LMTP Server
LMTP is a network-available service that handles local delivery of messages.
It is defined by RFC 2033.
The main difference from LDA is that the LDA is a short-running process, started as a binary from command line, while LMTP is a long-running process started by Dovecot's master process.
TIP
LMTP is the recommended method for mail delivery for most installations.
Common Delivery Settings
postmaster_address
is used as the From: header address in bounce mailshostname
is used in generated Message-IDs and inReporting-UA:
header in bounce mailssendmail_path
is used to send mails. Note that the default is/usr/sbin/sendmail
, which doesn't necessarily work the same as/usr/lib/sendmail
.- Alternatively you can use
submission_host
to send mails via the specified SMTP server.
- Alternatively you can use
auth_socket_path
specifies the UNIX socket to auth-userdb where LDA can lookup userdb information when-d
parameter is used. See below how to configure Dovecot to configure the socket.
TIP
The config files must be world readable to enable dovecot-lda process to read them while running with user privileges.
You can put password related settings to a separate file, which you include with `!include_try` and dovecot-lda skips them.
Envelope Addresses
Compared to dovecot-lda parameters, the addresses are taken from:
LDA Flag | LMTP Command | Description |
---|---|---|
-f | MAIL FROM: | Envelope sender address |
-r | RCPT TO: | Final envelope recipient address |
-a | RCPT TO: , but may be overridden by lda_original_recipient_header | Original envelope recipient address |
-d | RCPT TO: , but with the +extension part removed when recipient_delimiter is enabled | Destination username. If usernames differ from recipient email addresses, the userdb must handle the translation. |
Listeners
You can configure LMTP to be listening on TCP or UNIX sockets:
TIP
By general convention, LMTP is expected to listen on port 24.
# add lmtp to protocols, otherwise its listeners are ignored
protocols = {
lmtp = yes
}
service lmtp {
inet_listener lmtp {
address = 192.168.0.24 127.0.0.1 ::1
port = 24
}
unix_listener lmtp {
#mode = 0666
}
}
The UNIX listener on $base_dir/lmtp
is enabled by default when protocols setting contains lmtp.
Security
Unfortunately LMTP process currently needs to run as root, and only temporarily drop privileges to users. Otherwise it couldn't handle mail deliveries to more than a single user with different UID.
If you're using only a single global UID/GID (i.e. virtual users), you can improve security by running lmtp processes as that user:
service lmtp {
user = vmail
}
LMTP Proxying
It's possible to use Dovecot LMTP server as a proxy to remote LMTP or SMTP servers.
The configuration is similar to proxy passdb, but you'll need to tell Dovecot LMTP to issue passdb lookups: lmtp_proxy = yes
.
Performance
For higher volume sites, it may be desirable to increase the number of active listener processes. A range of 5 - 20 is probably good for most sites:
service lmtp {
process_min_avail = 5
}
Logging
If you want to store LMTP delivery logs to a different file, you can do it with:
service lmtp {
executable = lmtp -L
}
protocol lmtp {
info_log_path = /var/log/dovecot-lmtp.log
}
For rawlogs, please see rawlog.
Plugins
Most of the Dovecot plugins work with LMTP.
Virtual quota can be enforced using quota plugin.
lmtp_rcpt_check_quota = yes
enables quota checking already at RCPT TO stage. This check isn't done for proxied connections.
Sieve language support can be added with Sieve.
Address Extension Delivery
To make address extension work with LMTP you must check that these variables are set: