Hi,
On my mail server I want to implement shared folders for each workgroup where there are many workgroups.
One way would be to create a separate namespace for each workgroup. However, this does not scale well so I decided to use a single Shared mailbox and use ACLs:
namespace public { separator = . prefix = Shared. location = maildir:/var/mail/shared:CONTROL=~/Maildir/shared }
Each workgroup should get a subfolder in "Shared". Until now, this works, I create .Group1, .Group2 and assign correct group permissions and ACL files.
However, now a user from group1 wants to create a subfolder in his IMAP folder. Since the permissions for /var/mail/shared/.Group1 are correct (writeable to group1 and the user is member of group1 and 'k' ACL permissions are active) I would expect it to work.
However, for obvious reasons, the *sub*folder is created as
/var/mail/shared/.Group1.Subfolder
so it is actually not a subfolder in sense of the filesystem but rather a folder inside /var/mail/shared
However, the user does (and should) not have write permissions to /var/mail/shared (only to /var/mail/shared/.Group1).
Is there a way to overcome this problem? Why can't dovecot just use /var/mail/shared/.Group1/.Subfolder? Is there an option to do so? It would make everything a lot easier.
The one option is to make /var/mail/shared world-writeable - which is not really a good option.
A second option might be to use ACLs and give each group write permissions to /var/mail/shared. However, not even this seems very "clean" to me.
What is the best way to handle this?
Best regards, Luke