Bug/feature: mail fs pollution on IMAP select namespace/{non-existent}
Peter Benko
pbopbo at freemail.hu
Tue Jun 24 13:04:20 UTC 2014
Hi all,
I have noticed a strange behavior with dovecot (tested with 2.2.13). I use shared folders to share mailboxes between users. I have a namespace called "Accounts" that hosts the shared folder for the users (prefix Accounts/%%n/). However, When I issue an IMAP select command on a random non-existent mailbox name under "Accounts", dovecot auto-creates it and pollutes my mail root directory:
Python test code snippet:
imapConn=imaplib.IMAP4_SSL(serverIP, serverPort)
imapConn.login(serverLogin, serverPass)
print imapConn.select("Accounts/NonExistentMailbox")
imapConn.logout()
Resulting in this:
drwxr-x--- 1 vmail vmail 4096 Jun 12 10:00 _attachments_
>>> drwx------ 1 vmail vmail 4096 Jun 24 14:27 NonExistentMailbox <<<
drwxr-x--- 1 vmail vmail 4096 Jun 24 00:54 user1
drwxr-x--- 1 vmail vmail 4096 Jun 24 01:24 user2
...
-rwxr-x--- 1 vmail vmail 72 Jun 24 14:27 shared-mailboxes.db
ls -l NonExistentMailbox/
-rw------- 1 vmail vmail 0 Jun 24 14:27 dovecot-acl-list
drwx------ 1 vmail vmail 4096 Jun 24 14:27 mailboxes <<< (empty)
I attached a debug log and and my sanitized dovecot config.
Please help! Is this a bug or a feature? I assume it might even cause more serious problems e.g., if I would select "Accounts/_attachments_" or something similar...
I noticed this behavior with the latest Thunderbird client when I tried to subscribe to shared folders and it started to pollute my mail dirs (which signals that Thunderbird might be also buggy as it should not select non-existent folders under "Accounts"). I just reproduced it for simplicity with the above python script.
Best regards,
Peter
debug log
---------
Jun 24 14:27:51 efi-backup dovecot: imap-login: Login: user=<user2 at domain.com>, method=PLAIN, rip=192.168.1.1, lip=192.168.1.3, mpid=10787, TLS, session=<t36aFpT8ggDAqAEB>
Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules
Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so
Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so
Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so
Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Added userdb setting: plugin/master_user=user2 at domain.com
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: Effective uid=5000, gid=5000, home=/mail/mailboxes/domain.com/user2
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:~
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: fs: root=/mail/mailboxes/domain.com/user2, index=, indexpvt=, control=, inbox=, alt=
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: initializing backend with data: vfile
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: acl username = user2 at domain.com
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: owner = 1
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl vfile: Global ACLs disabled
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: Namespace : type=shared, prefix=Accounts/%n/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=mdbox:/mail/mailboxes/%d/%n:INDEX=/mail/mailboxes/%d/%n:INDEXPVT=/mail/mailboxes/domain.com/user2/indexpvt-accounts/%n
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt=
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: initializing backend with data: vfile
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: acl username = user2 at domain.com
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: owner = 0
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl vfile: Global ACLs disabled
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: fs: root=/mail/mailboxes/domain.com/NonExistentMailbox, index=, indexpvt=/mail/mailboxes/domain.com/user2/indexpvt-accounts/NonExistentMailbox, control=, inbox=, alt=
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: Namespace : /mail/mailboxes/domain.com/NonExistentMailbox doesn't exist yet, using default permissions
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: Namespace : Using permissions from /mail/mailboxes/domain.com/NonExistentMailbox: mode=0700 gid=default
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: initializing backend with data: vfile
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: acl username = user2 at domain.com
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: owner = 0
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl vfile: Global ACLs disabled
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: fs: root=/mail/mailboxes/domain.com/NonExistentMailbox, index=, indexpvt=/mail/mailboxes/domain.com/user2/indexpvt-accounts/NonExistentMailbox, control=, inbox=, alt=
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: initializing backend with data: vfile
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: acl username = user2 at domain.com
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl: owner = 0
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl vfile: Global ACLs disabled
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl vfile: file /mail/mailboxes/domain.com/NonExistentMailbox/mailboxes/INBOX/dbox-Mails/dovecot-acl not found
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: Namespace Accounts/NonExistentMailbox/: Using permissions from /mail/mailboxes/domain.com/NonExistentMailbox: mode=0700 gid=default
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Debug: acl vfile: file /mail/mailboxes/domain.com/NonExistentMailbox/mailboxes/INBOX/dbox-Mails/dovecot-acl not found
Jun 24 14:27:51 efi-backup dovecot: imap(user2 at domain.com): Disconnected: Logged out in=56 out=481
doveconf -n
-----------
# 2.2.13 (38cd37cea8b1): /etc/dovecot/dovecot.conf
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
hostname = mail.domain.com
listen = *
login_greeting = $hostname IMAP server
mail_attachment_dir = /mail/mailboxes/%d/_attachments_
mail_attachment_fs = sis-queue /mail/mailboxes/%d/_attachments_/queue:posix
mail_attachment_min_size = 16 k
mail_debug = yes
mail_location = mdbox:~
mail_plugins = " zlib acl"
mdbox_rotate_interval = 5 days
mdbox_rotate_size = 5 M
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace {
list = children
location = mdbox:/mail/mailboxes/%%d/%%n:INDEX=/mail/mailboxes/%%d/%%n:INDEXPVT=/mail/mailboxes/%d/%n/indexpvt-accounts/%%n
prefix = Accounts/%%n/
separator = /
subscriptions = no
type = shared
}
passdb {
args = /mail/config/dovecot/passwd
driver = passwd-file
}
passdb {
args = /mail/config/dovecot/passwd-master
driver = passwd-file
master = yes
pass = yes
}
plugin {
acl = vfile
acl_defaults_from_inbox = yes
acl_shared_dict = file:/mail/mailboxes/%d/shared-mailboxes.db
zlib_save = gz
zlib_save_level = 6
}
postmaster_address = postmaster at domain.com
protocols = imap
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
ssl = required
ssl_cert = </mail/config/public-address-cert.pem
ssl_key = </mail/config/public-address-key.pem
syslog_facility = local6
userdb {
args = uid=vmail gid=vmail master_user=%u home=/mail/mailboxes/%d/%n
driver = static
}
protocol imap {
mail_plugins = " zlib acl imap_acl"
}
remote 192.168.0.0/16/16 {
ssl_cert = </mail/config/private-address-cert.pem
ssl_key = </mail/config/private-address-key.pem
}
More information about the dovecot
mailing list