Using fetchmail with yunohost to retrieve external mail box

Hello there,
Yunohost is a great piece of software, and today I would like to share my experience on how to make fetchmail work with yunohost.

fetchmail is a useful program that retrieves emails from external servers (pop3 or imap)

Unfortunately if you follow the official man page you’ll only get errors, basically because fetchmail service and daemon are launched by a fetchmail user, that has absolutely no right to use dovecot’s services. Adding user fetchmail in mail group does not solve the problem. It seems that only 2 users have rights to use yunohost’s dovecot : root and vmail

So after having imagined and tested several solutions, I will share with you the one I found that absolutely works, and doesn’t jeopardize yunohost config files.

The main idea is to get fetchmail launched by vmail user (who is entitled by yunohost to manage dovecot mda)

first setup fetchmail
sudo apt-get install fetchmail

then create your config file /home/vmail/fechcmdvmail
sudo -u vmail nano /home/vmail/fechcmdvmail

here’s an example which you’ll have to customize to suit your needs

DO NOT FORGET the mda parameter, else you’ll destroy your local mailbox!!!

set syslog
set postmaster root

poll proto pop3 user "" password "your-email-password" is "usernameonyunohost" here
mda "/usr/lib/dovecot/deliver -d %T" nokeep

Important : chmod
sudo -u vmail chmod 0600 /home/vmail/fetchcmd

in order to test this config file
killall fetchmail sudo -u vmail fetchmail --daemon 0 -v -f /home/vmail/fechcmdvmail

Normally you should receive emails left on on your usernameonyunohost mailbox

last step : setup a daemon which will get launched by a cron at boot time, and fetch mails every 1800 seconds

sudo -u vmail crontab -e
use nano when prompted
and add the following line
@reboot fetchmail --daemon 1800 -v -f /home/vmail/fetchcmdvmail
ctrl-X to save

then reboot, and enjoy!

you may verify that the cron is actually running
ps aux |grep fetchmail

If you have problems, don’t forget to watch the logs:
grep CRON /var/log/syslog
grep fetchmail /var/log/syslog
tail -n 200 /var/log/mail.log

Concerning fetchmail, just to inform that recent versions directly support a server mode :

  • create a file /etc/fetchmailrc
  • change settings in /etc/default/fetchmail to allow the server
  • start the service service fetchmail start

I tried to configure mda but dovecot complains about incorrect user/group permissions. So I tried without mda configuration: fetchmail tranfers to postfix which in turn fires procmail, but the later does not understand the /var/mail/user format and moved it away.

I think I found an acceptable workaround: setting the smtpaddress field to the domain controlled by yunohost.

poll proto pop3 user "" password "your-email-password" is "usernameonyunohost" here smtpaddress ""

I changed two things: First i added ssl support, by simply adding the line ssl. Second i changed the MDA so rspamd will add its score so i can filter the spammails:

poll proto pop3
user "" password "your-email-password" is "usernameonyunohost" here
mda '/usr/bin/rspamc --mime --exec "/usr/lib/dovecot/deliver -d %T"'

I encounter difficulties with such settings.

When my local users send mail to other local users using the external address, the mail is no more delivered:

  1. the mail is sent via the local SMTP
  2. the mail is sent to the external SMTP
  3. fetchmail detects the mail and tries to deliver it locally
  4. the local MDA rejects the mail
Mar 28 18:00:28 home fetchmail[1943]: reading message of 16 (2571 octets) (log message incomplete)
Mar 28 18:00:28 home fetchmail[1943]: SMTP error: 553 5.7.1
<>: Sender address rejected: not logged in

Is there a way to fix this? For example, rewriting the recipient to keep the mail delivered locally? Or letting fetchmail deliver without any check?

In order to validate solution, I added a table in virtual_alias_maps with the corresponding aliases.

In /etc/postfix/virtual: user1 user2

In /etc/postfix/

virtual_alias_maps = ldap:/etc/postfix/ hash:/etc/postfix/virtual

And the bug disappeared.

Qestion: why Yunohost does not let us to declare mail aliases using external domain?