diff --git a/target/dovecot/10-master.conf b/target/dovecot/10-master.conf
index 2c5fa6ba..e037367e 100644
--- a/target/dovecot/10-master.conf
+++ b/target/dovecot/10-master.conf
@@ -114,3 +114,5 @@ service dict {
     #group =
   }
 }
+
+!include chroot.inc
diff --git a/target/dovecot/chroot.inc b/target/dovecot/chroot.inc
new file mode 100644
index 00000000..dccffa1e
--- /dev/null
+++ b/target/dovecot/chroot.inc
@@ -0,0 +1,47 @@
+# This file removes `chroot` environments that
+#
+# 1. are not strictly needed
+# 2. can cause problems
+#
+# See https://github.com/docker-mailserver/docker-mailserver/pull/3208#pullrequestreview-1366106516
+# and it's related PRs.
+
+service aggregator {
+  chroot =
+}
+
+service anvil {
+  chroot =
+}
+
+service director {
+  chroot =
+}
+
+service ipc {
+  chroot =
+}
+
+service old-stats {
+  chroot =
+}
+
+service imap-login {
+  chroot =
+}
+
+service managesieve-login {
+  chroot =
+}
+
+service pop3-login {
+  chroot =
+}
+
+service submission-login {
+  chroot =
+}
+
+service imap-urlauth-login {
+  chroot =
+}
diff --git a/target/postsrsd/postsrsd b/target/postsrsd/postsrsd
index 1ec1822a..91b648c0 100644
--- a/target/postsrsd/postsrsd
+++ b/target/postsrsd/postsrsd
@@ -36,6 +36,3 @@ SRS_REVERSE_PORT=10002
 # This is highly recommended as postsrsd handles untrusted input.
 #
 RUN_AS=postsrsd
-
-# Jail daemon in chroot environment
-CHROOT=/var/lib/postsrsd