[Dovecot] Urgent problem with deleting emails and maildirsize
Kyle Wheeler
kyle-dovecot at memoryhole.net
Fri Jul 3 19:19:33 EEST 2009
On Thursday, July 2 at 05:28 PM, quoth Jose Luis Marin Perez:
> When calculating the quota through maildirsize did not consider the
> emails with flag T.
What's the point of having a quota if users can circumvent it by
simply labeling their messages as "deleted"?
In all truth, if it weren't for the "expunge" command, the \Deleted
label would be no different from any other label. And from that
perspective, what you're asking for is essentially equivalent to a
"\DoesntCount" tag, so that users can circumvent the quota by giving
their messages a tag that prevents them from counting towards their
quota limit. The messages *aren't* deleted; they can still be read,
copied, forwarded.
What is to prevent a user from storing several gigabytes worth of
"deleted" messages on your server? From that perspective, this is a
security problem: any user can attack your server by creating a
denial-of-service condition. They can simply store a huge number of
"deleted" messages, occupying so much disk space that no other users
can receive mail. Normally, a quota mechanism is supposed to protect
you from this type of attack, but you're explicitly asking for a way
for users to easily avoid the quota restrictions.
> Dovecot is working perfectly, the problem is that as Courier had this
> feature,
That's not a feature, that's a security bug.
> users will not purge mails
So what's the point of having a quota?
~Kyle
--
Those who profess to favor freedom, and yet depreciate agitation, are
men who want rain without thunder and lightning.
-- Frederick Douglass
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 842 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20090703/022b6a84/attachment-0001.bin
More information about the dovecot
mailing list