Hi, I'm using dovecot-2.3.21.1 on fedora42. It seems that increasingly remote clients are only supporting the full email address as the login ID instead of just the username. One such example is Apollo.io, an AI sales platform that uses IMAP to connect to a remote server to send and receive emails.
The documentation I've found on this appears to be deprecated or incomplete. Do I want to look for "shared namespace" documentation?
Currently, emails are stored in /var/spool/mail/username. Does this need to change to something like /var/spool/domain.com/username?
I'll also need to change postfix to use username@domain.com with sasl, I believe?
Here is my current dovecot.conf. Ideas greatly appreciated.
2.3.21.1 (d492236fa0): /etc/dovecot/dovecot.conf
Pigeonhole version 0.5.21.1 (49005e73)
OS: Linux 6.17.6-200.fc42.x86_64 x86_64 Fedora release 42 (Adams)
Hostname: orion.example.com
auth_mechanisms = plain xoauth2 oauthbearer auth_verbose = yes default_vsz_limit = 1500 M mail_gid = mail mail_home = mail/ mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_max_userip_connections = 500 mail_plugins = " listescape acl" mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { address = 68.195.111.42 port = 993 } process_min_avail = 6 service_count = 0 } service pop3-login { inet_listener pop3 { address = 127.0.0.1 port = 110 } inet_listener pop3s { port = 995 } } ssl_cert = </etc/letsencrypt/example-fullchain.pem ssl_cipher_list = ALL:!LOW:!EXP:!aNULL:!RC4::!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd }
Thanks, Alex
Hi, I'm using dovecot-2.3.21.1 on fedora42. It seems that increasingly remote clients are only supporting the full email address as the login ID instead of just the username. One such example is Apollo.io, an AI sales platform that uses IMAP to connect to a remote server to send and receive emails. The documentation I've found on this appears to be deprecated or incomplete. Do I want to look for "shared namespace" documentation? Currently, emails are stored in /var/spool/mail/username. Does this need to change to something like /var/spool/[1]domain.com/username? I'll also need to change postfix to use [2]username@domain.com with sasl, I believe? Here is my current dovecot.conf. Ideas greatly appreciated.
2.3.21.1 (d492236fa0): /etc/dovecot/dovecot.conf
Pigeonhole version 0.5.21.1 (49005e73)
OS: Linux 6.17.6-200.fc42.x86_64 x86_64 Fedora release 42 (Adams)
Hostname: [3]orion.example.com
auth_mechanisms = plain xoauth2 oauthbearer auth_verbose = yes default_vsz_limit = 1500 M mail_gid = mail mail_home = mail/ mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u mail_max_userip_connections = 500 mail_plugins = " listescape acl" mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imaps { address = 68.195.111.42 port = 993 } process_min_avail = 6 service_count = 0 } service pop3-login { inet_listener pop3 { address = 127.0.0.1 port = 110 } inet_listener pop3s { port = 995 } } ssl_cert = </etc/letsencrypt/example-fullchain.pem ssl_cipher_list = ALL:!LOW:!EXP:!aNULL:!RC4::!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes userdb { driver = passwd } Thanks, Alex
References
Visible links
- http://domain.com/username
- mailto:username@domain.com
- http://orion.example.com/
On 11/7/25 11:47, Alex via dovecot wrote:
Hi, I'm using dovecot-2.3.21.1 on fedora42. It seems that increasingly remote clients are only supporting the full email address as the login ID instead of just the username. One such example is Apollo.io, an AI sales platform that uses IMAP to connect to a remote server to send and receive emails. The documentation I've found on this appears to be deprecated or incomplete. Do I want to look for "shared namespace" documentation? Currently, emails are stored in /var/spool/mail/username. Does this need to change to something like /var/spool/[1]domain.com/username?
We've been using full-address logins here for 20yrs or so. We use /var/mail/<domain>/<uname> for mail storage. No shared namespace stuff. We use MySQL-based authentication. It's all very easy to set up.
