From QNAPedia
Jump to navigation Jump to search


Using your local QNAP storage as a local E-Mail archive accessable via IMAP from local network or even via VPN from remote.

Authentication: local password of local pre-configured users

This instructions are based on QTS 5.0.1 on TS-453


App Center archive extension

Via Web-UI: Enable QNAPclub in App Center as additional App archive



Install via App Center: Entware-std (version 1.03 on time of writing)


Login via SSH

Install via "opkg" required packages

opkg update
opkg install dovecot dovecot-utils


System Users

Create for Dovecot required system users

useradd -r -c "Dovecot IMAP server" -M -d /opt/libexec/dovecot -s /sbin/nologin dovecot 
useradd -r -c "Dovecot's unauthorized user" -M -d /opt/libexec/dovecot -s /sbin/nologin dovenull

TLS Preparation

Create e.g. via XCA a local CA and issue server certificate for your QNAP system

Hint: configure additional "Subject Alternative Names" to match all possibilities like:

  • Internal IP address
  • Internal short hostname
  • Internal automatically assigned hostname, e.g.

Store the created public part TLS Certificate of the server in PEM format into directory


Store the private key of the TLS Certificate (without passphrase to be reboot-safe) of the server in PEM format into directory


Create local Dovecot configuration file

Replace "MY-QNAP-TLS.crt" and "MY-QNAP-TLS.key" with names used above

cat <<END >/opt/etc/dovecot/local.conf 
protocols = imap
ssl_cert = </opt/etc/ssl/certs/MY-QNAP-TLS.crt
ssl_key = </opt/etc/ssl/private/MY-QNAP-TLS.key
userdb {
  driver = passwd
passdb {
  driver = shadow
service imap-login {
	chroot =

Disable unusued configuration files

mv /opt/etc/dovecot/conf.d/10-ssl.conf /opt/etc/dovecot/conf.d/10-ssl.conf.unused
mv /opt/etc/dovecot/conf.d/10-auth.conf /opt/etc/dovecot/conf.d/10-auth.conf.unused

Maildir setup per user

Replace content of IMAP_USER_LIST to your users which should be allowed to use the QNAP storage as IMAP server

IMAP_USER_LIST="user1 user2 user3"

for u in $IMAP_USER_LIST; do
mkdir -p /share/homes/$u/Maildir/{cur,new,tmp}
chown -R $u /share/homes/$u/Maildir

Start Dovecot

/opt/etc/init.d/S90dovecot start



Unfortunately no log file is written (at least none were found so far)


Stop dovecot

/opt/etc/init.d/S90dovecot stop

and run in foreground mode

/opt/sbin/dovecot -F -c /opt/etc/dovecot/dovecot.conf

in worst case, install "strace" via "opkg" and run in foreground using "strace"

strace /opt/sbin/dovecot -F -c /opt/etc/dovecot/dovecot.conf



Include following directory into backup: /opt/etc/

User Data

Include following directory pattern into backup: /share/homes/*/Maildir/


The "Maildir" tree per user is portable and can be even accessed after copy to a Linux system using e.g. "mutt"


per client system or at least client e-mail program:

  • Import the generated CA used for issuing the server certificate (see above)

per client e-mail program:

  • Configure the QNAP storage as new mail server using one of the server name/IP addresses configured as "Subject Alternative Name" in the server certificate (hint: for small local setups: use IP address, this can also be used later in case of access via VPN).