[Dovecot] Shared mailboxes basics
Thomas Hummel
hummel at pasteur.fr
Mon Mar 22 12:05:11 EET 2010
On Mon, Mar 22, 2010 at 10:25:45AM +0100, Steffen Kaiser wrote:
> My idea was to put everybody sharing folders and everybody, who may access
> shared folders, into the same group "doveshared", then leverage the
> Unix permissions, that this group may access the folders. So I do not need
> to use 0777 everywhere.
So basically, you get to the "single UID virtual users" solution but with GID,
right ?
Do you mean your maildirs are all in 0770 <user> doveshared ? But it still
gives too much permission in general...Especially if your users can access
their mailboxes outside of IMAP (NFS, CIFS, ...). How do you deal with that ?
> Do you use 0777 Unix perm on all Maildir's and mail folders? Is it working
> reliable, when mails are dropped with Deliver and APPEND, and when the
> MUA creates new (sub-)folders?
Well, it was still a theorical question. I haven't really tried anything yet.
Also, I'm not using deliver (I know I should) but procmail.
But since for me mail_location is not accessible for users by anything else
than IMAP, loose permissions may not be such a critical issue...
Besides, I was thinking of creating as many groups (similar in purpose to your
doveshared one) as needs to share a mailbox, if and only if I could somehow
restrict (politically I mean) the use of shared mailboxes to "privileged" users
(for instance a unit chief and his assistant, ...). Not really scalable I'm
afraid though....
--
Thomas Hummel | Institut Pasteur
<hummel at pasteur.fr> | Pôle informatique - systèmes et réseau
More information about the dovecot
mailing list