-Dave-- Dave McGuire, AK4HZ New Kensington, PA
On 11/7/2025 4:54 PM, Dave McGuire via dovecot wrote:
On 11/7/25 11:47, Alex via dovecot wrote:
Hi, I'm using dovecot-2.3.21.1 on fedora42. It seems that increasingly remote clients are only supporting the full email address as the login ID instead of just the username. One such example is Apollo.io, an AI sales platform that uses IMAP to connect to a remote server to send and receive emails. The documentation I've found on this appears to be deprecated or incomplete. Do I want to look for "shared namespace" documentation? Currently, emails are stored in /var/spool/mail/username. Does this need to change to something like /var/spool/[1]domain.com/username?
We've been using full-address logins here for 20yrs or so. We use / var/mail/<domain>/<uname> for mail storage. No shared namespace stuff. We use MySQL-based authentication. It's all very easy to set up.
-Dave Hello,
If you are serving a single domain (or multiple domains that ultimately deliver to the same mailbox, for example myuser@domain1.com and myuser@domain2.com both going to myuser), you don’t need to store mailboxes under /var/spool/<domain>/myuser. You can simply keep them in /var/spool/mail/myuser.
This depends entirely on how you configure Postfix and Dovecot regarding domain and user mapping.
I have been using two different setups — one on my home PC with a few users across several domains, and another integrated with Active Directory as the user repository. Both accept mail for multiple domains without including the domain name in the mailbox path.
A standard Dovecot and Postfix configuration will accept both "user" and "user@domain" as valid logins if configured correctly.
As a reference, here’s an example configuration using LDAP to query Active Directory:
/etc/dovecot/dovecot-ldap.conf.ext user_attrs = sAMAccountName=uid,sAMAccountName=home=/home/ad-users/%{ldap:sAMAccountName},sAMAccountName=username,primaryGroupID=gid user_filter = (&(objectClass=person)(|(sAMAccountName=%n)(sAMAccountName=%u)(proxyAddresses=SMTP:%u)(proxyAddresses=smtp:%u)(userPrincipalName=%u)(mail=%u)))
/etc/postfix/ad_aliases.cf bind = yes bind_dn = <ad-postfix-ldap-user> bind_pw = <bind_dn-password> server_host = ldaps://myadserver.domain search_base = DC=domain,DC=com query_filter = (&(objectClass=person)(|(mail=%s)(samAccountName=%u)(proxyAddresses=*:%s))) result_attribute = samAccountName terminal_result_attribute = otherMailbox domain = hash:/etc/postfix/local_domains
/etc/postfix/main.cf virtual_alias_maps = ldap:/etc/postfix/ad_aliases.cf
There’s a bit more to it, but this should put you on the right track. Whether you are using "local" (Linux) users or "remote" users (via MySQL, LDAP, or AD), you don’t need to change the mailbox storage path to support "user@domain" logins in Postfix and Dovecot — both have supported this for decades.
Regards,
Anto'nio Henrique A. Proenca de Oliveira "Although we can never go back, like an old sweet song with a strong refrain, memories remain" - (Someone)
Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html $Id: .signature,v 1.5 2008/03/13 11:22:00 tat Exp tat $
On 11/7/25 12:20, Antonio Oliveira via dovecot wrote:
Hi, I'm using dovecot-2.3.21.1 on fedora42. It seems that increasingly remote clients are only supporting the full email address as the login ID instead of just the username. One such example is Apollo.io, an AI sales platform that uses IMAP to connect to a remote server to send and receive emails. The documentation I've found on this appears to be deprecated or incomplete. Do I want to look for "shared namespace" documentation? Currently, emails are stored in /var/spool/mail/username. Does this need to change to something like /var/spool/[1]domain.com/username?
We've been using full-address logins here for 20yrs or so. We use / var/mail/<domain>/<uname> for mail storage. No shared namespace stuff. We use MySQL-based authentication. It's all very easy to set up.
If you are serving a single domain (or multiple domains that ultimately deliver to the same mailbox, for example [myuser@domain1.com] (mailto:myuser@domain1.com) and [myuser@domain2.com] (mailto:myuser@domain2.com) both going to myuser), you don’t need to store mailboxes under /var/spool/<domain>/myuser. You can simply keep them in /var/spool/mail/myuser.
We need to use the domain as a path component here to avoid username namespace collisions, as we are serving many domains. The OP wouldn't necessarily need that if he's handling one domain, as you observed, but it's not a bad idea.
-Dave-- Dave McGuire, AK4HZ New Kensington, PA
participants (3)
-
Alex
-
Antonio Oliveira
-
Dave McGuire