Hi, thanks for response: This is my setup: *# 2.0.12 (811a6d173bb2): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.1 auth_cache_negative_ttl = 10 mins auth_cache_size = 10 M default_client_limit = 2048 default_process_limit = 500 dict { quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext } first_valid_uid = 50 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Welcome to **mydomain* *mail_access_groups = _sysadms mail_debug = yes mail_fsync = always mail_location = maildir:%h/maildir:INDEX=%h/cache mail_nfs_index = yes mail_nfs_storage = yes mail_plugins = " quota" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mmap_disable = yes namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/conf.d/**mydomain**/passdb-master.conf driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=2G quota_rule2 = INBOX:messages=+50000 sieve = ~/.dovecot.sieve sieve_before = /etc/dovecot/sieve/ sieve_dir = ~/sieve } postmaster_address = account@mydomain protocols = " lmtp sieve" service auth-worker { process_limit = 1024 process_min_avail = 100 } service dict { unix_listener dict { group = _sysadms mode = 0660 } } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 100 } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /etc/dovecot/conf.d/**mydomain**/userdb.conf driver = sql } verbose_proctitle = yes protocol lmtp { mail_plugins = " quota sieve" } protocol imap { mail_plugins = " quota imap_quota" }* My group _sysadmins contain all operation users and they all need to enter and can do anything on home directories without root access, looking at the source code i applied this patch to test and all going fine: Index: dovecot-2.0.12/src/lib-storage/mailbox-list.c =================================================================== --- dovecot-2.0.12.orig/src/lib-storage/mailbox-list.c 2011-04-15 12:48:40.000000000 -0300 +++ dovecot-2.0.12/src/lib-storage/mailbox-list.c 2011-04-15 12:51:13.000000000 -0300 @@ -420,8 +420,8 @@ struct stat st; /* use safe defaults */ - *file_mode_r = 0600; - *dir_mode_r = 0700; + *file_mode_r = 0660; + *dir_mode_r = 0770; *gid_r = (gid_t)-1; *gid_origin_r = "defaults"; @@ -445,8 +445,8 @@ return; } } else { - *file_mode_r = (st.st_mode & 0666) | 0600; - *dir_mode_r = (st.st_mode & 0777) | 0700; + *file_mode_r = (st.st_mode & 0666) | 0660; + *dir_mode_r = (st.st_mode & 0777) | 0770; *gid_origin_r = path; if (!S_ISDIR(st.st_mode)) { But i think this is not the best way. maildir from database is like: */storage/a/ac/domainname/users/account/maildir* On Wed, Apr 20, 2011 at 12:35 PM, Timo Sirainen <tss@iki.fi> wrote:
On Fri, 2011-04-15 at 12:43 -0300, Francisco Wagner C. Freire wrote:
The problem is: I need to all accounts have the permission 0770. Tried to use the option: mail_access_groups but doesn't work at all when the first creation of the user path.
This setting only gives the process access to extra groups. It doesn't change any behavior.
"For example a simple way to set up shared mailbox access for all system users is to make all mail dirs/files 0770/0660 mode and owned by group "sharedmail" and then set mail_access_groups=sharedmail. Using more fine grained groups of course leaks less mail data in case there's a security hole in Dovecot"
This doesn't talk about the initial maildir creation, only what happens with existing ones..
doveconf -n
You left out a bit too much. What is your mail_location? There may be an easy solution for this.