Here’s some info about Dovecot SASL. I integrate this facility for Postfix authentication too. So my SMTP system has a dependency on my IMAP/POP3 system. In the backend it’s a MySQL database…
So I was getting errors like this in syslog:
Jul 6 17:35:53 integrity systemd: Started Dovecot IMAP/POP3 email server. Jul 6 17:35:53 integrity dovecot: doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 79: ssl_dh: Can't open file /etc/dovecot/dh.pem: No such file or directory Jul 6 17:35:53 integrity systemd: dovecot.service: Main process exited, code=exited, status=89/n/a Jul 6 17:35:53 integrity systemd: dovecot.service: Failed with result 'exit-code'.
This failure was affecting other parts of my system (i.e. postfix SASL).
The solution was to generate the dh.pem file:
root@integrity:/etc/dovecot # openssl dhparam -out dh.pem 4096
So when running ‘ufw’ I was getting this error: WARN: Duplicate profile ‘Dovecot IMAP’, using last found
The issue was duplicate rules were specified in:
The solution for me was to delete the second file (imapd) as it was covered by the previous file (core).