One other suggestion, try adding "mail_debug = yes" to your dovecot
config. You can check /var/log/maillog, it may contain more info about
your owner/group/access permission issue.
On Dec 2, 2025, at 9:58AM, Bill Steinberg via dovecot
<[email protected]> wrote:
Hi Dwokfur,
Fortunately, Dovecot 2.4 still supports the mbox format -- although
with
the caveat that it is no longer actively maintained (no write-bug
fixes,
no new features, no advanced functionality, and no further
optimizations).
I definitely don't want to deal with the headache of converting all my
existing mbox folders to some other format, only to risk that format
being
abandoned itself a few years down the line.
In the dovecot 2.4 setup that I have running dovecot does not write
files
in /home/%{user} /mailwith group mail:mail. The owner and group are
the
userid and default group of the user. Here is the directory listing
for
user `wds' under their /home/wds/mail directory. I have included my
complete dovecot config at the end of this reply, try comparing it to
your
config.
wds@frisco:~$ find mail -ls
66322556 4 drwx------ 4 wds wds 4096 Dec 2
09:18
mail
66322540 4 drwx------ 4 wds wds 4096 Dec 1
18:35
mail/index
66322541 4 drwx------ 7 wds wds 4096 Dec 1
18:34
mail/index/.imap
66322543 4 drwx------ 2 wds wds 4096 Dec 1
16:30
mail/index/.imap/Spam
66322544 4 -rw------- 1 wds wds 808 Dec 1
18:46
mail/index/.imap/Spam/dovecot.index.log
66322560 4 -rw------- 1 wds wds 2464 Dec 1
18:46
mail/index/.imap/Spam/dovecot.index.cache
66322545 4 drwx------ 2 wds wds 4096 Dec 1
16:29
mail/index/.imap/Sent
66322546 4 -rw------- 1 wds wds 3068 Dec 1
18:35
mail/index/.imap/Sent/dovecot.index.log
66322558 12 -rw------- 1 wds wds 9216 Dec 1
18:35
mail/index/.imap/Sent/dovecot.index.cache
66322547 4 drwx------ 2 wds wds 4096 Dec 1
16:29
mail/index/.imap/Trash
66322548 4 -rw------- 1 wds wds 1264 Dec 1
18:35
mail/index/.imap/Trash/dovecot.index.log
66322553 4 -rw------- 1 wds wds 3448 Dec 1
18:35
mail/index/.imap/Trash/dovecot.index.cache
66322542 8 -rw------- 1 wds wds 4656 Dec 1
18:46
mail/index/.imap/dovecot.list.index.log
66322549 4 drwx------ 2 wds wds 4096 Dec 1
16:29
mail/index/.imap/Drafts
66322550 4 -rw------- 1 wds wds 604 Dec 1
18:35
mail/index/.imap/Drafts/dovecot.index.log
66322554 4 -rw------- 1 wds wds 1828 Dec 1
18:35
mail/index/.imap/Drafts/dovecot.index.cache
66322551 4 drwx------ 2 wds wds 4096 Dec 1
17:31
mail/index/.imap/INBOX
66322552 12 -rw------- 1 wds wds 9980 Dec 1
17:38
mail/index/.imap/INBOX/dovecot.index.log
66322559 4 -rw------- 1 wds wds 1592 Dec 1
17:31
mail/index/.imap/INBOX/dovecot.index
66322557 20 -rw------- 1 wds wds 18816 Dec 1
17:36
mail/index/.imap/INBOX/dovecot.index.cache
66322565 4 -rw------- 1 wds wds 96 Dec 1
18:46
mail/index/.imap/dovecot.mailbox.log
66322566 4 drwx------ 3 wds wds 4096 Dec 1
18:35
mail/index/control
66322567 4 drwx------ 3 wds wds 4096 Dec 1
18:35
mail/index/control/.imap
66322568 4 drwx------ 2 wds wds 4096 Dec 1
18:35
mail/index/control/.imap/.subscriptions
66322569 4 -rw------- 1 wds wds 40 Dec 1
18:35
mail/index/control/.imap/.subscriptions/dovecot.index.log
66322522 56 -rw------- 1 wds wds 53985 Dec 1
12:19
mail/Spam
66322521 12 -rw------- 1 wds wds 8902 Dec 1
17:26
mail/Sent
66322539 8 -rw------- 1 wds wds 4704 Dec 1
16:48
mail/Trash
66322440 4 -rw------- 1 wds wds 456 Dec 1
10:09
mail/Drafts
66322561 4 drwx------ 2 wds wds 4096 Dec 1
18:46
mail/control
66322570 4 -rw------- 1 wds wds 28 Dec 1
18:46
mail/control/.subscriptions
Another difference between my and your setup is that I don't have mail
user agents fetching incoming mail from /var/spool/mail and placing
the
inbox in the user's directory. I rely on dovecot to read the mbox
formatted mail folder in /var/spool mail. This is accomplished via
the mail_inbox_path = /var/mail/%{user} config setting. In older
dovecot
versions this was the setting for having dovecot read the mbox in
/var/spool mail: mail_location = mbox:~/mail:INBOX=/var/mail/%u.
Regarding the group and permission issues you're having, how are you
running your dovecot server? I am running fedora 43. My dovecot server
is
run under systemctl - the system systems and service manager. The
dovecot
server writes files in the user's home directory with the owner and
group
of the user. And agreed, mail_index_path and mail_control_path aren't
related to groups and permissions.
