[Dovecot] shared mailboxes and indexes

Timo Sirainen tss at iki.fi
Tue Nov 27 03:00:29 EET 2012 

On 23.11.2012, at 17.53, Sven Hartge wrote:

>>>> BTW. Do you have multiple Dovecot backend servers? Director works
>>>> only when you're not using shared mailboxes.. 
> 
>> You can't reliably do it if the mailboxes are accessed directly via
>> NFS. The current idea to solve this is to use imapc backend with
>> master users, so the actual mailbox access for each user is always
>> done by only one server. I think someone already managed to configure
>> such a setup.
> 
> This was me.
> 
> It works (with one minor quirk, more on this later) in my current test
> setup like so:
> 
> a) 1 to X user-servers with the users mailboxes on them
> b) 1 shared-server with the shared mailboxes on them

For implementing shared mailboxes between all user servers, I think what would need to be developed is:

> imapc_host = m-st-sh-01.example.com
> imapc_master_user = %u
> imapc_user = shared

Somehow being able to set "imapc_user = %%u" where %%u expands to the shared namespace's username. Or maybe setting the imapc_user automatically to that when accessing it via type=shared namespace.

> Note: You CANNOT have ACLs activated on the users-servers, because this
> will interfere with the permissions of ht IMAPShared namespace,
> rendering the mailboxes located in there unavailable for your users.

And some way to disable ACLs for shared namespaces that use imapc. Not sure what would be a nice way of doing this.

The attached patch contains these two changes. The first one I could commit immediately. The second one probably would need to be configurable somehow (maybe a generic disable_acls=yes setting for namespace?)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: diff
Type: application/octet-stream
Size: 1148 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20121127/1d852c4f/attachment-0004.obj>
-------------- next part --------------


> Now the mentioned quirk: Because all connections on the shared-server
> are made to the same user "shared" and are coming from very few IPs
> (the 1 to X user-servers), you need to set a very high
> mail_max_userip_connections value.
> 
> I set mine to 1000 just to be sure.
> 
> ---> But: I have NOT configured login_trusted_networks, so this may be
> my error in that case.

I don't think that setting helps.

More information about the dovecot mailing list