Hi Dwokfur, Fortunately, Dovecot 2.4 still supports the mbox format — although with the caveat that it is no longer actively maintained (no write-bug fixes, no new features, no advanced functionality, and no further optimizations). I definitely don’t want to deal with the headache of converting all my existing mbox folders to some other format, only to risk that format being abandoned itself a few years down the line.
In the dovecot 2.4 setup that I have running dovecot does not write files in /home/%{user} /mailwith group mail:mail. The owner and group are the userid and default group of the user. Here is the directory listing for user ‘wds' under their /home/wds/mail directory. I have included my complete dovecot config at the end of this reply, try comparing it to your config.
wds@frisco:~$ find mail -ls 66322556 4 drwx------ 4 wds wds 4096 Dec 2 09:18 mail 66322540 4 drwx------ 4 wds wds 4096 Dec 1 18:35 mail/index 66322541 4 drwx------ 7 wds wds 4096 Dec 1 18:34 mail/index/.imap 66322543 4 drwx------ 2 wds wds 4096 Dec 1 16:30 mail/index/.imap/Spam 66322544 4 -rw------- 1 wds wds 808 Dec 1 18:46 mail/index/.imap/Spam/dovecot.index.log 66322560 4 -rw------- 1 wds wds 2464 Dec 1 18:46 mail/index/.imap/Spam/dovecot.index.cache 66322545 4 drwx------ 2 wds wds 4096 Dec 1 16:29 mail/index/.imap/Sent 66322546 4 -rw------- 1 wds wds 3068 Dec 1 18:35 mail/index/.imap/Sent/dovecot.index.log 66322558 12 -rw------- 1 wds wds 9216 Dec 1 18:35 mail/index/.imap/Sent/dovecot.index.cache 66322547 4 drwx------ 2 wds wds 4096 Dec 1 16:29 mail/index/.imap/Trash 66322548 4 -rw------- 1 wds wds 1264 Dec 1 18:35 mail/index/.imap/Trash/dovecot.index.log 66322553 4 -rw------- 1 wds wds 3448 Dec 1 18:35 mail/index/.imap/Trash/dovecot.index.cache 66322542 8 -rw------- 1 wds wds 4656 Dec 1 18:46 mail/index/.imap/dovecot.list.index.log 66322549 4 drwx------ 2 wds wds 4096 Dec 1 16:29 mail/index/.imap/Drafts 66322550 4 -rw------- 1 wds wds 604 Dec 1 18:35 mail/index/.imap/Drafts/dovecot.index.log 66322554 4 -rw------- 1 wds wds 1828 Dec 1 18:35 mail/index/.imap/Drafts/dovecot.index.cache 66322551 4 drwx------ 2 wds wds 4096 Dec 1 17:31 mail/index/.imap/INBOX 66322552 12 -rw------- 1 wds wds 9980 Dec 1 17:38 mail/index/.imap/INBOX/dovecot.index.log 66322559 4 -rw------- 1 wds wds 1592 Dec 1 17:31 mail/index/.imap/INBOX/dovecot.index 66322557 20 -rw------- 1 wds wds 18816 Dec 1 17:36 mail/index/.imap/INBOX/dovecot.index.cache 66322565 4 -rw------- 1 wds wds 96 Dec 1 18:46 mail/index/.imap/dovecot.mailbox.log 66322566 4 drwx------ 3 wds wds 4096 Dec 1 18:35 mail/index/control 66322567 4 drwx------ 3 wds wds 4096 Dec 1 18:35 mail/index/control/.imap 66322568 4 drwx------ 2 wds wds 4096 Dec 1 18:35 mail/index/control/.imap/.subscriptions 66322569 4 -rw------- 1 wds wds 40 Dec 1 18:35 mail/index/control/.imap/.subscriptions/dovecot.index.log 66322522 56 -rw------- 1 wds wds 53985 Dec 1 12:19 mail/Spam 66322521 12 -rw------- 1 wds wds 8902 Dec 1 17:26 mail/Sent 66322539 8 -rw------- 1 wds wds 4704 Dec 1 16:48 mail/Trash 66322440 4 -rw------- 1 wds wds 456 Dec 1 10:09 mail/Drafts 66322561 4 drwx------ 2 wds wds 4096 Dec 1 18:46 mail/control 66322570 4 -rw------- 1 wds wds 28 Dec 1 18:46 mail/control/.subscriptions
Another difference between my and your setup is that I don’t have mail user agents fetching incoming mail from /var/spool/mail and placing the inbox in the user’s directory. I rely on dovecot to read the mbox formatted mail folder in /var/spool mail. This is accomplished via the mail_inbox_path = /var/mail/%{user} config setting. In older dovecot versions this was the setting for having dovecot read the mbox in /var/spool mail: mail_location = mbox:~/mail:INBOX=/var/mail/%u.
