[Dovecot] started with dovecot sieve

Daniel Parthey daniel.parthey at informatik.tu-chemnitz.de
Sat Jun 30 21:03:09 EEST 2012

Rolf wrote:
> Am 2012-06-27 20:47, schrieb Daniel Parthey:
> >I encourage you to read this HOWTO:
> >http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP
> I understand that LMTP is an alternative to SMTP when it comes to
> mail communication inside a server or a local network.
> I understand that LMTP is newer. But if you look at incoming mail
> via SMTP on socket 25 and than look at the mail via roundcoube
> (communicating with dovecot) what is the difference and why should I
> care?

Delivery via lda:
SMTP -> postfix:25 -> EXEC -> lda executed by postfix -> filesystem -> dovecot imap

Delivery via lmtp:
SMTP -> postfix:25 -> TCP  -> dovecot:24 -> filesystem -> dovecot imap

The difference is that postfix communicates to dovecot lmtp port 24
and the actual delivery to the filesystem will be done by dovecot itself.
Therefore you only need to ensure read/write access for dovecot to
the mail filesystem.

> That is - if I introduce LMTP - postfix will talk to dovecot by a
> different protocol. Correct?

Yes, postfix will talk LMTP dovecot, either via a UNIX socket
in the filesystem, or via local TCP network communication to
a TCP Socket in dovecot.

> Will dovecot change its behavior?

No. The imap/pop3 service of dovecot will work as usual.

The delivery is a bit different, before being delivered to the
filesystem, the message will pass the LMTP service with quota
enforcement, sieve filtering, depending on which mail modules you
have enabled in dovecot.

> As I am not an SMTP insider (never did SMTP using telnet) I hardly
> understand what this change could do to my problem.

By using LMTP via TCP, you will avoid permission problems where
postfix cannot access sockets/files/mails from dovecot, since postfix
will communicate via network with dovecot and dovecot will handle
the delivery itself.

> Wouldn't dovecot LDA "deliver" still try to change the INBOX and
> will have access problems that I do not understand?

Delivery will be done by the dovecot lmtp service
it will not be executed by postfix.

> Do you have a link for me, explaining what "deliver" does with a
> mail that is not subject to any of the "fileinto" of a sieve filter?

I assume it writes the message to INBOX (e.g. /var/mail/rolf),
which is often at a different location and possibly has other permissions
than your mailboxes in your home directory where SIEVE sorts your mail into.

> What user accounts are involved in that function?

Currently, dovecot lda/deliver is executed by postfix,
which I see as a possible reason for the permission problems.

After switching to LMTP via TCP, only dovecot should be
involved with delivery, and drop privileges to the mailbox owner
after userdb lookup according to


More information about the dovecot mailing list