[Dovecot] Shared mailbox ACL

Alex Ferrara alex at receptiveit.com.au
Tue Jan 28 05:41:30 EET 2014 

On 24/01/2014, at 8:40 PM, Alex Ferrara <alex at receptiveit.com.au> wrote:

> Hi everyone,
> 
> I am having some trouble with shared folders in trying to replicate how we use them with a Cyrus backend.
> 
> The auth database is Samba4 active directory, so I am using an LDAP lookup to authenticate and forcing the UID and GID to be all the same. I have a post-login script that sets the group ACL, and this seems to be working fine. /mnt/mail is an NFS mount to a FreeNAS machine, and there is only one Dovecot server connecting to that NFS share.
> 
> I have been able to get the inbox of the shared mailbox to appear in Thunderbird, but I would like to allow all subfolders to have the same ACLs. Is there a way to do this without having an ACL entry for each folder in the dovecot-acl file? I also cannot seem to create folders under the shared inbox.
> 
> Thanks.
> 
> Below is the output of /mnt/mail/acl/shared-mailboxes
> shared/shared-boxes/group/accounting/accounting
> 1
> shared/shared-boxes/group/team1/team1
> 1
> shared/shared-boxes/group/team2/team2
> 1
> 
> Below is the output of dovecot -n
> 
> # 2.1.7: /etc/dovecot/dovecot.conf
> # OS: Linux 2.6.32-22-pve x86_64 Debian 7.3 nfs
> auth_mechanisms = plain login
> auth_username_format = %n
> mail_debug = yes
> mail_location = maildir:/mnt/mail/mailboxes/%n/Maildir:INDEX=/var/local/dovecot-indexes/%n
> mail_plugins = acl
> mail_shared_explicit_inbox = no
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
> namespace {
>  list = yes
>  location = maildir:/mnt/mail/mailboxes/%%n/Maildir:INDEX=/var/local/dovecot-shared/%%n
>  prefix = ZGroup/%%n/
>  separator = /
>  subscriptions = no
>  type = shared
> }
> namespace inbox {
>  inbox = yes
>  location =
>  mailbox Drafts {
>    special_use = \Drafts
>  }
>  mailbox Junk {
>    special_use = \Junk
>  }
>  mailbox Sent {
>    special_use = \Sent
>  }
>  mailbox "Sent Messages" {
>    special_use = \Sent
>  }
>  mailbox Trash {
>    special_use = \Trash
>  }
>  prefix =
>  separator = /
>  type = private
> }
> passdb {
>  args = /etc/dovecot/dovecot-ldap.conf.ext
>  driver = ldap
> }
> plugin {
>  acl = vfile
>  acl_defaults_from_inbox = yes
>  acl_shared_dict = file:/mnt/mail/acl/shared-mailboxes
>  sieve = ~/.dovecot.sieve
>  sieve_dir = ~/sieve
> }
> protocols = " imap lmtp sieve"
> service auth {
>  unix_listener /var/spool/postfix/private/auth {
>    group = postfix
>    mode = 0660
>    user = postfix
>  }
> }
> service imap-postlogin {
>  executable = script-login /usr/local/bin/postlogin.py
>  user = vmail
> }
> service imap {
>  executable = imap imap-postlogin
> }
> service lmtp {
>  unix_listener /var/spool/postfix/private/dovecot-lmtp {
>    group = postfix
>    mode = 0600
>    user = postfix
>  }
>  user = vmail
> }
> ssl_cert = </etc/dovecot/dovecot.pem
> ssl_key = </etc/dovecot/private/dovecot.pem
> userdb {
>  args = /etc/dovecot/dovecot-ldap.conf.ext
>  driver = ldap
> }
> protocol lmtp {
>  mail_plugins = quota sieve
> }
> protocol lda {
>  mail_plugins = quota sieve
> }
> protocol imap {
>  mail_plugins = acl imap_acl
> }


Any ideas?

aF

More information about the dovecot mailing list