Complete Virtual Mail Server/Courier-IMAP to Database

Introduction
Courier-IMAP will be used to provide both IMAP and POP3 services. Many will be interested in IMAP as POP3 is not being used as much anymore. This is quite understandable as IMAP has many advantages.

The major difference between POP3 and IMAP would be that IMAP keeps messages on the server whereas with POP3, the client retrieves the messages and are then gone from the server. Having the messages kept on server allows for several clients to actively work with the same mailbox from different locations. The most basic example would be webmail and a desktop client, both accessing the same mailbox at the same time. Also in general, webmail clients strongly favor IMAP. The price this comes with of course, is primarily disk space and processing power on the mail server. With disk space being as cheap as it is these days, 32Gb set aside pure for e-mail offers a lot of space for mails, at hardly any cost. And if processing power is an issue, server-side based searches can be disabled to reduce the stress on the machine.

This chapter will mainly focus on IMAP, but will include POP3 for completeness sake. Some research into the two protocols may be required if the choice is not so certain.

Installing Courier-IMAP
has a few USE flags that need to be examined. is an important dependency as it is responsible for how users authenticate, so it's USE flags are examined aswell.

Only choose the desired database backends.

If the proper USE flags are set, emerging courier-imap should pull in courier-authlib:

Postgres
Courier-authlib runs as root, so access to the socket will be permitted by default.

If logins are used in the syntax of user@domain.com instead of username, the value of  needs to be changed from   to.

To use more advanced authentication SQL statements the  can be used. Courier-authlib will ignore any of the previous set parameters for SELECT statements, but will use them for counting the number of accounts or for changing the password and thus when changing the password the username field is still used. If authentication is done against username remember that usernames need to be unique.

MySQL
Next reconfigure the authentication to use the mailsql database in courier-imap and postfix. In all of the following examples, replace  with the password set for the mailsql mysql user.

Reload the necessary services:

Configuring authdaemon
Authdaemon is actually responsible for doing the authentication. Here authdaemon is configured to use the right database backend. Portage actually does set the  variable properly. Verify this in the configuration file. Also enable debugging here as this will help with any potential issues later.

Access permissions
Permissions must be set correctly, as the files can contain sensitive password information.

Testing courier-authlib
Courier-authlib includes a simple testing utility. It requires a valid username as parameter. Don't hesitate to check out the authtest manual page for more information. It is short but concise.

To perform some basic tests start the authlib daemon:

Run authtest with the testuser:

POP3
POP3 requires little configuring to get working. It is however recommended to skip this section and not enable/use pop3 and thus leave this setting at NO. A user may be able to remove all messages that where supposed to be stored on the server for imap usage, then incorrectly configure his mail client and purge the server of his mailbox this way.

IMAP
IMAP has a few capabilities that can be enabled.


 * to allow server side searching through messages.
 * to allow 'push' like connections.

Some clients need a minimum DH parameter length of 2048 bits (such as those using >=dev-libs/nss-3.19.1). Generate one with:

And ensure Courier is using it:

POP3
Courier-pop3d should be started:

Once started, telnet could be used to identify initial problems. Once logging in with telnet works, a mail client can be used:

If testing works properly, add courier-pop3d to the default runlevel:

IMAP
Courier-imapd should be started:

Once started, telnet could be used to identify initial problems. Once logging in with telnet works, a mail client can be used:

If testing works properly, add courier-imap to the default runlevel:

Wrapping things up
Turn off debugging if this stage works properly.