diff --git a/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-mail.conf b/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-mail.conf
new file mode 100644
index 000000000..e3c908d64
--- /dev/null
+++ b/plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-mail.conf
@@ -0,0 +1,25 @@
+# Direct edits to this file will be lost!
+# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
+
+# Users in FreedomBox are not expected to access mail by logging into the
+# system. Storing the mail in single location instead of home directories and
+# with single UID/GID simplifies security reasoning and backup/restore
+# operations.
+#
+# When FreedomBox has multiple domains a user is expected to get a mailbox that
+# is same across the domains. Changing an domain name is not uncommon in
+# FreedomBox. So, authenticate and store mails based on username only instead of
+# including domain names in storage path.
+#
+# For authdb and userdb, the passwd driver looks up using NSS. In FreedomBox,
+# NSS is configured to lookup LDAP with the help of libnss-ldapd. There is no
+# need to configure LDAP lookup separately.
+#
+# Directories are created under /var/mail as necessary by dovecot. Permissions
+# for newly created directories are inherited from parent directory. FreedomBox
+# will remove all permissions for 'others' from /var/mail to ensure that mail is
+# not read by non-root users.
+userdb {
+    driver = passwd
+    override_fields = home=/var/mail/%Ln uid=mail gid=mail
+}
diff --git a/plinth/modules/email_server/data/etc/dovecot/conf.d/15-freedombox-mail.conf b/plinth/modules/email_server/data/etc/dovecot/conf.d/15-freedombox-mail.conf
new file mode 100644
index 000000000..40bccbce2
--- /dev/null
+++ b/plinth/modules/email_server/data/etc/dovecot/conf.d/15-freedombox-mail.conf
@@ -0,0 +1,16 @@
+# Direct edits to this file will be lost!
+# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
+
+# Use sdbox, a format specific to dovecot, for storing mails. The format allows
+# better performance with some IMAP queries. When this is combined with Full
+# Text Search (FTS), users will get optimal web and desktop mail experience.
+# Don't pick mdbox format because is requires regular expunge maintenance. We
+# have enabled btrfs filesystem compression by default.
+mail_location = sdbox:~/mail
+
+# We try to deliver all mail using a single UID 'mail' and a single GID 'mail'.
+# In Debian, UID of mail user is 8 and GID of mail user is 8 as set in
+# /usr/share/base-passwd/{passwd|group}.master. By default first valid UID in
+# dovecot is 500.
+first_valid_uid = 8
+last_valid_uid = 8