hi!
i would appreciate to have some comments on my below scenario:
# from the config userdb static { args = uid=vmail gid=mail home=/vmail/%d/%n }
namespace public { separator = / prefix = All/ location = maildir:/vmail/%d/all/Maildir:CONTROL=~/Maildir/control/ all:INDEX=~/Maildir/index/all inbox = no hidden = no }
namespace private { separator = / prefix = location = maildir:~/Maildir inbox = yes hidden = no } # end config
the public namespace is also the maildir of the user "all@mydomain".
a sieve skript is dropping mail for all@mydomain to the appropriate
maildir within this maildir/namespace (e.g. .Support/)
first of all: this works to some point but is such a configuration
valid? can a public namespace be the maildir of a user?
if a new mail for all@mydomain comes in, all subscribed users (of
this domain) can view it and it is marked as /Seen individually.
the important feature to me: the /Seen flags are managed per user as
configured in the public namespace
now the problem:
the whole mail system runs with one uid/gid and virtual users, which
has the effect that some user can delete mails in the public
namespace or drop mails into it, create folders etc. this is not
wanted. i wanted a read-only public namespace. so i decided to use
acls. as namespace prefixes are ignored i needed to create them
globally. my first try was:
/etc/dovecot/acls/Support:
owner lrwstiekxa authenticated lr
which lead to the result that other users than all@mydomain cannot
manipulate the public namespace at all, including setting their /Seen
flag. that was the first surprise to me as i thought this flag would
be managed seperately in the users homes.
after a (very short) thought i came to this (allow setting the /Seen
flag for others):
owner lrwstiekxa authenticated lrs
which lead to another unexpected result: the /Seen flag is now set
globally. if one user marks a mail /Seen, it is /Seen for all other
users too.
where is the problem? except for the iso/osi layer 8 problem i am
aware of...
marc