Using Kolab with Dovecot IMAP Server

grote's picture

This is a guest post by Mihai Badici who managed to get his Kolab Server to run with Dovecot IMAP instead of Cyrus IMAP. Here he is writing about his experiences and lets other people know how to follow his example.

I've used Dovecot for years as the IMAP server in a openldap-centric mail system configuration. When I started looking for a solution to add Contacts/Calendar support I found Kolab that is, in my opinion, the right way to do it, because it only requires a few additions in the IMAP protocol at the server side (which allows one to enjoy the stability of a solid Linux mail server setup) and shift the burden to the client side, where it is easy to add plugins, modify and test the product etc.

So I embraced the idea, but also I want to keep my previous work and not to learn to configure a new IMAP server (there is nothing wrong with learning, but I prefer to learn something else). Kolab uses Cyrus as its default IMAP server, but since there is a metadata patch for dovecot, I chose the latter. The IMAP metadata format is described in RFC 5464.

Packages

There are metadata patches for 2.0.x and 1.1.x branches. Since I had no problems with 2.0, I choose this one, because it is the newest. As a matter of fact, I tried to compile also the 2.1.x branch, but it gave me some errors and so I abandoned it for the moment. I think it is not difficult to adapt the patch but I never had time to return to this.

So i used dovecot 2.0.21 (during the time I compiled few previous versions without problems.) You can download it from www.dovecot.org.

Update: The metadata plugin has a preprocesor directive named DOVECOT_PREREQ(2.1) that on my system is incorectly interpreted. I simply deleted the if/else clause (keeping the "true" branch) and the plugin compiled without issues. So I was able to upgrade to dovecot 2.1.10.

Because kolab is ldap-centric, you also need openldap libraries in order to compile dovecot. I'm using slackware 13.37 which has openldap version 2.4.23 but I compiled against different versions, so you can probably use your distribution's package.

I used the metadata patch from http://hg.dovecot.org/dovecot-metadata-plugin

You also need gcc, m4 and I think autoconf/automake to compile the package.

Update: After my previous post, I encountered a bug in the metadata plugin that prevents the storage of certain strings. In order to correct them, Dennis Schridde issued version 11 of the plugin, so you should use this version.

Compiling

First I built dovecot:

$ configure --with-ldap --sysconfdir=/etc --prefix=/usr
$ make; make install

In fact I use slackbuild to build a package, but that's the idea.

Once you do this you have a dovecot IMAP server (without metadata support) up and running. I do it that way because dovecot libraries are needed to compile the patch.

So, after that you can extract the plugin and run

$ ./configure --with-dovecot=/usr/lib/dovecot
$ make

If you want to build on your current server, you can also run

$ make install

I wanted to make a package, so I copied the resulting .so libs from src/.libs together with the original dovecot files in a directory and use mkpkg. The specifics depend on your distribution. (There is also a conf file needed for the package, as follows so don't run mkpkg, yet). You can find the package I created for my Slackware setup on my server.

Configuration

In dovecot 2.x the configuration model was changed. Now we have multiple configuration files in a conf.d directory.

I hope remember the relevant part correctly. If not, feel free to ask me. In 10-auth.conf I have:

!include auth-ldap.conf.ext

which include the ldap stuff usefull for directory access. In auth-ldap.conf.ext I have:

passdb {
driver = ldap
# Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext
args = /etc/dovecot/dovecot-ldap.conf.ext
}
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
}

and in /etc/dovecot/dovecot-ldap.conf.ext:

hosts = localhost
base = dc=machinet
pass_attrs = uid=user,userPassword=password
user_filter = (uid=%u)
pass_filter = (uid=%u)

Surely, you can write better filters. The Kolab schema is different, I will try this someday.

The metadata specific section is in 10-master.conf:

service dict {
# If dict proxy is used, mail processes should have access to its socket.
# For example: mode=0660, group=vmail and global mail_access_groups=vmail
unix_listener dict {
#mode = 0600
#user =
#group =
}

This will open a pipe named dict in /var/run/dovecot/. I had some trouble with the permissions to this pipe: since I use 10000 as uid and gid for my users, and I don't have such a user in /etc/passwd, I cannot enter here user=10000 and group=10000, because dovecot return an error. I simply put a

chown 10000.10000 /var/run/dovecot/dict

in the initialization script; there are better ways for sure to do it but I didn't bother

Bugs

I have few servers with this setup since one year ago and there are no crashes (which was my main concern till now). The metadata plugin is not in production use; Also I syncronize my Android phone via kolabdroid with one of the servers.

Thanks

Well, there are many people I must thanks:

  • people from the Kolab Community, starting with Torsten Grote who "forced" me to write this
  • Bernhard Herzog and Dennis Schridde who wrote the metadata plugin
  • the authors and contributors of Dovecot
  • and so many others