Sending (in my case: forwarding) messages from Sieve via sendmail does not work with version 2.3.1.

I have narrowed it down to this simple test case:

# dovecot -n # 2.3.1 (c5a5c0c82): /etc/dovecot/dovecot.conf # OS: Linux 4.4.0-119-generic x86_64 Ubuntu 16.04.4 LTS # Hostname: tuxi.topfen.net first_valid_gid = 200 first_valid_uid = 200 mail_location = mbox:~/mail passdb { args = password=secret driver = static } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } protocols = lmtp service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } } userdb { args = uid=200 gid=200 home=/home/vmail driver = static } protocol lmtp { mail_plugins = sieve }

# cat /home/vmail/.dovecot.sieve redirect "test@example.invalid"; stop;

$ swaks --protocol lmtp -s 127.0.0.1 -f ulrich@topfen.net -t ulrich@topfen.net === Trying 127.0.0.1:24... === Connected to 127.0.0.1. <- 220 tuxi.topfen.net Dovecot ready. -> LHLO tuxi.topfen.net <- 250-tuxi.topfen.net <- 250-8BITMIME <- 250-CHUNKING <- 250-ENHANCEDSTATUSCODES <- 250-PIPELINING <- 250 VRFY -> MAIL FROM:ulrich@topfen.net <- 250 2.1.0 OK -> RCPT TO:ulrich@topfen.net <- 250 2.1.5 OK -> DATA <- 354 OK -> Date: Tue, 17 Apr 2018 18:44:42 +0200 -> To: ulrich@topfen.net -> From: ulrich@topfen.net -> Subject: test Tue, 17 Apr 2018 18:44:42 +0200 -> X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/ -> -> This is a test mailing -> -> . <** 451 4.3.0 ulrich@topfen.net Temporary internal error -> QUIT <- 221 2.0.0 Bye === Connection closed with remote host.

$ tail -n 10 /var/log/mail.log Apr 17 18:45:36 tuxi postfix/postdrop[22643]: warning: mail_queue_enter: create file maildrop/421882.22643: Permission denied Apr 17 18:45:36 tuxi dovecot: lmtp: Error: postdrop: warning: mail_queue_enter: create file maildrop/421882.22643: Permission denied Apr 17 18:45:36 tuxi dovecot: lmtp(ulrich@topfen.net)<22639><dtJZGJIk1lpvWAAAcdhj4Q>: Error: program `/usr/sbin/sendmail' was forcibly terminated with signal 15 Apr 17 18:45:36 tuxi dovecot: lmtp(ulrich@topfen.net)<22639><dtJZGJIk1lpvWAAAcdhj4Q>: Error: sieve: msgid=unspecified: failed to redirect message to test@test.at: Failed to execute sendmail (temporary failure) Apr 17 18:45:36 tuxi dovecot: lmtp(ulrich@topfen.net)<22639><dtJZGJIk1lpvWAAAcdhj4Q>: Error: sieve: Execution of script /home/vmail/.dovecot.sieve was aborted due to temporary failure (user logfile /home/vmail/.dovecot.sieve.log may reveal additional details) Apr 17 18:45:36 tuxi dovecot: lmtp(22639): Disconnect from 127.0.0.1: Client has quit the connection (state = READY) Apr 17 18:45:46 tuxi postfix/postdrop[22643]: warning: mail_queue_enter: create file maildrop/422091.22643: Permission denied Apr 17 18:45:46 tuxi dovecot: lmtp: Error: postdrop: warning: mail_queue_enter: create file maildrop/422091.22643: Permission denied Apr 17 18:45:56 tuxi postfix/postdrop[22643]: warning: mail_queue_enter: create file maildrop/422227.22643: Permission denied Apr 17 18:45:56 tuxi dovecot: lmtp: Error: postdrop: warning: mail_queue_enter: create file maildrop/422227.22643: Permission denied

As far as I can tell, this is because Dovecot somehow does not allow suid programs to run (Postfix' postdrop(1), which is invoked by sendmail(1), requires set-gid to write the queue file).

What can I do to change this (besides using SMTP from Dovecot directly)?

I am using Ubuntu 16.04 and the Dovecot packages from the community repository:

~$ dpkg -l dovecot* | grep ^ii ii dovecot-core 2:2.3.1-1 amd64 secure POP3/IMAP server - core files ii dovecot-lmtpd 2:2.3.1-1 amd64 secure POP3/IMAP server - LMTP server ii dovecot-sieve 2:2.3.1-1 amd64 secure POP3/IMAP server - Sieve filters support

Ulrich