ps -eo pid,user,group,comm | grep postfix
2886706 postfix postfix pickup
2886707 postfix postfix qmgr
2886764 postfix postfix tlsmgr
Also as far as I know, postfix logs to syslog too. At least there is no dedicated file or folder for it in /var/log.
Setting the permissions in /var/log/dovecot to 666 actually didn't solve the problem, which just opens a whole other bunch of questions. So in case that for some odd reason AppArmor logs aren't logged to syslog (and also it doesn't have a dedicated file), these are the rules for dovecot and postfix I could find:
postfix has an apparmor (in abstractions) file that doesn't say anything about /var/log. It only has these rules for things in /var:
/var/spool/postfix/etc/* r,
/var/spool/postfix/lib/lib*.so* mr,
/var/spool/postfix/lib/@{multiarch}/lib*.so* mr,
Dovecot has two files. In tunables you can find this:
# @{DOVECOT_MAILSTORE} is a space-separated list of all directories
# where dovecot is allowed to store and read mails
#
# The default value is quite broad to avoid breaking existing setups.
# Please change @{DOVECOT_MAILSTORE} to (only) contain the directory
# you use, and remove everything else.
@{DOVECOT_MAILSTORE}=@{HOME}/Maildir/ @{HOME}/mail/ @{HOME}/Mail/ /var/vmail/ /var/mail/ /var/spool/mail
Which doesn't seem to be relevant for this. No idea how dovecot can put the mail into /maildirs/username, but since that's working I'm not complaining.
The file in abstractions only contains this:
# used with dovecot/*
abi <abi/3.0>,
capability setgid,
deny capability block_suspend,
# dovecot's master can send us signals
signal receive peer=dovecot,
owner @{run}/dovecot/config rw,
# Include additions to the abstraction
include if exists <abstractions/dovecot-common.d>