732] - /etc/dovecot **** dovecot.conf [#u58f2edc] - protocols = imap **** conf.d/10-auth.conf [#z7516fba] - disable_plaintext_auth = no **** conf.d/10-mail.conf [#gec5801c] - mail_location = maildir:~/Maildir **** conf.d/10-ssl.conf [#s5cfdff3] # openssl dhparam -out /etc/dovecot/dh.pem 4096 - ssl = required - ssl_cert = </etc/pki/dovecot/certs/dovecot.pem - ssl_key = </etc/pki/dovecot/private/dovecot.pem - ssl_dh = </etc/dovecot/dh.pem **** firewalld [#x277ab06] - firewall-cmd --add-service=imaps --permanent - firewall-cmd --reload **** Error [#of2cf7e3] ***** imap-login: Error: Failed to initialize SSL server context: Can't load DH parameters (ssl_dh setting): error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small [#y866074c] - see https://www.wetch.co.jp/dovecot%E3%82%92%E3%82%A2%E3%83%83%E3%83%97%E3%82%B0%E3%83%AC%E3%83%BC%E3%83%89%E3%81%97%E3%81%9F%E3%82%89%E5%8F%97%E4%BF%A1%E3%81%A7%E3%81%8D%E3%81%AA%E3%81%8F%E3%81%AA%E3%81%A3%E3%81%9F/ - dovecot2.3から ssl-parameter.datファイルが廃止, ssl_dh を使用する. -- openssl dhparam -out /etc/dovecot/dh.pem 4096 -- /etc/dovecot/conf.d/10-ssl.conf に ssl_dh = </etc/dovecot/dh.pem を追加 *** SSL なし POP3 (IPv4, shadow) [#i974d9e9] **** dovecot.conf [#d28924ff] - protocols = pop3 - listen = * **** conf.d/10-auth.conf [#e17326a7] - disable_plaintext_auth = no **** conf.d/10-mail.conf [#j56be4c8] - mail_location = mbox:~/Mail:INBOX=/var/spool/mail/%u - mail_access_groups = mail **** conf.d/10-ssl.conf [#a5bb57c5] - ssl = no **** conf.d/auth-system.conf.ext [#o64910b9] - passdb { driver = shadow }
