Dovecot (software)

Last updated
Dovecot
Original author(s) Timo Sirainen
Developer(s) Timo Sirainen and contributors
Initial releaseJuly 2002;21 years ago (2002-07)
Stable release
2.3.21 [1]   OOjs UI icon edit-ltr-progressive.svg / 15 September 2023;3 months ago (15 September 2023)
Repository
Written in C
Operating system Unix-like
Type IMAP and POP3 server
License Mostly MIT and LGPLv2 [2]
Website www.dovecot.org   OOjs UI icon edit-ltr-progressive.svg

Dovecot is an open-source IMAP and POP3 server for Unix-like operating systems, written primarily with security in mind. [3] Timo Sirainen originated Dovecot and first released it in July 2002. Dovecot developers primarily aim to produce a lightweight, fast and easy-to-set-up open-source email server.

Contents

The primary purpose of Dovecot is to act as a mail storage server. The mail is delivered to the server using some mail delivery agent (MDA) and is stored for later access with an email client (mail user agent, or MUA). Dovecot can also act as mail proxy server, forwarding connection to another mail server, or act as a lightweight MUA in order to retrieve and manipulate mail on remote server for e.g. mail migration.

According to the Open Email Survey, as of 2020, Dovecot has an installed base of at least 2.9 million IMAP servers, and has a global market share of 76.9% of all IMAP servers. The results of the same survey in 2019 gave figures of 2.6 million and 76.2%, respectively. [4]

Features

Dovecot can work with standard mbox, Maildir, and its own native high-performance dbox formats. [5] It is fully compatible with UW IMAP and Courier IMAP servers' implementation of them, as well as mail clients accessing the mailboxes directly.

Dovecot also includes a mail delivery agent (called Local delivery agent in Dovecot's documentation) and an LMTP server, with the optional Sieve filtering support.

Dovecot supports a variety of authentication schemas for IMAP, POP and message submission agent (MSA) access, including CRAM-MD5 and the more secure DIGEST-MD5.

With version 2.2, some new features have been added to Dovecot, e.g. additional IMAP command extensions, dsync has been rewritten or optimized, and shared mailboxes now support per-user flags. [6]

Version 2.3 adds a message submission agent, Lua scripting for authentication, and some other improvements. [7]

Apple Inc. includes Dovecot for email services since Mac OS X Server 10.6 Snow Leopard.

In 2017, Mozilla, via the Mozilla Open Source Support program, conducted a security audit on the Dovecot software, the first public audit of the Dovecot code. The team that performed the audit was extremely impressed with the quality of the dovecot code, writing that "despite much effort and thoroughly all-encompassing approach, the Cure53 testers only managed to assert the excellent security-standing of Dovecot. More specifically, only three minor security issues have been found in the codebase, thus translating to an exceptionally good outcome for Dovecot, and a true testament to the fact that keeping security promises is at the core of the Dovecot development and operations.". [8]

See also

Related Research Articles

<span class="mw-page-title-main">Email</span> Mail sent using electronic means

Electronic mail is a method of transmitting and receiving messages using electronic devices. It was conceived in the late–20th century as the digital version of, or counterpart to, mail. Email is a ubiquitous and very widely used communication medium; in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by RFC 9051.

Within the Internet email system, a message transfer agent (MTA), or mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using the Simple Mail Transfer Protocol. In some contexts the alternative names mail server, mail exchanger, and MX host can be used to describe an MTA.

In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Today, POP version 3 (POP3) is the most commonly used version. Together with IMAP, it is one of the most common protocols for email retrieval.

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

<span class="mw-page-title-main">Email client</span> Computer program used to access and manage a users email

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

<span class="mw-page-title-main">Maildir</span> E-mail format

The Maildir e-mail format is a common way of storing email messages in which each message is stored in a separate file with a unique name, and each mail folder is a file system directory. The local file system handles file locking as messages are added, moved and deleted. A major design goal of Maildir is to eliminate the need for program code to handle file locking and unlocking.

A message delivery agent (MDA), or mail delivery agent, is a computer software component that is responsible for the delivery of e-mail messages to a local recipient's mailbox. It is also called a local delivery agent (LDA).

Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. Authentication mechanisms can also support proxy authorization, a facility allowing one user to assume the identity of another. They can also provide a data security layer offering data integrity and data confidentiality services. DIGEST-MD5 provides an example of mechanisms which can provide a data-security layer. Application protocols that support SASL typically also support Transport Layer Security (TLS) to complement the services offered by SASL.

The Cyrus IMAP server is electronic mail server software developed by Carnegie Mellon University. It differs from other Internet Message Access Protocol (IMAP) server implementations in that it is generally intended to be run on sealed servers, where normal users cannot log in.

getmail is a simple mail retrieval agent intended as a replacement for fetchmail, implemented in Python. It can retrieve mail from POP3, IMAP4, and Standard Dial-up POP3 Service servers, with or without SSL. It supports simple and domain (multidrop) mailboxes, mail filtering via any arbitrary program, and supports a wide variety of mail destination types, including mboxrd, maildir, and external arbitrary mail delivery agents. Unlike fetchmail, getmail's Python foundation makes it nearly immune to buffer overflow security holes. It also has a simpler configuration syntax than fetchmail, but supports fewer authentication protocols. The software can also function as a basic mail delivery agent.

The UW IMAP server was the reference server implementation of the Internet Message Access Protocol. It was developed at the University of Washington by Mark Crispin and others.

In cryptography, CRAM-MD5 is a challenge–response authentication mechanism (CRAM) based on the HMAC-MD5 algorithm. As one of the mechanisms supported by the Simple Authentication and Security Layer (SASL), it is often used in email software as part of SMTP Authentication and for the authentication of POP and IMAP users, as well as in applications implementing LDAP, XMPP, BEEP, and other protocols.

Push email is an email system that provides an always-on capability, in which when new email arrives at the mail delivery agent (MDA), it is immediately, actively transferred (pushed) by the MDA to the mail user agent (MUA), also called the email client, so that the end-user can see incoming email immediately. This is in contrast with systems that check for new incoming mail every so often, on a schedule. Email clients include smartphones and, less strictly, IMAP personal computer mail applications.

<span class="mw-page-title-main">Timo Sirainen</span>

Timo Sirainen, born 1979, is a Finnish programmer also known under the handles "cras" and "tss". Sirainen is the original author of the IRC-client Irssi and the POP/IMAP server Dovecot. Sirainen lives in Helsinki, Finland.

The comparison of mail servers covers mail transfer agents (MTAs), mail delivery agents, and other computer software that provide e-mail services.

Opportunistic TLS refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted connection instead of using a separate port for encrypted communication. Several protocols use a command named "STARTTLS" for this purpose. It is a form of opportunistic encryption and is primarily intended as a countermeasure to passive monitoring.

A mailbox is the destination to which electronic mail messages are delivered. It is the equivalent of a letter box in the postal system.

<span class="mw-page-title-main">Email agent (infrastructure)</span>

An e-mail agent is a program that is part of the e-mail infrastructure, from composition by sender, to transfer across the network, to viewing by recipient. The best-known are message user agents and message transfer agents, but finer divisions exist.

<span class="mw-page-title-main">Proton Mail</span> End-to-end encrypted email service

Proton Mail is a Swiss end-to-end encrypted email service founded in 2013 headquartered in Plan-les-Ouates, Switzerland. It uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network, or dedicated iOS and Android apps.

References

  1. "Release v2.3.21". 15 September 2023. Retrieved 16 September 2023.
  2. "COPYING.LGPL file in dovecot repository" . Retrieved 2017-10-04.
  3. "Dovecot website" . Retrieved 2017-01-18.
  4. Sirainen, Timo (2019-03-01). "Dovecot's global market share grows to 76%". Open-Xchange. Archived from the original on 2020-03-05. Retrieved 2020-03-05.
  5. "Mailbox Format: dbox". Dovecot v2.x Wiki. 2012-10-30. Retrieved 2013-06-17.
  6. "v2.2.0 released". 2013-04-12. Retrieved 2013-06-17.
  7. "v2.3.0 released". 2017-12-22. Retrieved 2018-03-12.
  8. "Mozilla Security Audit" . Retrieved 2017-01-13.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.