Configures LMTP for Dovecot and Postfix.

Webmail now is works too.

Makefile

@@ -46,17 +46,17 @@ log-wp:
 rmlog-wp:
 	- docker-compose exec wp rm wp-content/debug.log
 
-.PHONY: log-smtp
-log-smtp:
-	docker-compose logs smtp
+.PHONY: log-mail
+log-mail:
+	docker-compose logs smtp imap
 	- @cat tmp/smtp/log/maillog
 
-.PHONY: rmlog-smtp
-rmlog-smtp:
+.PHONY: rmlog-mail
+rmlog-mail:
 	- rm tmp/smtp/log/maillog
 
 .PHONY: log
-log: log-wp log-smtp
+log: log-wp log-mail
 
 .PHONY: rmlog
-rmlog: rmlog-wp rmlog-smtp
+rmlog: rmlog-wp rmlog-mail

README.md

@@ -37,4 +37,5 @@ Listening on http://127.0.0.1:8080.
 - [email protected] / pass
 
 User DB stored in `utils/imap/passwd`. SHA1 hash can be generated from a 
-password with `doveadm pw -s sha1` inside `imap` container.
+password with `doveadm pw -s sha1` inside `imap` container. Mailboxes are 
+configured in the `utils/smtp/vmailbox`.

docker-compose.yml

@@ -44,6 +44,7 @@ services:
     expose:
       - '$IMAP_AUTH_PORT/tcp'
       - '143/tcp'
+      - '24/tcp'
     volumes:
       - imap_mail:/srv/mail
       - imap_etc:/etc/dovecot

utils/imap/dovecot.conf

@@ -1,53 +1,56 @@
+# The `submission` makes Dovecot the Postfix auth frontend.
+# See https://doc.dovecot.org/admin_manual/submission_server
+# See `service auth` setting below.
+protocols = imap lmtp submission
+listen = *
+
+# `/srv/mail` is mounted as `imap_mail` volume.
+# TODO: maybe evaluate this?
+# See https://doc.dovecot.org/configuration_manual/config_file/config_variables
 mail_home=/srv/mail/%Lu
 mail_location=sdbox:~/Mail
-mail_uid=1000
-mail_gid=1000
-
-protocols = imap pop3 submission sieve lmtp
 
-first_valid_uid = 1000
-last_valid_uid = 1000
+userdb {
+  driver = static
+  args = uid=vmail gid=vmail home=/srv/mail/%Lu
+}
 
 passdb {
   driver = passwd-file
   # TODO: may be generate it?
   args = scheme=SHA1 /etc/dovecot/passwd
 }
 
-ssl=no
-ssl_cert=<cert.pem
-ssl_key=<key.pem
-
 namespace {
   inbox = yes
   separator = /
 }
 
-service lmtp {
+# Auth via TCP by the Postfix remote host.
+# See https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl
+service auth {
   inet_listener {
-    port = 24
+    # TODO: read from .env
+    port = 12345
   }
 }
 
-listen = *
-
-# Auth via TCP on the Postfix remote host.
-# See https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/
-# TODO: read from .env
-service auth {
+# See https://doc.dovecot.org/configuration_manual/protocols/lmtp_server
+service lmtp {
   inet_listener {
-    port = 12345
+    port = 24
   }
 }
 
 # `plain` allows unencrypted text password and `login` is plain too.
 # See https://doc.dovecot.org/configuration_manual/authentication/authentication_mechanisms/
 auth_mechanisms = plain login
-
-# Somethimes plaintext auth is disabled even the auth mechanism is set to
-# and `dovecot -a | grep disable_plaintext` tells 'yes'.
 disable_plaintext_auth = no
 
+ssl=no
+ssl_cert=<cert.pem
+ssl_key=<key.pem
+
 log_path=/dev/stdout
 info_log_path=/dev/stdout
 debug_log_path=/dev/stdout

utils/smtp/config.sh

@@ -1,12 +1,14 @@
 #!/bin/bash
 
+readonly IMAP_HOST=imap
+
 sasl() {
   postconf -e smtpd_sasl_auth_enable=yes
   postconf -e smtpd_sasl_type=dovecot
 
   # Use `inet:<host>:<port>` instead of `private/auth` when dovecot is remote.
   # See https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/
-  postconf -e smtpd_sasl_path=inet:imap:$IMAP_AUTH_PORT
+  postconf -e smtpd_sasl_path=inet:$IMAP_HOST:$IMAP_AUTH_PORT
 
   postconf -e smtpd_relay_restrictions="permit_mynetworks \
     permit_sasl_authenticated reject_unauth_destination"
@@ -51,5 +53,10 @@ vmail() {
 # See http://www.postfix.org/wip.html about editing `/etc/postfix/master.cf`.
 postconf -Me submission/inet='submission inet n - n - - smtpd'
 
+# LMTP with remote IMAP host.
+# See https://www.postfix.org/postconf.5.html#virtual_transport
+# See https://wiki.dovecot.org/HowTo/PostfixDovecotLMTP
+postconf -e virtual_transport=lmtp:inet:$IMAP_HOST
+
 sasl
 vmail