On Thu, 27 Sep 2018, Victor Sudakov wrote:
As others have written, you may see performance degradation as Dovecot will have to rebuild indices, but if you have small mailboxes, this won't be too bad. The only reason I use direct file access rather than IMAP is that I'm too lazy to work out a passwordless access method. If this doesn't bother you or you can configure this (e.g. Kerberos, keyring, etc.), IMAP access is preferable since you won't pull the indices out from Dovecot's feet.
What passwordless access methods does Dovecot support? I'm more or less experienced with GSSAPI but for the present I would not like to set up a KDC somewhere on a box exposed to the Internet.
Yes, Kerberos is one way. Or some password broker as Larry has done but the client has to be able to work with it. You can also pipe to imap worker process via ssh/pubkey if your server will allow it. Perhaps dovecot supports SSL client certificate authentication as well -- I haven't invested a lot of time looking into the various schemes.
Whether you use any of them is up to you. As I said, direct mailbox file access will work. However, if you deal with Gb size mailboxes, re-indexing and general mail operations will be painful.
My mail goes through procmail, so Dovecot will not be the only one to touch the mboxes anyway.
Not a deterrent: replace all mailbox recipies with a pipe to dovecot's LDA
:0 ... pattern ...
| /path/to/dovecot-lda -d {user} -m {mailbox}
...
# End of file: deliver to inbox
:0 w
| /path/to/dovecot-lda -d {user}
Joseph Tam jtam.home@gmail.com