[Dovecot] LDA/Postfix with quotas and without LMTP

[Steve Fatula]

Reading the wiki page for dovecot2 and LDA/Postfix, the system users section (all mail delivery goes to system users)... It shows you can simply use postfix mailbox_command. There is this additional comment:

"This command doesn't do a userdb lookup. If you want that (e.g. for per-user quota lookups) you need to add -d "$USER" parameter."

So, i added that. Once adding it, I find I get an error:

dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied


Using mailbox_command in Postfix means that dovecot-lda is running as the system user getting the mail. Which means it can't access the socket file. Of course, one can simply use mode 666 on it, but, then people can use it to find out information according to the doc, which I do not want.

So, I am not sure why the doc says to add -d for per user quotas, without also mentioning the problem with doing that. I don't see how it can work?

Assuming I need per user quotas, and I don't want to use LMTP, is there a good way around this without the security issue?
 
Steve