Regarding the group and permission issues you’re having, how are you running your dovecot server? I am running fedora 43. My dovecot server is run under systemctl - the system systems and service manager. The dovecot server writes files in the user’s home directory with the owner and group of the user. And agreed, mail_index_path and mail_control_path aren’t related to groups and permissions.
My dovecot config:
dovecot_config_version = 2.4.1 dovecot_storage_version = 2.4.1
protocols { imap = yes lmtp = yes }
mail_driver = mbox mail_path = ~/mail mail_inbox_path = /var/mail/%{user} mail_index_path = ~/mail/index mail_control_path = ~/mail/control
mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl
first_valid_uid = 1000
namespace inbox { inbox = yes separator = /
mailbox Drafts { special_use = \Drafts } mailbox Sent { special_use = \Sent } mailbox Trash { special_use = \Trash } }
passdb pam { }
userdb passwd { }
ssl = required ssl_cipher_list = PROFILE=SYSTEM
ssl_server { cert_file = /etc/letsencrypt/live/ponusridge.net/fullchain.pem key_file = /etc/letsencrypt/live/ponusridge.net/privkey.pem }
-Bill
On Dec 2, 2025, at 4:41 AM, Tóth Attila via dovecot <dovecot@dovecot.org> wrote:
Hi Bill,
2025.December 1.(H) 23:56 időpontban Bill Steinberg via dovecot ezt írta:
Hello again, I didn't fully read the section in the documentation about using the mbox format. There is a setting, mail_inbox_path = /var/mail/%{user} to specify the iNBOX location for mails that are stored in /var/mail. After setting mail_inbox_path I did initially have an issue about dovecot being able to write dotlock files, which was noted in the documentation. I was able to fix by adding users to the group "mail". I am using these settings in the new server now:
mail_driver = mbox
mail_path = ~/mail
mail_inbox_path = /var/mail/%{user}
mail_index_path = ~/mail/index
mail_control_path = ~/mail/control
I'm struggling with the same setup as yourself. Sendmail delivers mails under /var/spool/mail/username and mail user agents were fetching the incoming mail from there and put them under /home/username/mail. This has been fine for ages - I have to say decades now. While 2.3 created files/directories in the name of the current user under ~/mail, 2.4 tries to write as mail:mail and therefore gets denied, since the user directories are owned by username:users and obviously have no permissions for other users. This change of behaviour is unacceptable in my opinion and 2.4 should also act in the name of the actual user. If some of the files would be owned by mail:mail and others by username:users: that would be a mess and the user would not be able to read contents using other user agents (for e.g. alpine) or make a backup of their own emails using an arbitrary tool or script of their own.
For this reason I downgraded back to 2.3, because I have no time to dig deeper into this and reintroduce the mechanism granting current user access rights - running certain processes under proper conditions.
Bill: how do you achieve that dovecot creates and writes files in users home directories in the name of the current user?
Back in the good old 2.3 days I had this in the config and everything just worked as expected: mail_location = mbox:~/mail/:INBOX=/var/spool/mail/%u
In case of the new 2.4 version I was unsuccessful with the following: mail_driver = mbox mail_path = /home/%{user}/mail mail_inbox_path = /var/spool/mail/%{user}
server dovecot: imap(user)<48978><1LgipBQ3LO1/AAAB>: Error: mkdir(/home/user/mail/.imap) failed: Permission denied (euid=8(mail) egid=12(mail) missing +x perm: /home/user/mail, dir owned by 1000:100 mode=0700)
Although I haven't specified mail_index_path and mail_control_path as you, I wouldn't expect this to make any difference regarding user rights.