My dovecot config:
dovecot_config_version = 2.4.1
dovecot_storage_version = 2.4.1
protocols {
imap = yes
lmtp = yes
}
mail_driver = mbox
mail_path = ~/mail
mail_inbox_path = /var/mail/%{user}
mail_index_path = ~/mail/index
mail_control_path = ~/mail/control
mbox_read_locks = fcntl
mbox_write_locks = dotlock fcntl
first_valid_uid = 1000
namespace inbox {
inbox = yes
separator = /
mailbox Drafts {
special_use = \Drafts
}
mailbox Sent {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
}
passdb pam {
}
userdb passwd {
}
ssl = required
ssl_cipher_list = PROFILE=SYSTEM
ssl_server {
cert_file = /etc/letsencrypt/live/[1]ponusridge.net/fullchain.pem
key_file = /etc/letsencrypt/live/[2]ponusridge.net/privkey.pem
}
-Bill
On Dec 2, 2025, at 4:41AM, Toth Attila via dovecot
<[3][email protected]>
wrote:
Hi Bill,
2025.December 1.(H) 23:56 ido"pontban Bill Steinberg via dovecot ezt
irta:
Hello again,
I didn't fully read the section in the documentation about using
the
mbox
format. There is a setting, mail_inbox_path = /var/mail/%{user}
to
specify
the iNBOX location for mails that are stored in /var/mail.
After setting mail_inbox_path I did initially have an issue
about
dovecot
being able to write dotlock files, which was noted in the
documentation. I
was able to fix by adding users to the group "mail".
I am using these settings in the new server now:
mail_driver = mbox
mail_path = ~/mail
mail_inbox_path = /var/mail/%{user}
mail_index_path = ~/mail/index
mail_control_path = ~/mail/control
I'm struggling with the same setup as yourself. Sendmail delivers
mails
under /var/spool/mail/username and mail user agents were fetching
the
incoming mail from there and put them under /home/username/mail.
This
has
been fine for ages - I have to say decades now.
While 2.3 created files/directories in the name of the current user
under
~/mail, 2.4 tries to write as mail:mail and therefore gets denied,
since
the user directories are owned by username:users and obviously have
no
permissions for other users.
This change of behaviour is unacceptable in my opinion and 2.4
should
also
act in the name of the actual user. If some of the files would be
owned
by
mail:mail and others by username:users: that would be a mess and the
user
would not be able to read contents using other user agents (for e.g.
alpine) or make a backup of their own emails using an arbitrary tool
or
script of their own.
For this reason I downgraded back to 2.3, because I have no time to
dig
deeper into this and reintroduce the mechanism granting current user
access rights - running certain processes under proper conditions.
Bill: how do you achieve that dovecot creates and writes files in
users
home directories in the name of the current user?
Back in the good old 2.3 days I had this in the config and
everything
just
worked as expected:
mail_location = mbox:~/mail/:INBOX=/var/spool/mail/%u
In case of the new 2.4 version I was unsuccessful with the
following:
mail_driver = mbox
mail_path = /home/%{user}/mail
mail_inbox_path = /var/spool/mail/%{user}
server dovecot: imap(user)<48978><1LgipBQ3LO1/AAAB>: Error:
mkdir(/home/user/mail/.imap) failed: Permission denied (euid=8(mail)
egid=12(mail) missing +x perm: /home/user/mail, dir owned by
1000:100
mode=0700)
Although I haven't specified mail_index_path and mail_control_path
as
you,
I wouldn't expect this to make any difference regarding user rights.
I'm aware, that mbox is deprecated, but still: this is a regression
from
my point of view.
So how about user rights in your case Bill?
Thanks:
Dwokfur
On Dec 1, 2025, at 10:18AM, Bill Steinberg via dovecot
<[email protected]> wrote:
Hello,
I'm attempting to upgrade a mbox format based dovecot server
to
the
latest
2.4.1 on Fedora release 43. I am using sendmail at the MTA.
I
have provided a synopsis of my 2.4.1 dovecot config below. The
dovecot
server
I'm attempting to upgrade is running dovecot 2.3.21 on
Fedora
37.
In the 2.3.21 setup all mbox based folders are at the top level
in
the
user's ~/mail location For example Sent, Trash, Drafts, ...
In
dovecot 2.4.1 this setting no longer works: "mail_location =
mbox:~/mail:INBOX=/var/mail/%u",so when a client connects to the
dovecot
server their sendmail based mbox /var/mail isn't visible.
Additionally mbox folders directly under a user's ~/mail iike
Sent,
Trash,
Drafts are not visible either.
The new 2.4.1 dovecot server creates a folder named "inbox"
under
~/mail
as well as an .imap directory which contains directories
that
appear
to
correspond to the folders at the top level along with other
dovecot
based
files.
Can you describe how I would make the seamail delivered mail
in
/var/spool
as well as a users top level mbox folders accessible in the
new
dovecot
mbox structures?
Thanks in advance for any help,
-Bill
======================================
Dovecot config
======================================
dovecot_config_version = 2.4.1
dovecot_storage_version = 2.4.1
protocols {
imap = yes
lmtp = yes
}
mail_driver = mbox
mail_home = /home/%{user}
mail_path = ~/mail
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
separator = /
}
_______________________________________________
dovecot mailing list -- [4][email protected]
To unsubscribe send an email to [5][email protected]
_______________________________________________
dovecot mailing list -- [6][email protected]
To unsubscribe send an email to [7][email protected]
_______________________________________________
dovecot mailing list -- [8][email protected]
To unsubscribe send an email to [9][email protected]
_______________________________________________
dovecot mailing list -- [10][email protected]
To unsubscribe send an email to [11][email protected]
References
Visible links
1. http://ponusridge.net/fullchain.pem
2. http://ponusridge.net/privkey.pem
3. mailto:[email protected]
4. mailto:[email protected]
5. mailto:[email protected]
6. mailto:[email protected]
7. mailto:[email protected]
8. mailto:[email protected]
9. mailto:[email protected]
10. mailto:[email protected]
11. mailto:[email protected]
_______________________________________________
dovecot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
