Security

Dovecot has been designed with security in mind. It uses multiple processes and privilege separation to isolate different parts from each others in case a security hole is found from one part.

Additional things you can configure:

Allocate each user their own UID and GID (see System Users)
Use a separate dovecot-auth user for authentication process (see System Users)
You can chroot authentication and mail processes (see chrooting)
There are some security related SSL settings (see SSL configuration)
Set first/last_valid_uid/gid settings to contain only the range actually used by mail processes

Authentication

Databases

Mechanisms

Mail Delivery

Events

Guides

Mailbox

Formats

Sieve

Extensions

SQL

Users

Guides

Lua Support

Index Files

Security

Databases

Mechanisms

Formats

Extensions

Security ​

Security