I'm aware, that mbox is deprecated, but still: this is a regression from my point of view.
So how about user rights in your case Bill?
Thanks: Dwokfur
On Dec 1, 2025, at 10:18AM, Bill Steinberg via dovecot <dovecot@dovecot.org> wrote: Hello, I'm attempting to upgrade a mbox format based dovecot server to the latest 2.4.1 on Fedora release 43. I am using sendmail at the MTA. Ihave provided a synopsis of my 2.4.1 dovecot config below. The dovecot
server I'm attempting to upgrade is running dovecot 2.3.21 on Fedora 37.In the 2.3.21 setup all mbox based folders are at the top level in
the user's ~/mail location For example Sent, Trash, Drafts, ... In dovecot 2.4.1 this setting no longer works: "mail_location = mbox:~/mail:INBOX=/var/mail/%u",so when a client connects to the dovecot server their sendmail based mbox /var/mail isn't visible. Additionally mbox folders directly under a user's ~/mail iike Sent, Trash, Drafts are not visible either. The new 2.4.1 dovecot server creates a folder named "inbox" under ~/mail as well as an .imap directory which contains directories that appear to correspond to the folders at the top level along with other dovecot based files. Can you describe how I would make the seamail delivered mail in /var/spool as well as a users top level mbox folders accessible in the new dovecot mbox structures? Thanks in advance for any help, -Bill ====================================== Dovecot config ======================================
dovecot_config_version = 2.4.1 dovecot_storage_version = 2.4.1 protocols { imap = yes lmtp = yes } mail_driver = mbox mail_home = /home/%{user} mail_path = ~/mail mbox_write_locks = fcntl namespace inbox { inbox = yes separator = / } _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Hi Dwokfur,
Fortunately, Dovecot 2.4 still supports the mbox format -- although with the caveat that it is no longer actively maintained (no write-bug fixes, no new features, no advanced functionality, and no further optimizations). I definitely don't want to deal with the headache of converting all my existing mbox folders to some other format, only to risk that format being abandoned itself a few years down the line.
In the dovecot 2.4 setup that I have running dovecot does not write files in /home/%{user} /mailwith group mail:mail. The owner and group are the userid and default group of the user. Here is the directory listing for user `wds' under their /home/wds/mail directory. I have included my complete dovecot config at the end of this reply, try comparing it to your config.
wds@frisco:~$ find mail -ls
66322556 4 drwx------ 4 wds wds 4096 Dec 2 09:1866322540 4 drwx------ 4 wds wds 4096 Dec 1 18:35mail/index
66322541 4 drwx------ 7 wds wds 4096 Dec 1 18:34mail/index/.imap
66322543 4 drwx------ 2 wds wds 4096 Dec 1 16:30mail/index/.imap/Spam
66322544 4 -rw------- 1 wds wds 808 Dec 1 18:46mail/index/.imap/Spam/dovecot.index.log
66322560 4 -rw------- 1 wds wds 2464 Dec 1 18:46mail/index/.imap/Spam/dovecot.index.cache
66322545 4 drwx------ 2 wds wds 4096 Dec 1 16:29mail/index/.imap/Sent
66322546 4 -rw------- 1 wds wds 3068 Dec 1 18:35mail/index/.imap/Sent/dovecot.index.log
66322558 12 -rw------- 1 wds wds 9216 Dec 1 18:35mail/index/.imap/Sent/dovecot.index.cache
66322547 4 drwx------ 2 wds wds 4096 Dec 1 16:29mail/index/.imap/Trash
66322548 4 -rw------- 1 wds wds 1264 Dec 1 18:35mail/index/.imap/Trash/dovecot.index.log
66322553 4 -rw------- 1 wds wds 3448 Dec 1 18:35mail/index/.imap/Trash/dovecot.index.cache
66322542 8 -rw------- 1 wds wds 4656 Dec 1 18:46mail/index/.imap/dovecot.list.index.log
66322549 4 drwx------ 2 wds wds 4096 Dec 1 16:29mail/index/.imap/Drafts
66322550 4 -rw------- 1 wds wds 604 Dec 1 18:35mail/index/.imap/Drafts/dovecot.index.log
66322554 4 -rw------- 1 wds wds 1828 Dec 1 18:35mail/index/.imap/Drafts/dovecot.index.cache
66322551 4 drwx------ 2 wds wds 4096 Dec 1 17:31mail/index/.imap/INBOX
66322552 12 -rw------- 1 wds wds 9980 Dec 1 17:38mail/index/.imap/INBOX/dovecot.index.log
66322559 4 -rw------- 1 wds wds 1592 Dec 1 17:31mail/index/.imap/INBOX/dovecot.index
66322557 20 -rw------- 1 wds wds 18816 Dec 1 17:36mail/index/.imap/INBOX/dovecot.index.cache
66322565 4 -rw------- 1 wds wds 96 Dec 1 18:46mail/index/.imap/dovecot.mailbox.log
66322566 4 drwx------ 3 wds wds 4096 Dec 1 18:35mail/index/control
66322567 4 drwx------ 3 wds wds 4096 Dec 1 18:35mail/index/control/.imap
66322568 4 drwx------ 2 wds wds 4096 Dec 1 18:35mail/index/control/.imap/.subscriptions
66322569 4 -rw------- 1 wds wds 40 Dec 1 18:35mail/index/control/.imap/.subscriptions/dovecot.index.log
66322522 56 -rw------- 1 wds wds 53985 Dec 1 12:19mail/Spam
66322521 12 -rw------- 1 wds wds 8902 Dec 1 17:26mail/Sent
66322539 8 -rw------- 1 wds wds 4704 Dec 1 16:48mail/Trash
66322440 4 -rw------- 1 wds wds 456 Dec 1 10:09mail/Drafts
66322561 4 drwx------ 2 wds wds 4096 Dec 1 18:46mail/control
66322570 4 -rw------- 1 wds wds 28 Dec 1 18:46mail/control/.subscriptions
Another difference between my and your setup is that I don't have mail user agents fetching incoming mail from /var/spool/mail and placing the inbox in the user's directory. I rely on dovecot to read the mbox formatted mail folder in /var/spool mail. This is accomplished via the mail_inbox_path = /var/mail/%{user} config setting. In older dovecot versions this was the setting for having dovecot read the mbox in /var/spool mail: mail_location = mbox:~/mail:INBOX=/var/mail/%u. Regarding the group and permission issues you're having, how are you running your dovecot server? I am running fedora 43. My dovecot server is run under systemctl - the system systems and service manager. The dovecot server writes files in the user's home directory with the owner and group of the user. And agreed, mail_index_path and mail_control_path aren't related to groups and permissions. My dovecot config:
dovecot_config_version = 2.4.1
dovecot_storage_version = 2.4.1
protocols {
imap = yes
lmtp = yes}
mail_driver = mbox
mail_path = ~/mail
mail_inbox_path = /var/mail/%{user}
mail_index_path = ~/mail/index
mail_control_path = ~/mail/control
mbox_read_locks = fcntl
mbox_write_locks = dotlock fcntl
first_valid_uid = 1000
namespace inbox {
inbox = yes
separator = /
mailbox Drafts {
special_use = \Drafts
}
mailbox Sent {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}}
passdb pam {
}
userdb passwd {
}
ssl = required
ssl_cipher_list = PROFILE=SYSTEM
ssl_server {
cert_file = /etc/letsencrypt/live/ponusridge.net/fullchain.pem
key_file = /etc/letsencrypt/live/ponusridge.net/privkey.pem}
-Bill
On Dec 2, 2025, at 4:41AM, Toth Attila via dovecot <dovecot@dovecot.org>
wrote:
Hi Bill,
2025.December 1.(H) 23:56 ido"pontban Bill Steinberg via dovecot ezt
irta:
Hello again,
I didn't fully read the section in the documentation about using the
mbox
format. There is a setting, mail_inbox_path = /var/mail/%{user} to
specify
the iNBOX location for mails that are stored in /var/mail.
