[Dovecot] local AND virtual mail locations ?

/dev/rob0 rob0 at gmx.co.uk
Mon Aug 26 16:17:02 EEST 2013 

On Mon, Aug 26, 2013 at 02:50:54PM +0200, Pierre-Philipp Braun wrote:
> I would like to use Dovecot not only for virtual mboxes, but also for
> local users.  In other words, I would like to use different
> "mail_location"s depending on "passdb" "passwd-file" versus "passwd".

I believe that the default mail_location would be overridden by 
userdb, not passdb.

> I need that as the smtp daemon I am using (david parsons' postoffice
> smtp server) serves both but is only able to process messages through
> procmail on local users.  Here are the two mail_locations I would
> like to use:
> 
> mail_location: mbox:~/mail/:INBOX=/var/mail/%u
> mail_location:
> mbox:/var/spool/virtual/%d/%n.imap:INBOX=/var/spool/virtual/%d/%n

This exercise becomes trivial when you follow the advice of the 
Dovecot wiki and give your virtual users a $HOME. (Well, to be 
simple, you'd also have to have INBOX in $HOME. An alternative is to 
specify INBOX for virtual users in your virtual userdb.)

> depending on those passdb stanzas, respectively:
> 
>   passdb passwd-file {
>         args = username_format=%n /etc/virtual/%d/passwd
>   }
> 
>   passdb passwd {
>   }
> 
> Any help would be appreciated.
> 
> Here's my Dovecot version and current working configuration for
> virtual users only:
> 
> # dovecot -n
> dovecot -n
> # 1.2.17: /usr/local/etc/dovecot.conf

Very old! Consider an upgrade to 2.2.

> # OS: FreeBSD 8.3-RELEASE amd64  ufs
> protocols: imap
> ssl: no
> disable_plaintext_auth: no

Hmmm, plaintext AUTH without TLS/SSL could be dangerous. If a spammer 
can get in a position to sniff those credentials, you could be 
inundated with spam to relay.

> login_dir: /var/run/dovecot/login
> login_executable: /usr/local/libexec/dovecot/imap-login
> first_valid_uid: 6
> first_valid_gid: 6
> mail_location:
> mbox:/var/spool/virtual/%d/%n.imap:INBOX=/var/spool/virtual/%d/%n
> imap_client_workarounds: tb-extra-mailbox-sep
> auth default:
>   user: mail
>   passdb:
>     driver: passwd-file
>     args: username_format=%n /etc/virtual/%d/passwd
>   userdb:
>     driver: static
>     args: uid=6 gid=6
> 
> I find that first_valid_uid and first_valid_gid don't look
> pretty but it seems mandatory for the standard 'mail' user and
> group ownerships to work on the virtual mbox files and folders.
> I created the user while the group already existed.  If you
> have any advices on that too, I would be pleased.

There is no "standard" UID/GID for virtual mailboxes. In fact there 
is no need to have them all share the same UID/GID. But on a shared 
UID/GID virtual system, typically you should set a higher UID/GID 
such that you exclude all the system accounts (<100 or <500 or maybe 
<1000 depending on OS. If your OS starts human user accounts at UID 
1000, UID 999 would be a good choice for virtual mailbox owner, with 
that as first_valid_uid also.)
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

More information about the dovecot mailing list