diff --git a/data/hooks/conf_regen/28-rmilter b/data/hooks/conf_regen/28-rmilter
index db42371e8..011856cd6 100755
--- a/data/hooks/conf_regen/28-rmilter
+++ b/data/hooks/conf_regen/28-rmilter
@@ -39,6 +39,11 @@ do_post_regen() {
   sudo chown _rmilter /etc/dkim/*.mail.key
   sudo chmod 400 /etc/dkim/*.mail.key
 
+  # fix rmilter socket permission (postfix is chrooted in /var/spool/postfix )
+  sudo mkdir -p /var/spool/postfix/run/rmilter
+  sudo chown -R postfix:_rmilter /var/spool/postfix/run/rmilter
+  sudo chmod g+w /var/spool/postfix/run/rmilter
+
   [ -z "$regen_conf_files" ] && exit 0
 
   # reload systemd daemon
diff --git a/data/templates/postfix/main.cf b/data/templates/postfix/main.cf
index ffea0aee3..b0b2688d9 100644
--- a/data/templates/postfix/main.cf
+++ b/data/templates/postfix/main.cf
@@ -141,7 +141,7 @@ smtp_reply_filter = pcre:/etc/postfix/smtp_reply_filter
 # Rmilter
 milter_mail_macros =  i {mail_addr} {client_addr} {client_name} {auth_authen}
 milter_protocol = 6
-smtpd_milters = unix:/var/tmp/rmilter.sock
+smtpd_milters = unix:/run/rmilter/rmilter.sock
 
 # Skip email without checking if milter has died
 milter_default_action = accept
diff --git a/data/templates/rmilter/rmilter.conf b/data/templates/rmilter/rmilter.conf
index c09a604b8..829d76418 100644
--- a/data/templates/rmilter/rmilter.conf
+++ b/data/templates/rmilter/rmilter.conf
@@ -5,7 +5,7 @@
 # pidfile - path to pid file
 pidfile = /run/rmilter/rmilter.pid;
 
-bind_socket = unix:/var/tmp/rmilter.sock;
+bind_socket = unix:/var/spool/postfix/run/rmilter/rmilter.sock;
 
 # DKIM signing
 dkim {