[Dovecot] moving mail from private inbox to public folder kills the latter
Tamas Kadar
tamas.kadar at espell.com
Wed Aug 11 21:45:45 EEST 2010
On 8/11/2010 7:32 PM, Jerrale G wrote:
> On 8/11/2010 12:54 PM, Tamas Kadar wrote:
>> On 8/11/2010 6:52 PM, Jerrale G wrote:
>>> On 8/11/2010 12:49 PM, Tamas Kadar wrote:
>>>> On 8/11/2010 6:45 PM, Jerrale G wrote:
>>>>> On 8/11/2010 12:02 PM, Tamas Kadar wrote:
>>>>>> Also, it's weird that the mail we have since we migrated to
>>>>>> dovecot is
>>>>>> either 700 or 755, most user's mailboxes are 777, so it shouldn't be
>>>>>> 700...
>>>>>>
>>>>>> (Yeah, I know, not very secure, however no user has shell access,
>>>>>> only
>>>>>> by mail)
>>>>>>
>>>>>> Best regrds
>>>>>> Tamas
>>>>>>
>>>>>> On 8/11/2010 5:52 PM, Tamas Kadar wrote:
>>>>>>> Hi
>>>>>>>
>>>>>>> I've ran into something rather nasty: if a user moves a mail from
>>>>>>> its
>>>>>>> inbox to a public folder, the folder becomes inaccessible for
>>>>>>> others,
>>>>>>> because the moved file will have the the permission 600 instead
>>>>>>> of 777
>>>>>>> (or 666) which the rest of the emails have in the folder.
>>>>>>>
>>>>>>> How can I change this behavior so when he moves the mail it
>>>>>>> automatically becomes world-readable? Also why one mail kills the
>>>>>>> whole
>>>>>>> folder?
>>>>>>>
>>>>>>> Here's the error I get:
>>>>>>> Error:
>>>>>>> open(/home/_shared/projects/.Long.Folder/cur/1281535484.M3B5A7P15183Q0.mail_espell_com:2,Sb)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> failed: Permission denied (euid=1000(ktamas) egid=1000(ktamas)
>>>>>>> missing
>>>>>>> +r perm:
>>>>>>> /home/_shared/projects/.Long.Folder/cur/1281535484.M3B5A7P15183Q0.mail_espell_com:2,Sb,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> euid is not dir owner)
>>>>>>>
>>>>>>> Thanks and best regards
>>>>>>> Tamas
>>>>>>
>>>>> make sure you have the namespaces specified for the public folders so
>>>>> that the correct permissions will be set.
>>>>>
>>>>> http://wiki.dovecot.org/Namespaces
>>>>>
>>>>> J. G.
>>>>>
>>>>> J. G.
>>>>>
>>>>
>>>> I think I set it right, here are my namespaces:
>>>>
>>>> # User's mailbox
>>>> namespace {
>>>> inbox = yes
>>>> location =
>>>> prefix =
>>>> separator = .
>>>> type = private
>>>> }
>>>>
>>>> # The public namespace
>>>> namespace {
>>>> location = maildir:/home/_shared/projects:INDEX=~/Maildir/_shared
>>>> prefix = shared.
>>>> separator = .
>>>> subscriptions = no
>>>> type = public
>>>> }
>>> That is fine as long as you don't have a mysql query, berkeley, or
>>> passwd file looking up the user's homedir, password, and such as well.
>>> If you do, take out the namespace for private as this will defined
>>> another way.
>>>
>>> J. G.
>>
>> Users are authenticated through PAM. No SQL or BerkeleyDB involved. Do
>> you mean that I should disable the private namespace and only define
>> the public?
>>
>> Tamas
> Yes, because you have it authenticated and defined by PAM or mail_location=
>
> J. G.
I've just tried that, if I disable the first (private) namespace, things
break:
Error: user ktamas: Initialization failed: namespace configuration
error: inbox=yes namespace missing
Tamas
More information about the dovecot
mailing list