[Dovecot] Shared mailboxes (maildir, symlinks) and permissions

Andreas Ntaflos daff at dword.org
Sat Jul 28 05:11:05 EEST 2007


Hello list, 

I am trying to set up a public mailbox for users to put spam in so that 
sa-learn can do its job at night. Only I can't seem to fully understand how 
and which permissions should be set. I've read [1] and am using Dovecot 
1.0.1.

First some background information: I do not host or care (at the moment) about 
virtual users or virtual mail hosting. All users have Unix system accounts 
and shell access. I'd like to have a Spam folder, say /var/mail/public/.Spam 
that is a maildir where users can put Spam that got through the server-side 
filter. Spamassassin's sa-learn runs nightly and learns from the contents of 
the Spam folder.

After reading [1] I think I should have under /var/mail/public a file called 
dovecot-shared that belongs to root:mail and has permissions 0660 (with user 
dovecot being a member of group mail) so that it looks like this:

root at host:/var/mail/public# ls
drwxr-sr-x 2 root mail 4096 2007-07-28 03:29 .
drwxrwsr-x 3 root mail 4096 2007-07-28 02:19 ..
-rw-rw---- 1 root mail    0 2007-07-28 02:46 dovecot-shared
root at host:/var/mail/public#

The first question arises: should Dovecot have write access 
to /var/mail/public itself?

Now I should create the Spam folder called /var/mail/public/.Spam. Should this 
directory be in maildir format, i.e. should it already contain the 
subdirectories cur, tmp and new? What of the permissions of this directory? I 
am pretty sure Dovecot needs write access to it, so it should look like this:

root at host:/var/mail/public# ls
drwxr-sr-x 3 root mail 4096 2007-07-28 03:44 .
drwxrwsr-x 3 root mail 4096 2007-07-28 02:19 ..
-rw-rw---- 1 root mail    0 2007-07-28 02:46 dovecot-shared
drwxrwsr-x 2 root mail 4096 2007-07-28 03:44 .Spam
root at host:/var/mail/public#

The .Spam directory here is completely empty.

Now in a user's Maildir (/home/user1/Maildir) there are the user's private 
folders; a symlink to /var/mail/public/.Spam should be added:

root at host:/home/user1/Maildir# ln -s /var/mail/public/.Spam .
root at host:/home/user1/Maildir# ls
...
drwx------  5 user1 user1 4096 2007-07-19 16:14 .INBOX.foo
drwx------  5 user1 user1 4096 2007-07-06 23:01 .INBOX.bar
...
lrwxrwxrwx  1 user1 user1  22 2007-07-28 03:51 .Spam -> /var/mail/public/.Spam
...
root at host:/home/user1/Maildir#

Is that all I have to do? Probably not, because I keep getting errors like the 
following when connecting (after subscribing of course):

Jul 28 03:52:35 host dovecot: IMAP(user1): 
mkdir(/home/user1/Maildir/.Spam/cur) failed: Permission denied

Should I have created the cur, tmp and new subdirectories manually and set 
their permissions like /var/mail/public/.Spam? But that still wouldn't give 
user1 write access. If I gave the users (or "others": chmod o+w) write 
permissions then Dovecot's index files would be owned by the first user that 
connects to the server and uses that folder. Apparently also not a solution. 
I also don't think I should have to make my users members of the mail group, 
but I could be wrong here.

So I am not sure what I am missing, or if what I want to do is at all possible 
(without taking out the sledgehammer and setting all permissions to 0777). I 
also apologise for this lengthy post with many details and little interesting 
questions. It's getting late and I fear I've reached a dead end.

I'd really appreciate it if someone knowledgeable could point me in the right 
direction here.

Thanks in advance!

Andreas

[1] http://wiki.dovecot.org/SharedMailboxes
-- 
Andreas "daff" Ntaflos
Vienna, Austria

GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC  7E65 397C E2A8 090C A9B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://dovecot.org/pipermail/dovecot/attachments/20070728/b8dbd0d4/attachment.bin 


More information about the dovecot mailing list