[Dovecot] Lock down Shared Mail Accounts?

Timo Sirainen tss at iki.fi
Sat Mar 10 18:50:15 EET 2012


On 7.3.2012, at 15.32, Charles Marcus wrote:

> 4. They can *move* messages to other folders in that account (ie, 'file' them), and last
> 
> (this is the tricky part)
> 
> 5. No one other than a designated user or users (Master User(s)? Users in a specified Group?) can delete any messages in this account, in any of the folders.

There is unfortunately no "default ACL" feature currently. Although you could somewhat easily add an ugly hack to the code for that. And I guess it wouldn't be difficult to implement it, maybe by reading it from $mail_root/dovecot-acl-default file or something..

So without code changes you could:

 - create all of the necessary folders
 - set such ACLs that user can't create any more folders
 - disallow expunging in all folders



More information about the dovecot mailing list