On Fri, 24 May 2013, Ben Morrow wrote:
At 4PM -0700 on 23/05/13 you (Dan Mahoney, System Admin) wrote:
I'm in the process of writing some scripts which I want to be able to take actions on my local mailbox. (For example, to move a subset of messages to the trash over time, if unread for a week. To act on messages in my learn-spam folder and then delete them).
Aah!
I came across this in the Q&A, and assumed such a thing wasn't possible:
-=-
Can Dovecot authenticate and work via UNIX sockets?
Dovecot authentication already works via UNIX sockets, but it only speaks its internal protocol. You could always create a "socket" passdb/userdb. Probably should be made compatible with "checkpassword" protocol. Patches welcome :)
-=-
Which could probably use some expansion/repointing. The "preauth" name kind of just implies in my mind "things you check before pam" -- I would have not looked there if not pointed.
You can also use doveadm for quite a lot of this sort of administration; this may be easier if you're scripting in shell rather than something more sophisticated.
I'm pretty much resigned to trying to parse the whole mailbox anyway, because I want functions like "when I move a message to the "threadkill" folder, move any message with the referenced messageid's in said message to folder X".
All this is in pursuit of making that little red number in my mail.app window meaningful -- and it seems the only real control plane mobile clients give you is the ability to move a message to a folder :)
I'd definitely consider something like an SSH key with a forced command (I do see questions in the FAQ about making dovecot work over a socket connection), but that forgoes using standard imap clients.
Well, I'm not sure what you consider 'standard' here, but there are both Perl and Python IMAP libraries which will connect to a command rather than a socket. If you're using a client which insists on connecting to an (INET) socket, it's a little harder; while you can obviously connect preauthed imap to a listening socket with netcat, that's not remotely secure.
I'm constructing a client, really. In perl, it looks like Mail::Box::Manager is the thing I want, in conjunction with the above.
I could also create a dovecot-only user with my UID and no other login privileges, but I'd like this to "just work" for anyone.
I believe with the latest 2.2 you can also do this with Kerberos principals, if you're running Kerberos; I haven't looked into this yet, but I mean to (for much the same reason).
we are at the day job, but I'm not doing so personally.
-Dan
--