Configuring Domain & User Mailbox Quotas in Dovecot via PostfixAdmin on Ubuntu 12.04LTS

Background

This article attempts to document how to configure Dovecot and domain & users’ mailbox quota sizes using information contained within PostfixAdmin and its associated tables.

During PostfixAdmin install time, the database is requested where PostfixAdmin can store additional tables.  Selecting the same database as postfix itself neatly installs these additional tables, that can then be used by Dovecot to monitor mailbox quota sizes.

Domain & User Quota Sizes

There are two different types of quota sizes, one is set for the entire domain, the other can be done on a per user mailbox basis.  These domain or user mailbox quotas can be administered within PostfixAdmin, with the SuperAdmin account setting the domain quota limit, and mail domain admins setting the user mailbox quota limit, on a user by user basis.  This control is obviously useful, as if all user mailboxes had unlimited space disk space could easily run out jeopardising the whole system.

Configuring PostfixAdmin To Enable Quota Limits

Within the file /etc/postfixadmin/config.inc.php the following parameters need altering :

$CONF['quota'] = 'YES';

$CONF['used_quota_table'] = 'YES';
$CONF['new_quota_table'] = 'YES';

These enable the quota configuration within PostfixAdmin, note that the new_quota_table parameter is to be enabled for version of Dovecot 1.2 and above.

After enabling these various setting above PostfixAdmin will now populate the Postfix MySQL fields :

  • quota in the table mailbox this is the user quota limit which postfixadmin enters in Megabytes and is stored in bytes.
  • maxquota in the domain table – this is the domain quota limit stored.  The SuperAdmin within PostfixAdmin has control over this value.

This concludes the configuration for PostfixAdmin, next we will need to configure Dovecot so that it recognises quota limits.

Enabling Quota Mailbox Limits in Dovecot

Tracking quotas for domain and users’ mailboxes are stored within MySQL tables domain and the quota field, and the table quota2 field bytes respectively.  Dovecot needs to be informed of these tables as follows:

  • /etc/dovecot/dovecot-dict-sql-user.conf – this file contains mapping information for the users’ mailbox quota size.
  • /etc/dovecot/dovecot-dict-sql-domain.conf – this file contains mapping information for the domain mailbox quota size, referencing the domain table.
  • /etc/dovecot/dovecot.conf – changes need to be made to this so that dovecot is aware it needs its quota plugins for POP3 and IMAP, and that it is to store the current quota sizes in MySQL tables referred in the /etc/dovecot-dict*.conf files.
  • /etc/dovecot/dovecot-sql.conf – changes to this file are needed, as the quota limits are retrieved from the domain, and/or mailbox tables, and returned as additional fields back to dovecot.

Create file /etc/dovecot/dovecot-dict-sql-user.conf, and populate it with the following information ensure that you change "postfix_complex_password" to the MySQL mail access account that can select, update, delete the quota2 table:

connect = host=localhost dbname=postfix user=postfix password=postfix_complex_password

map {
  pattern = priv/quota/storage
  table = quota2
  username_field = username
  value_field = bytes
}
map {
  pattern = priv/quota/messages
  table = quota2
  username_field = username
  value_field = messages
}

Create /etc/dovecot/dovecot-dict-sql-domain.conf, again change "postfix_complex_password" to match the user account the postfix uses to adminster its tables as follows:

connect = host=localhost dbname=postfix user=postfix password=postfix_complex_password

map {
    pattern = priv/quota/storage
    table = domain
    username_field = domain
    value_field = quota
}

map {
    pattern = priv/quota/messages
    table = quota2
    username_field = username
    value_field = messages
}

Next, the file /etc/dovecot/dovecot.conf needs the following changes to be made, this will allow Dovecot to be able to write the domain, and users mailboxes current quota sizes to the domain and quota2 tables respectively.

mail_plugins = $mail_plugins quota

userdb {
    args = /etc/dovecot/dovecot-sql.conf
    driver = sql
}

passdb {
    args = /etc/dovecot/dovecot-sql.conf
    driver = sql
}

service dict {
    unix_listener dict {
        mode = 0600
        user = vmail
    }
}

protocol imap {
    mail_plugins = $mail_plugins imap_quota
}

plugin {
    # Using SQL Tables to store current quota size
    quota = dict:Quota:%d:proxy::sqldomainquota
    quota = dict:User Quota::proxy::sqluserquota

    # Allow 10% more for Trash Folder
    quota_rule2 = Trash:storage=+10%%
}

dict {
    sqluserquota = mysql:/etc/dovecot/dovecot-dict-sql-user.conf
    sqldomainquota = mysql:/etc/dovecot/dovecot-sql-domain.conf
}

To determine the quota limit, Dovecot retrieves these when it authenticates a POP3/IMAP account, against the mailbox and domain tables. Additional fields need to be retrieved from these tables to obtain the domain and/or user mailbox limits. The /etc/dovecot/dovecot-sql.conf needs to be amended as follows :

default_pass_scheme = MD5

user_query = SELECT CONCAT('/home/vmail/',maildir) as home, \
                    CONCAT('maildir:/home/vmail/',maildir) as mail, \
                    CONCAT('*:bytes=', \
                     IF(mailbox.quota = 0, domain.maxquota*1024000, mailbox.quota)) \
                    as quota_rule \
             FROM mailbox, domain \
             WHERE username = '%u' AND mailbox.active = '1' AND \
                   domain.domain = '%d' AND domain.active = '1'

password_query = SELECT username as user, password, \
                        CONCAT('/home/vmail/',maildir) AS userdb_home, \
                        CONCAT('maildir:/home/vmail/',maildir) AS userdb_mail \
                 FROM mailbox WHERE username = '%u' AND active = '1'

There is some additional logic in the user_query which needs explaining. When applying to a system that has had no quota i.e. unlimited, it was found that if applying a domain quota, each user’s mailbox would still have a zero against the quota limit, and still be treated as an unlimited. When using PostfixAdmin to edit the user email account, it would force the user mailbox quota to the limit of the domain quota limit. Since it was undesirable to got into every user account and change the quota limit, the above logic in the user_query solves this.

If the user mailbox quota limit is set to zero (unlimited) then use the domain quota limit instead, otherwise if the user’s mailbox account is set to a limit use that limit. Therefore if the user’s mailbox is unlimited use the domain quota limit instead.

Next it is neccessary to restart Dovecot as follows (you may have to run this with sudo or as root ) :

service dovecot restart

Check the /var/log/syslog to see if the Dovecot service has successfully started. Also check the /var/log/mail.log to see if it is successfully processing imap calls.

Check Dovecot Quota Size Works

To diagnose any problems the following debug options can be switched on within the /etc/dovecot.conf:

auth_debug = yes
auth_debug_passwords = yes
auth_verbose = yes
mail_debug =yes

This concludes setting up Quotas on domain, and/or users’ mailbox, and controlling these limits via PostfixAdmin.

2 thoughts on “Configuring Domain & User Mailbox Quotas in Dovecot via PostfixAdmin on Ubuntu 12.04LTS

  1. Any idea how we can show the quota value in Squirrel through Check_Quota ? Is their any configuration required in postfix.
    I am using postfix,dovecot,squirrel,postfixadmin and mysql.

Leave a Reply