maildrop is a method for filtering mail based on complicated and user defined rules. It has similar functionality to procmail, but has better database and maildir quota support.

We use maildrop both to allow user customized filters and to handle the spam processing.

For more information, see the maildrop man page.

debugging maildrop

maildrop -V 10 -d < test.txt
maildrop -v

build maildrop-mysql

the package in debian does not include the ability to look up delivery information from mysql. we build a package for that here

# apt-get source maildrop
# apt-get install dpkg-dev fakeroot build-essential cdbs debhelper libgdbm-dev courier-authlib-dev libpcre3-dev
# cd maildrop-x.x.x
# edit debian/rules:
  --enable-sendmail=/usr/sbin/sendmail --enable-maildirquota \
  --without-db --enable-maildropmysql
# edit debian/control:
  change package name from maildrop to maildrop-mysql
  make it conflict with maildrop
# dpkg-buildpackage -rfakeroot -uc -b
# cd ..
# dpkg -i maildrop-mysql_x.x.x-x_i386.deb
  1. add user mail to group daemon
  2. make sure daemon group can write /var/run/courier/authdaemon (actually, the only way we could get it working was to 777 everything)

configure postfix

codetitle. /etc/postfix/

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=mail argv=/usr/bin/maildrop -w 90 -d ${recipient}

-w 90 makes it so that the user will get a quota warning message in their inbox when their mailbox is 90% full.

see this page for info on the flags:


codetitle. /etc/maildroprc


exception {
  if ( $SIZE < 250000 )
    `logger -t maildrop "Checking for spam: $FR $TO"`
    xfilter "/usr/bin/spamc -d spamd -u $LOGNAME"
  if (/^X-Spam-Flag: YES/)
    exception {
      `logger -t maildrop "Found spam: $FR $TO ($SUB)"`
       to "$DEFAULT/.Spam/"
    `logger -t maildrop "Delivering: $FR $TO $DEFAULT"`

exception {
  include "$DEFAULT/mailfilter"


  • the placement of the curly braces {} is very important. with exception, the first brace must be on the same line. with if the first brace must be on the next line.
  • maildrop has a built in logging command. in this file, we run the external command logger instead. We do this so that we can put all the maildrop log entries in a separate file.

making messages bounce when a user is over quota

codetitle. /usr/local/bin/maildrop_wrapper


/usr/bin/maildrop $1 $2 $3 $4 $5
if [[ "$?" == "77" || "$?" == "75" ]]; then
 exit 100

codetitle. /etc/postfix/

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=mail argv=/usr/local/bin/maildrop_wrapper -w 90 -d ${recipient}