Configuring DBMail

dbmail.conf is the DBMail configuration file for all services. It follows a typical key=value INI file format where there are sections and comments.

Core configuration and defaults are in the [DBMAIL] section, other sections add and override entries for a section.

As a minimum you need to specify the database and auth driver, you will probably want to use tls security.

Database

DBMail is database agnostic so both popular databases PostgreSQL and MySQL are supported. Thanks to libzdb Oracle is also supported.

The format is as follows:

database://[user:password@][host][:port]/database[?name=value][&name=value]...

You probably want one of the following:

dburi = mysql://user:password@db.example.com:3306/dbmail
dburi = postgresql://user:password@db.example.com:5432/dbmail

Authentication

All mail is associated with a user in dbmail_users and that table can also be used for authentication.

LDAP offers single sign on, to authenticate your users against your ldap server set the following:

authdriver = ldap

Then update the settings in the [LDAP] section.

DBMail uses your user's email address to lookup the user, if you're using authdriver = sql then use dbmail-users to manage aliases or if you're using ldap then DBMail uses the user's mail attribute (configurable.)

Network

The default is to open a connection on all available interfaces. There are differences between Linux and the BSDs so for clarity you may prefer to specify your network address.

#bindip = 0.0.0.0    # IPv4 only - all IP's
#bindip = ::         # IPv4 and IPv6 - all IP's (linux)
#bindip = ::         # IPv6 only - all IP's (BSD)
#bindip = 0.0.0.0,:: # IPv4 and IPv6 - all IP's (BSD)

TLS Transport Layer Security

DBMail uses TLS certificates so clients can securely connect their email client to your IMAP server.

There's useful documentation on the Let's Encrypt website https://letsencrypt.org/docs/

You need to let DBMail know where to find your certificate files and optionally what ciphers to use.

The three core settings are for the certificate authorities, your certificate and your key file.

A file containing a list of CAs in PEM format

tls_cafile = /etc/ssl/cert.pem

A file containing your PEM format certificate

tls_cert = /usr/local/etc/letsencrypt/live/example.com/fullchain.pem

A file containing your PEM format ECDSA or RSA key

tls_key = /usr/local/etc/letsencrypt/live/example.com/privkey.pem

If you wish to limit the ciphers DBMail can use, set tls_ciphers, leave it empty for the openssl defaults.

tls_ciphers =

Sending emails

DBMail can forward emails and users can use SIEVE scripts to send replies.

Set mail_host to your SMTP provider, for example:

smtp_host = smtp://smtp.example.com:587
smtp_user = username
smtp_password = secret