Hello,
We're a rather largish university (largest in Israel), with some 60-70k users, using Dovecot 1.2.14 (we're cautious about moving to 2.0.x for now).
We need to provide admin rights to faculty computer/IT staff, so they can have access to the mailboxes of their respective users. We use LDAP as an authentication/authorization backend.
Currently, dovecot has a "master user" which can access allmailboxes. I am looking for a solution, preferably within dovecot, to create a delegation type of administration, allowing certain users to access the mailboxes of other users based on an LDAP filter or LDAP attribute value. If possible, allowing per protocol access(that is, I would like to give them IMAP access and not POP3) and within IMAP allowing only to view a mailbox, but not to change it, that would be even better.
Does anyone on this list know of any IMAP proxy providing suchabilities, and also, would the Dovecot team consider this as a candidate for a request for enhancement ? This would be very useful in a delegated administration environment, like most larger organizations, hosting & ISP, and other environments where delegation is an important and very much needed ability.
thanks a bunch,
-- Ariel
Ariel Biener e-mail: ariel@post.tau.ac.il PGP: http://www.tau.ac.il/~ariel/pgp.html