Questions on supporting Shared Mailboxes using imapc://
Nathan Coulson
nathan at bravenet.com
Fri Oct 9 17:33:55 UTC 2015
I was not able to get a shared mailbox setup working using imapc. Tested
using mailboxes on the same server, as well as other servers.
We are using dovecot 2.2.10 from Centos 7, following the guide at
http://wiki2.dovecot.org/SharedMailboxes/ClusterSetup
imapc_host=192.168.5.5 #(Local dovecot server)
imapc_master_user= %u
imapc_password=TempPass
#imapc_user=test2 at example.com # Added for testing.
namespace {
type = shared
separator = /
prefix = shared/%%u/
list = children
location = imapc:~/shared/%%u/
}
namespace { # used as a control to verify that shared mailboxes work
type = shared
separator = /
prefix = shared2/%%u/
list = children
location = sdbox:%%h:INDEXPVT=~/shared2/%%u
}
dict {
acl = mysql:/etc/dovecot/dovecot-sql_aggelos_shares.conf.ext
}
plugin {
acl = vfile
acl_shared_dict = proxy::acl
}
mail_plugins = acl
protocol imap {
mail_plugins = acl imap_acl
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
passdb { # for master user logins
driver = sql
args = /etc/dovecot/dovecot-sql_aggelos_aclmaster.conf.ext
master = yes
pass = yes
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
I can login using test2 at example.com*test at example.com (and see all of
test2's email), and it looks like it authenticates ok via imap, but
shared never shows up. No issues using shared2 which uses direct access
to the mailbox
doveadm acl debug -u test at example.com shared/test2 at example.com (Fails,
uses imapc)
doveadm(test at example.com): Info: Mailbox 'INBOX' is in namespace
'shared/test2 at example.com/'
doveadm(test at example.com): Info: Mailbox path:
/misc/1/2/mail/test at example.com-4/shared/test2 at example.com/.INBOX
doveadm(test at example.com): Info: All message flags are shared across
users in mailbox
doveadm(test at example.com): Info: User test at example.com has no rights for
mailbox
doveadm(test at example.com): Error: User test at example.com is missing
'lookup' right
doveadm(test at example.com): Info: Mailbox shared/test2 at example.com is NOT
visible in LIST
doveadm acl debug -u test at example.com shared/test2 at example.com/Junk
(Fails, contains a folder that exists)
doveadm(test at example.com): Info: Mailbox 'Junk' is in namespace
'shared/test2 at example.com/'
doveadm(test at example.com): Info: Mailbox path:
/misc/1/2/mail/test at example.com-4/shared/test2 at example.com/.Junk
doveadm(test at example.com): Info: All message flags are shared across
users in mailbox
doveadm(test at example.com): Info: User test at example.com has no rights for
mailbox
doveadm(test at example.com): Error: User test at example.com is missing
'lookup' right
doveadm(test at example.com): Info: Mailbox shared/test2 at example.com/Junk
is NOT visible in LIST
doveadm acl debug -u test at example.com shared/test2 at example.com/z (Fails,
contains a folder that does not exist. Expected result)
doveadm(test at example.com): Error: Mailbox 'z' in namespace
'shared/test2 at example.com/' doesn't exist in
/misc/1/2/mail/test at example.com-4/shared/test2 at example.com/.z
doveadm acl debug -u test at example.com shared2/test2 at example.com (Works,
using direct storage)
doveadm(test at example.com): Info: Mailbox 'INBOX' is in namespace
'shared2/test2 at example.com/'
doveadm(test at example.com): Info: Mailbox path:
/misc/1/2/mail/test2 at example.com-87/mailboxes/INBOX/dbox-Mails
doveadm(test at example.com): Info: Per-user private flags in mailbox: \Seen
doveadm(test at example.com): Info: User test at example.com has rights:
lookup read write-seen
doveadm(test at example.com): Info: Mailbox found from dovecot-acl-list
doveadm(test at example.com): Info: User test2 at example.com found from ACL
shared dict
doveadm(test at example.com): Info: Mailbox shared2/test2 at example.com is
visible in LIST
It feels like the acl information in the vfiles is not available when
using imapc.
Our setup is as follows: (Currently does not use Dovecot Director, but
has the same issues where shared mailboxes may not be local on the server)
* Front servers, that are running dovecot (proxy to backend servers)
* Backend Servers, each handle their own local users.
Thank you
--
Nathan Coulson
System Administrator for Bravenet
www.bravenet.com
nathan at bravenet.com
More information about the dovecot
mailing list