[Dovecot] Lock down Shared Mail Accounts?

Charles Marcus CMarcus at Media-Brokers.com
Wed Mar 7 15:32:32 EET 2012


On 3/5/2012 1:30 PM, Steve Campbell wrote:
 > I've been looking at some documentation on shared mail accounts.
 > But I'm getting mixed thoughts on how this can or should be done.

This brings up a question I have been meaning to ask.

One thing I want to do on my new converted system is to implement shared 
mail. There will be two different scenarios - users sharing 'folders', 
which looks to be fairly simple using virtual ACL files - but for the 
other scenario, I'm not sure about a specific requirement we will have...

I want to give multiple people shared access to some actual accounts 
with all of the special use folders, with the following requirements:

1. They can all read/reply to new messages as they come in,

2. They use shared \seen, \replied and \forwarded flags, so once someone 
else has read/dealt with a message, the others see that,

3. When they reply to/forward a message, the Sent message gets saved to 
that accounts 'Sent' folder,

4. They can *move* messages to other folders in that account (ie, 'file' 
them), and last

(this is the tricky part)

5. No one other than a designated user or users (Master User(s)? Users 
in a specified Group?) can delete any messages in this account, in any 
of the folders.

These emails deal with financial transactions (AP and AR issues) and 
Faxes, thus the requirement to not be able to delete them.

Can this be accomplished with the current state of things? Or would this 
require some coding? If the latter, could it be done as a plug-in, or 
would it require changes to the core code?

Thanks,

-- 

Best regards,

Charles



More information about the dovecot mailing list