question: dovecot lda running as special user (vmail) or normal user (marcel)?

marcel.cochem marcel.cochem at
Fri Oct 10 08:21:32 UTC 2014

Dear Mailing List,

(version and dovecot -n at the bottom)
(Sorry for the bad English in this mail :) )

I'm new to dovecot and wanted to build my own mailserver using
I currently have a Problem with Permissions with my mailfolder.
I could solve it easily if i set it with chmod to 777. but thats no real

While reading my log files i see a lot messages like:
Oct 10 05:19:52 lda(owncloud): Error: user owncloud: Initialization failed:
Initializing mail storage from mail_location setting failed:
stat(/home/vmail/ failed: Permission denied
(euid=100(owncloud) egid=1004(owncloud) missing +x perm: /home/vmail, dir
owned by 5000:5000 mode=0700)
Oct 10 05:19:52 lda(owncloud): Fatal: Invalid user settings. Refer to
server log for more information.

So Currently two Users need to acces the mail-folder:
1. The user itself (here: owncloud)
2. The vmail user

I want to use dovecot with virtual users. Now the question is: shouldn't
the directory be accessed only by the vmail user? and not by the owncloud

Second Quest:
If it's correct that the access is made by 2 users: what rights do they
I Cant add all users to the group vmail and set g+rwx Permissions (every
user could read mails from other users, and even edit them!)

Thanks a Lot.
Kind Regards,


dovecot --version

dovecot -n
# 2.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-37-generic x86_64 Ubuntu 14.04.1 LTS ext4
auth_mechanisms = plain login
auth_verbose = yes
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
mail_home = /home/vmail/
mail_location = maildir:/home/vmail/
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date ihave duplicate
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  mailbox "Sent Messages" {
    auto = subscribe
    special_use = \Sent
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  prefix =
passdb {
  args = username_format=%u scheme=ssha512 /etc/dovecot/passwd.db
  driver = passwd-file
plugin {
  sieve = ~/.dovecot.sieve
  sieve_after = /home/vmail/sieve-after
  sieve_before = /home/vmail/sieve-before
  sieve_dir = ~/sieve
protocols = imap sieve
service auth {
  unix_listener /var/spool/postfix/private/dovecot-auth {
    group = postfix
    mode = 0660
    user = postfix
ssl_cert = </etc/ssl/certs/ssl_main.crt
ssl_cipher_list =
ssl_client_ca_dir = /etc/ssl/certs
ssl_key = </etc/ssl/private/ssh_main_insecure
userdb {
  args = uid=5000 gid=5000 home=/home/vmail/
  driver = static
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  mail_max_userip_connections = 10
protocol lda {
  deliver_log_format = msgid=%m: %$
  mail_plugins = sieve
  postmaster_address = postmaster at
  quota_full_tempfail = yes
  rejection_reason = Your message to <%t> was automatically rejected:%n%r

More information about the dovecot mailing list