# Mail with SQLite

## Create User

```sh
sudo sed -i '$ a vmail:*:2000:2000::/data/mail:/usr/sbin/nologin' /etc/passwd
sudo sed -i '$ a vmail:x:2000:' /etc/group

sudo mkdir -p /data/mail/mail
sudo mkdir -p /data/mail/config
sudo chown vmail: /data/mail/*

cat schema.sql | sudo -u vmail sqlite3 /data/mail/config/vmail.db
sudo chown vmail:postfix /data/mail/config/vmail.db
sudo chmod 640 /data/mail/config/vmail.db
```

## Install Software

```sh
sudo apt install sqlite3 postfix postfix-sqlite dovecot-imapd dovecot-sqlite opendkim libopendbx1-sqlite3
```

## Apply Configuration

```sh
DOMAIN=example.com

sudo cp -r postfix dovecot /etc
sudo chmod 600 /etc/postfix/sni.cf

sudo sed -i '$ r opendkim/local.conf' /etc/opendkim.conf
sudo sed -i s/example.com/$DOMAIN/ /etc/postfix/{main,sni}.cf /etc/dovecot/local.conf
sudo sed -i '/include auth-system/ s/.*/#&/' /etc/dovecot/conf.d/10-auth.conf

sudo ln -s /data/mail/config/vmail.db /.opendkim-bug-241.db

opendkim-genkey -d $DOMAIN -s s
chmod +r s.private
cat dkim.sql | sed s/DOMAIN/$DOMAIN/ | sudo -u vmail sqlite3 /data/mail/config/vmail.db
cat s.txt
rm s.private s.txt
```

## Certificate Reload

```sh
postmap -F /etc/postfix/sni.cf
```

## Notes

* The `vmail.db` parent directory needs to be writeable by the user modifying the database
* The postfix process does not load the supplementary groups (`set_eugid` only sets one gid),
  hence the vmail database needs to be readable by the postfix primary group
* The dovecot process runs as root and can access the database
* OpenDKIM's `dsn` parsing is broken and opens the database in the root directory