Why is postfix-spamassassin-dovecot set up this way?

I have recently added spamassassin to my mailserver, as the blacklists weren't effective enough. To clarify: I use Postfix as SMTP + Dovecot as LDA, postgrey for greylisting and postfwd for rate-limiting. To add Spamassassin, I use guide: https://www.digitalocean.com/community/tutorials/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassassin Even though it works, I don't see why it does. What troubles me is the master.cf: smtp inet n - y - - smtpd -o content_filter=spamassassin dovecot unix - n n - - pipe flags=DRhu user=virtual:virtual argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -m ${extension} spamassassin unix - n n - - pipe user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} I don't understand why there is suddenly sendmail involved. Is there a way to set this up more properly? Here is also my postconf -n in case it is needed. append_at_myorigin = yes biff = no broken_sasl_auth_clients = yes default_destination_concurrency_limit = 1 delay_warning_time = 8h disable_vrfy_command = yes dovecot_destination_concurrency_limit = 1 dovecot_destination_recipient_limit = 1 enable_original_recipient = yes local_destination_concurrency_limit = 1 mailbox_size_limit = 100000000 maximal_queue_lifetime = 6d message_size_limit = 52428800 myhostname = REDACTED myorigin = /etc/mailname smtp_helo_name = REDACTED smtp_use_tls = yes smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated smtpd_delay_reject = no smtpd_hard_error_limit = 10 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10040 permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], reject_rbl_client bl.spamcop.net, reject_rbl_client cbl.abuseat.org, check_policy_service inet:127.0.0.1:10023 smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unlisted_recipient, reject_unauth_destination, reject_unauth_pipelining smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = REDACTED smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, reject_unknown_sender_domain smtpd_soft_error_limit = 5 smtpd_tls_cert_file = REDACTED smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA smtpd_tls_key_file = REDACTED smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes strict_rfc821_envelopes = yes tls_random_source = dev:/dev/urandom virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf virtual_transport = dovecot