[Dovecot] Help needed with plugin - Read Only access to IMAP mailbox
Chris Moules
chris at gms.lu
Wed Aug 25 12:59:06 EEST 2010
System info:
# 1.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-686-bigmem i686 Debian squeeze/sid
..
mail_plugins: readonly
..
I have a requirement to have read-only to a mailbox. I have been researching through the wiki, the mailing list archives and
good old Google. There was a number of similar questions with no real definitive answer.
Option 1: ACL
This can work, but not if the mailbox(s) can change without you knowing how. I.E. a online read-only archive of someone else's
mailbox. There is no wild-card or recursive ACL options. Rsync style backups don't allow for easy creation of custom ACL files
per mailbox.
Option 2: Read-only filesystem (Linux)
This seems easy, but it's not.
1) how do you update your archive?
I tried with a bind mount, this does not let you set the 'ro' option *directly*. You must then use "-o remount,ro" to get your
read-only bind mount. This is a little messy (needs custom init scripts for mounting on boot), but do-able.
2) Dovecot needs write access to CONTROL and INDEX files.
This lead me to using the "CONTROL" and "INDEX" options on the mail_locaiton. Setting these to the original 'rw' mount and the
rest to my 'ro' bind mount. Again, messy but do-able.
3) Clients try to move messages from 'new' to 'cur' for Maildir.
Every time I opened a maildir I got an error per mail (dovecot log) about read-only filesysem as the client was trying to set
the Seen flag and dovecot was trying to move the 'new' mail to the 'cur' folder.
My test client, mutt, has a 'read_only' option when connecting. This eliminates this issue, but I cannot get everyone to use
this archive with a correctly configured mutt.
This sent me looking for 'read only' options in other clients. I could hardly find any.
I noted that mutt send an EXAMINE and not a SELECT to open the mailbox when in read_only mode and this set me thinking about
doing this in another way.
Option 3: Dovecot Plugin
I started looking into the dovecot plugins. Being more a systems administrator than developer I have cobbled together a working
plugin. It nearly does what I want, but not quite, and I don't know why.
NOTE: I no longer use the setup that I had to test Options 1 and 2.
I thought that this plugin can either be used server-wide or with the 'mail_plugins' userdb option.
The plugin forces the MAILBOX_OPEN_READONLY flag in a mailbox_open() call.
The plugin returns an error for all mailbox_create() calls.
Testing in mutt:
- I am unable to delete a mail
- I am unable to create a new folder
So far so good. However:
- I am able to move/copy a mail to an *existing* mailbox
(note, the move operation makes the copy but fails to set the 'delete' flag)
I do not understand why this works. I have been grep-ing through the source of dovecot and the plugins to find some answer, but
without luck.
Attached is the full source to my plugin and the Makefile (adapted from Johannes Berg's antispam plugin Makefile)
When finished, I will be happy to release this to the dovecot community under the GPL/LGPL or whatever.
Regards
Chris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: readonly_plugin.tgz
Type: application/x-gtar
Size: 1815 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20100825/d1bcddad/attachment.gtar
More information about the dovecot
mailing list