COI with Dovecot

2020-11-20 coi

I recently discovered Chat Over IMAP. It looks like a promising technology that has a lot to offer. I’m currently hosting email on my domain with Postfix/Dovecot and in this post I’ll modify my Dovecot configuration to work with COIand then try the Delta Chat application. I had originally planned for an hour or two of work, however, to get COI configured on Dovecot literally less than 5 minutes!

TL;DR In this post I’ll create a COI Compliant Email Server and use it with the Delta Chat application.

At the time of this writing the Dovecot COI functionality is in Beta.

Current Email Server Setup

I have Postfix and Dovecot running on my Linode Server that hosts this very site. To be fair OpenDKIM is sprinklined in as well. To get these technologies set up is a decent learning curve but once you climb up the curve, I’ve found it to be enjoyable and fun. Yep, I’m crazy. I’d like to hope that I have a pretty much plain vanilla email server setup going. Here are the bullet points on the email server configuration. I didn’t want to turn this post into my entire email server configuration. Just the parts to make it COI compliant.

  • MTA is Postfix
  • MUA is Dovecot
  • SMTPS/IMAP/POP3 and I have SSL certs for, and
  • DKIM is Enabled with OpenDKIM
  • Postfix is setup to have virtual_aliases, virtual_domains. I originally had these alias served by MySQL, but now host them directly through the hash database that is provided by Postfix since it’s more simple and less work than MySQL for my small use case.
  • Postfix delivers mail over LMTP via Unix Domain Socket to Dovecot. Dovecot has a static userdb and I’m using sqlite for the passdb. Again, this choice was made for simplicity on a small scale.
  • Sieve is not enabled

If you haven’t setup a Postfix/Dovecot stack or a Mail Server the above may look quite foreign.

COI Setup

Let’s first look at my directory structure configuration for Dovecot:

$ tree /etc/dovecot
├── conf.d
│   ├── 10-auth.conf
│   ├── 10-logging.conf
│   ├── 10-mail.conf
│   ├── 10-master.conf
│   ├── 10-ssl.conf
│   ├── 20-coi.conf
│   └── auth-sql.conf.ext
├── dovecot.conf
└── dovecot-sql.conf.ext

1 directory, 9 files

The main file here is 20-coi.conf where the content comes straight out of the Dovecot Configuration. Here are the contents:

Dovecot COI Configuration

# file /etc/dovecot/conf.d/20-coi.conf
mail_plugins = $mail_plugins notify push_notification webpush

protocol imap {
  mail_plugins = $mail_plugins imap_coi

protocol lmtp {
  mail_plugins = $mail_plugins lmtp_coi

mail_attribute_dict = file:%h/dovecot-attributes
imap_capability = +IDLE WEBPUSH

Dovecot Main Configuration

There is nothing exciting in the Dovecot Configuration. It’s pretty much what you get out of the box. See line 9 where it will reference our file conf.d/20-coi.conf via regular expression.

# file /etc/dovecot/dovecot.conf
!include_try /usr/share/dovecot/protocols.d/*.protocol
protocols = imap pop3 lmtp
auth_verbose = yes
verbose_ssl = yes
auth_debug = yes
mail_debug = yes
postmaster_address=lloyd at
!include conf.d/*.conf

Delta Chat Application

The Delta Chat application supports COI and is perfect use for our Dovecot server. Messages are stored on the email server where you have your mail. There are not “central chat servers”. The hitch here is you have to log into your email account and put it’s password into another app. This is a security risk, but I digress.

Signing into Delta Chat just works with Dovecot. I had no issues and was able to sign in. You can see above I have logging fully enabled and it looked good.

Download the Delta Chat App

Once the Delta Chat App is installed you’ll see a screen like this:

Delta Chat Welcome

Push the “LOG IN TO YOUR SERVER” button.

Sign into your Dovecot Server

Now is where you type in your email address and your password that Dovecot has. The mail server needs to be configured so that it’s auto-discoverable.

Delta Chat Login

Press the checkmark and it will attempt to log in.

Send a Message

Now that we’re logged into Delta Chat we can send a message.

Delta Chat chat

I just typed “Hello” and waited in suspense.

Chat Message on Dovecot

My Dovecot configuration puts mail into the folder /var/mail/vhosts/ for the user We can see a folder was created. There are 3 chat messages in the .DeltaChat/cur folder. Note, after the picture above with the “Hello” message I sent some from another COI messenger app to it.

$ tree .DeltaChat/
├── cur
│   ├──,S=3088,W=3158:2,S
│   ├──,S=3075,W=3144:2,S
│   └──,S=3067,W=3136:2,S
├── dovecot.index.cache
├── dovecot.index.log
├── dovecot-uidlist
├── maildirfolder
├── new
└── tmp

3 directories, 7 files

COI Message Content

Let’s look at the content of a COI Message. Note, the content is all encrypted. This encryption is happening by Delta Chat.

$ cat .DeltaChat/cur/,S=3067,W=3136:2,S
Return-Path: <>
Received: from
	by with LMTP
	id +LpqFDUquF+KTyoAvZbG3w
	(envelope-from <>)
	for <>; Fri, 20 Nov 2020 20:42:29 +0000
Received: from localhost ( [])
	by (Postfix) with UTF8SMTPSA id 4005DF0A0B
	for <>; Fri, 20 Nov 2020 20:42:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;
	s=default; t=1605904949;
Date: Fri, 20 Nov 2020 20:42:28 +0000
X-Mailer: Delta Chat Core 1.28.0/Android
Chat-Version: 1.0
Autocrypt:; prefer-encrypt=mutual;
Message-ID: <chat$>
To: <>
From: =?utf-8?q??= <>
Subject: ...
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";

Content-Type: application/pgp-encrypted
Content-Description: PGP/MIME version identification

Version: 1

Content-Type: application/octet-stream; name="encrypted.asc"
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc";




Final Thoughts

This is a cool technology that opens a lot of doors. If you want to build Chat into your application it’s easier to do. You do have to ensure the email your user provides is COI Compliant, and have a means to send and receive the chats over IMAP. But once you do this you can send chats with attachments and all sorts of other things the mail system provides.

The fact that you have to provide your IMAP password to a 3rd party is a risk and it makes it more risky to use the same email account for both email and chat if you have separate applications.

From what I know so far is that each Application does their own encryption, thus, having multiple applications used for the same chat isn’t possible. Here is an example. I downloaded Delta Chat App and created a chat to myself. I then downloaded the OX COI Messenger - which is currently not active. I then sent a message from the OX COI Messenger to myself which popped up on the Delta Application. The problem is you cannot read the message sent from OX COI Messenger in the Delta Chat since it cannot create it. Note, this maybe limitations in features on the OX COI Messenger application as when I send messages in Delta Chat I don’t see them in the OX COI Messenger App.

Here is the chat I sent to myself: OX Messenger Chat to Self

Here is what popped up in Delta Chat: Delta Chat Unable to Decrypt

comments powered by Disqus