[Dovecot] Accessing mail files not owned by imap login user
Ben Morrow
ben at morrow.me.uk
Fri May 3 17:11:37 EEST 2013
At 3PM -0700 on 1/05/13 you (PaulM47) wrote:
>
> I have managed to set up a 'maildir' based mail system using fetchmail and
> procmail that delivers sorted mail to folders /var/spool/mail/user1,
> ../user2 etc. 'user1', 'user2' etc. are real users but the mail system is
> run under logged in user 'mailserver'. The mail folders are owned by
> 'user1', 'user2' etc. but mail files, when delivered, are owned by
> 'mailserver'. I've been unable to find a way to change this behaviour :-(
I'm not sure about the rest of your problem (I'd have to reread the
documentation, since this isn't a setup I use myself, and you can do
that as well as I), but this bit is straightforward. The only way for a
process running as one uid (say, fetchmail running as mailserver) to
create a file owned by another uid is to pass the data to some other
process running either as the target uid or as root.
This means, to get the uids right (which I would strongly recommend),
you need a daemon; fortunately, Dovecot provides an LMTP daemon which
will do just fine. If you set up the Dovecot LMTP server, fetchmail will
deliver to that quite happily, and the delivered mail files will then
have the correct owners.
You haven't said what you're doing with procmail; if you're doing
anything beyond arranging for the mail to go to the right user you will
need to replace that filtering with sieve. Note that, if you really
must, you can use the sieve-extprograms extension to deliver using
procmail once the LMTP server has switched down to the right uid.
> Dovecot is configured by adding the single line 'mail_location =
> maildir:/var/spool/mail/%u' to 'dovecot.conf', everything else is as
> installed. When I make an imap connection as 'user1' the logon is
> successful, the mail files are moved from ../new/ to ../cur/ but are
> invisible to the imap client. If I 'chown' the mail files to 'user1' they
> instantly become visible to the imap client.
One thing to try is to run imap in preauth mode (see the wiki) under
ktrace/strace/truss/whatever (as the right user, obviously), so you can
see what it's trying to do and where it's failing.
Ben
More information about the dovecot
mailing list