After setting mail_inbox_path I did initially have an issue about
dovecot
being able to write dotlock files, which was noted in the
documentation. I
was able to fix by adding users to the group "mail".
I am using these settings in the new server now:
mail_driver = mbox
mail_path = ~/mail
mail_inbox_path = /var/mail/%{user}
mail_index_path = ~/mail/index
mail_control_path = ~/mail/control
I'm struggling with the same setup as yourself. Sendmail delivers mails
under /var/spool/mail/username and mail user agents were fetching the
incoming mail from there and put them under /home/username/mail. This
has
been fine for ages - I have to say decades now.
While 2.3 created files/directories in the name of the current user
under
~/mail, 2.4 tries to write as mail:mail and therefore gets denied, since
the user directories are owned by username:users and obviously have no
permissions for other users.
This change of behaviour is unacceptable in my opinion and 2.4 should
also
act in the name of the actual user. If some of the files would be owned
by
mail:mail and others by username:users: that would be a mess and the
user
would not be able to read contents using other user agents (for e.g.
alpine) or make a backup of their own emails using an arbitrary tool or
script of their own.
For this reason I downgraded back to 2.3, because I have no time to dig
deeper into this and reintroduce the mechanism granting current user
access rights - running certain processes under proper conditions.
Bill: how do you achieve that dovecot creates and writes files in users
home directories in the name of the current user?
Back in the good old 2.3 days I had this in the config and everything
just
worked as expected:
mail_location = mbox:~/mail/:INBOX=/var/spool/mail/%u
In case of the new 2.4 version I was unsuccessful with the following:
mail_driver = mbox
mail_path = /home/%{user}/mail
mail_inbox_path = /var/spool/mail/%{user}
server dovecot: imap(user)<48978><1LgipBQ3LO1/AAAB>: Error:
mkdir(/home/user/mail/.imap) failed: Permission denied (euid=8(mail)
egid=12(mail) missing +x perm: /home/user/mail, dir owned by 1000:100
mode=0700)
Although I haven't specified mail_index_path and mail_control_path as
you,
I wouldn't expect this to make any difference regarding user rights.
I'm aware, that mbox is deprecated, but still: this is a regression from
my point of view.
So how about user rights in your case Bill?
Thanks:
Dwokfur
On Dec 1, 2025, at 10:18AM, Bill Steinberg via dovecot
<dovecot@dovecot.org> wrote:
Hello,
I'm attempting to upgrade a mbox format based dovecot server to
the
latest
2.4.1 on Fedora release 43. I am using sendmail at the MTA. I
have provided a synopsis of my 2.4.1 dovecot config below. The
dovecot
server
I'm attempting to upgrade is running dovecot 2.3.21 on Fedora
37.
In the 2.3.21 setup all mbox based folders are at the top level
in
the
user's ~/mail location For example Sent, Trash, Drafts, ... In
dovecot 2.4.1 this setting no longer works: "mail_location =
mbox:~/mail:INBOX=/var/mail/%u",so when a client connects to the
dovecot
server their sendmail based mbox /var/mail isn't visible.
Additionally mbox folders directly under a user's ~/mail iike
Sent,
Trash,
Drafts are not visible either.
The new 2.4.1 dovecot server creates a folder named "inbox"
under
~/mail
as well as an .imap directory which contains directories that
appear
to
correspond to the folders at the top level along with other
dovecot
based
files.
Can you describe how I would make the seamail delivered mail in
/var/spool
as well as a users top level mbox folders accessible in the new
dovecot
mbox structures?
Thanks in advance for any help,
-Bill
======================================
Dovecot config
======================================
dovecot_config_version = 2.4.1
dovecot_storage_version = 2.4.1
protocols {
imap = yes
lmtp = yes
}
mail_driver = mbox
mail_home = /home/%{user}
mail_path = ~/mail
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
separator = /
}
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-leave@dovecot.org
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-leave@dovecot.org
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-leave@dovecot.org