Dovecot Basics

Page 13 — IMAP/POP3 server. Mailbox access and authentication.

On this page

What Dovecot is / ports / LMTP / TLS
Common files
Useful commands
Service checks
Troubleshooting

What Dovecot is

Dovecot handles:

IMAP and POP3 access — letting users read their mail from clients
Mailbox storage and management
Authentication for mail access (and sometimes as an auth backend for Postfix via SASL)

Postfix moves mail between servers. Dovecot lets users access their mailboxes. They work alongside each other — Postfix delivers incoming mail into the mailbox; Dovecot serves it to clients.

Listener ports

# Default listener ports:
143   IMAP (STARTTLS upgrades from plaintext)
993   IMAPS (TLS from the start — older but still widely used)
110   POP3 (STARTTLS)
995   POP3S (TLS from the start)

# Check which ports Dovecot is actually listening on
ss -tlnp | grep dovecot
lsof -i -P -n | grep dovecot

LMTP — receiving mail from Postfix

In a typical setup, Postfix delivers locally-addressed mail to Dovecot via LMTP rather than writing mailbox files directly. This lets Dovecot handle delivery, indexing, and sieve filters.

# In Postfix main.cf — deliver via Dovecot LMTP socket
virtual_transport = lmtp:unix:private/dovecot-lmtp
# or over TCP:
virtual_transport = lmtp:inet:localhost:24

# In Dovecot /etc/dovecot/conf.d/20-lmtp.conf:
protocols = imap pop3 lmtp
# The LMTP socket is created by Dovecot at: /var/spool/postfix/private/dovecot-lmtp

TLS check

# Verify Dovecot TLS certificate and connection
openssl s_client -connect mail.example.com:993 -quiet
# Look for: subject, issuer, verify return code = 0 (ok)

# Test IMAP over STARTTLS (port 143)
openssl s_client -connect mail.example.com:143 -starttls imap

Common files

/etc/dovecot/dovecot.conf
/etc/dovecot/conf.d/

Main config is dovecot.conf. The conf.d/ directory contains split configuration files loaded in order. Key files:

10-auth.conf — authentication settings
10-mail.conf — mailbox location
10-ssl.conf — TLS settings
20-imap.conf, 20-pop3.conf — protocol settings

Useful commands

doveconf

doveconf
doveconf -n

Shows the effective Dovecot configuration. -n shows non-default values only — like postconf -n for Postfix.

doveadm who

doveadm who

Shows currently connected users and sessions.

doveadm user

doveadm user '*'

Shows mailbox and user info for all users (depending on auth backend setup).

Service checks

systemctl status dovecot
journalctl -u dovecot -n 50

Troubleshooting

Service status and recent logs
Config check: doveconf — look for errors
Login failures in logs — check for bad password or unknown user
Mailbox location permissions — can Dovecot read the mailbox directory?
Auth backend issues (PAM, LDAP, SQL, FreeIPA/SSSD)
TLS cert valid and permissions correct on key file

Next: 14 · Squid Basics →