Fedora Linux

? The files in the /usr/share/doc/sendmail* , /usr/share/doc/fetchmail* , /usr/share/doc/procmail* , and /usr/share/doc/postfix* directories

? The sendmail web site: http://www.sendmail.org

? The fetchmail web site: http://www.catb.org/~esr/fetchmail

? The procmail web site: http://www.procmail.org

? The postfix web site: http://www.postfix.org

? RFC 2142 defines a standard list of aliases that should exist on any Internet server: http://www.ietf.org/rfc/rfc2142.txt

7.7. Configuring IMAP and POP3 Email

Having mail delivered to the system mailboxes in /var/spool/mail is fineas long as the users are using an MUA running on the Fedora system. If a user is running his MUA on another systemEvolution on another Fedora system in the local network, or perhaps Outlook on a Windows machinethen the user needs IMAP or POP3 access to the remote mailbox.

7.7.1. How Do I Do That?

Fedora's Dovecot server provides IMAP and POP3 access.

When freshly installed, Dovecot will not successfully start. Dovecot requires security certificates to enable encrypted communications. There are three solutions to this problem:

Buy a certificate

A certificate is signed by a certificate authority (CA), whotheoreticallyis trusted by both the client and server. The CA certifies that the parties to whom certificates are issued are who they say they are, therefore eliminating the possibility of a malicious party between the client and the server masquerading as the server.  

Buying a certificate is not covered in this lab.

Create your own certificate

Because there is no way to verify the authenticity of the certificate (whether unsigned or self-signed) with a third party, most client programs will present a warning dialog every time a certificate of this type is encountered. However, the connection will still be encrypted.

Disable encryption

In all caseswhether encryption is disabled or notDovecot will accept unencrypted connections. If you are in a secure environment (for example, where the only client connecting to the Dovecot server is SquirrelMail on the local machine, or connections are made over a reasonably secure LAN such as a wired home network), you may decide to forgo encryption altogether.

7.7.1.1. Creating your own certificate

First, edit the file /etc/pki/dovecot/dovecot-openssl.cnf and find the CN= and emailAddress= lines:

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no
[ req_dn ]
# country (2 letter code)
#C=FI
# State or Province Name (full name)
#ST=
# Locality Name (eg. city)
#L=Helsinki
# Organization (eg. company)
#O=Dovecot
# Organizational Unit Name (eg. section)
OU=IMAP server
# Common Name (*.example.com is also possible)
CN=imap.example.com
# E-mail contact
[email protected]
[ cert_type ]
nsCertType = server

Edit these two lines to contain the hostname of the system and the mail administrator's email address:

# Common Name (*.example.com is also possible)
CN= bluesky.fedorabook.com
# E-mail contact
emailAddress= [email protected]

Then generate the certificates: