Migrating from Courier-IMAP to Dovecot on Linux

Last updated: Apr 27, 2024

Due to recurring performance and service issues, I recently migrated the IMAP service of a mail server from Courier-IMAP to Dovecot. The latter is known to be more robust and actively maintained. In this article, I will provide the notes that helped me accomplish this migration. They are specific to my architecture (Courier-IMAP + Courier-SMTP with authuserdb authentication), but I hope they can help others as well. Of course, taking a backup is highly recommended before making any modifications. Good reading!

Source architecture:
- Debian: 11 Bullseye
- dovecot: 2.3.13
- mail location: /data/vmail/std.rocks/

Installing

Install Dovecot:

root@host:~# apt update && apt install dovecot-imapd

Dovecot provides the courier-dovecot-migrate.pl script, which allows migrating from Courier-IMAP while preserving IMAP UIDs by converting the courierimapuiddb file to a dovecot-uidlist file. Source: https://wiki.dovecot.org/Migration/Courier.

Download courier-dovecot-migrate.pl and add execute permission:

root@host:~# wget https://raw.githubusercontent.com/dovecot/tools/main/courier-dovecot-migrate.pl

root@host:~# chmod +x courier-dovecot-migrate.pl

Migration

Conversion

Run courier-dovecot-migrate.pl converting tool:

root@host:~# ./courier-dovecot-migrate.pl --to-dovecot --recursive --convert /data/vmail/std.rocks/

Users accounts

For each user, we need to add Dovecot password. To do so, we can use the doveadm pw command and add the username and password to the /etc/dovecot/passwd file:

root@host:~# doveadm pw -s ssha512 -p <PASSWORD>

Example here with the std.rocks password:

root@host:~# doveadm pw -s ssha512 -p std.rocks
{SSHA512}8lhtRxyXWP5azW1OjllkVUSuMPVABNtTR/MxMVTIEYXLXjoOMwCe/7Bpr1iqPi/nKutRbPxvBddG1pk2BVpgorhZPjI=

Edit the /etc/dovecot/passwd file with “username:{SSHA512}sha512generatedpassword::::::”:

john@std.rocks:{SSHA512}8lhtRxyXWP5azW1OjllkVUSuMPVABNtTR/MxMVTIEYXLXjoOMwCe/7Bpr1iqPi/nKutRbPxvBddG1pk2BVpgorhZPjI=::::::

Edit the /etc/dovecot/conf.d/auth-passwdfile.conf.ext file:

passdb {
  #authentication method
  driver = passwd-file
  #specifies the format of the username in the password file.
  args = username_format=%u /etc/dovecot/passwd
}

userdb {
  driver = static
  #specifies the home directory path for the mailbox, where %d represents the domain and %n represents the username.
  args = uid=vmail gid=vmail home=/data/vmail/%d/%n
}

Configuration

Edit the /etc/dovecot/conf.d/10-ssl.conf file:

ssl = yes
#courier certificates:
#ssl_cert = <etc/courier/imapd.pem
#Note : split imapd.pem from -----BEGIN PRIVATE KEY----- to the end to create server.key
#ssl_key = <etc/courier/server.key

#Let's encrypt certificates:
ssl_cert = <etc/courier/fullchain.pem
ssl_key = <etc/courier/privkey.pem

Edit the /etc/dovecot/conf.d/10-mail.conf file:

mail_location = maildir:/data/vmail/%d/%n/Maildir

namespace {
        prefix = INBOX.
        separator = .
        inbox = yes
}

Edit the /etc/dovecot/conf.d/10-auth.conf file:

auth_mechanisms = plain
!include auth-passwdfile.conf.ext

Restart the dovecot service:

root@host:~# systemctl restart dovecot.service

Correction of errors after migration

After the installation and migration, I had to make some modifications, which I will detail here.

The folders are appearing duplicated in Thunderbird

Disable the /etc/dovecot/conf.d/15-mailboxes.conf configuration file:

root@host:~# mv /etc/dovecot/conf.d/{15-mailboxes.conf,15-mailboxes.conf.disabled}

root@host:~# systemctl restart dovecot.service

Maximum number of connections

Complete error: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10): user=<john@std.rocks>:

Edit the /etc/dovecot/conf.d/20-imap.conf file:

mail_max_userip_connections = 30

root@host:~# systemctl restart dovecot.service

Process_limit reached

Complete error: master: Warning: service(imap-login): process_limit (100) reached, client connections are being dropped.

Edit the /etc/dovecot/conf.d/10-master.conf file:

default_process_limit = 200

root@host:~# systemctl restart dovecot.service

Inotify instance limit for user

Complete error: Warning: Inotify instance limit for user 7200 (UID vmail) exceeded, disabling. Increase /proc/sys/fs/inotify/max_user_instances.

Edit the /etc/sysctl.conf file:

fs.inotify.max_user_instances = 65535
fs.inotify.max_user_watches = 65535

root@host:~# sysctl -p /etc/sysctl.conf

root@host:~# systemctl restart dovecot.service

Out of memory

Complete error: imap(john@std.rocks)<1123794><2epGbh79Cui4hVBj> Fatal: master: service(imap): child 1313798 returned error 83 (Out of memory (service imap { vsz_limit=256 MB }, you may need to increase it) - set CORE_OUTOFMEM=1 environment to get core dump).

Edit the /etc/dovecot/conf.d/10-master.conf file:

default_vsz_limit = 512M

root@host:~# systemctl restart dovecot.service