On 07/02/2024 12:31 EET dovecot--- via dovecot<dovecot@dovecot.org> wrote:
I have configured a shared private namespace in dovecot so that, via ACLs, users can access other users' mailboxes.
I set up a quota for each user and this also works well. The quota is monitored and new messages are denied if the quota is exceeded.
There is one problem though: apparently dovecot treats shared mailboxes in relation to the current user's quota, it does not consider (as would be appropriate) the shared mailbox owner's quota.
I will try to explain better with a couple of examples.
==============
Consider the following case:
user1 has a quota of 1MB, totally available user2 has a quota of 10MB, totally available user1 shares the "Sales" mailbox with user2 user2 copies a 500KB message to the shared "Sales" mailbox user1's quota will be correctly deducted by 500KB, thus resulting in 0.5MB available
At this point, however, let's try another operation:
user2 copies an 800KB message to the shared "Sales" mailbox.
The server should return error because this way user1 exceeds the allocated quota of 1MB (500KB + 800KB), but instead the copy operation succeeds.
This happens because at the time of the copy operation, dovecot considers the quota limit of user2 instead of considering the quota limit of user1.
==============
Let us consider another case, performing the same operations but where the user quota limits are reversed (user1 has a larger quota than user2):
user1 has a quota of 10MB, totally available user2 has a quota of 1MB, totally available user1 shares the "Sales" mailbox with user2 user2 copies a 500KB message to the shared mailbox "Sales"
The operation fails by overquota, because again dovecot considers user2's quota limit instead of considering user1's quota limit. Therefore, it is as if user2, with a 1MB limit, tries to write to a "larger" area (10MB).
As a counterevidence, setting user1 and user2 with the same quota limit, the operation succeeds perfectly.
==============
Can anyone help me solve the problem? Is this a problem that is related to my configuration? Below I attach the output of dovecot -n
Try
plugin { quota_rule=Shared/*:ignore }
Aki
Thanks Aki, your suggestion definitely fixed the error of copying messages to a shared mailbox, great!
But it is not clear to me whether this way the quota of the shared mailbox is still taken into account, or ignored completely. If it were ignored completely, in theory it would be possible for another account to copy or move messages to a shared folder without any limit, exceeding the quota that should be enforced on the main account.
What are your thoughts on this?
Gabriele
On 07/02/2024 12:31 EET dovecot--- via dovecot
<dovecot@dovecot.org> wrote:
I have configured a shared private namespace in dovecot so
that, via ACLs, users can access other users' mailboxes.
I set up a quota for each user and this also works well.
The quota is monitored and new messages are denied if the
quota is exceeded.
There is one problem though: apparently dovecot treats
shared mailboxes in relation to the current user's quota,
it does not consider (as would be appropriate) the shared
mailbox owner's quota.
I will try to explain better with a couple of examples.
==============
Consider the following case:
user1 has a quota of 1MB, totally available
user2 has a quota of 10MB, totally available
user1 shares the "Sales" mailbox with user2
user2 copies a 500KB message to the shared "Sales"
mailbox
user1's quota will be correctly deducted by 500KB, thus
resulting in 0.5MB available
At this point, however, let's try another operation:
user2 copies an 800KB message to the shared "Sales"
mailbox.
The server should return error because this way user1
exceeds the allocated quota of 1MB (500KB + 800KB), but
instead the copy operation succeeds.
This happens because at the time of the copy operation,
dovecot considers the quota limit of user2 instead of
considering the quota limit of user1.
==============
Let us consider another case, performing the same
operations but where the user quota limits are reversed
(user1 has a larger quota than user2):
user1 has a quota of 10MB, totally available
user2 has a quota of 1MB, totally available
user1 shares the "Sales" mailbox with user2
user2 copies a 500KB message to the shared mailbox
"Sales"
The operation fails by overquota, because again dovecot
considers user2's quota limit instead of considering
user1's quota limit. Therefore, it is as if user2, with a
1MB limit, tries to write to a "larger" area (10MB).
As a counterevidence, setting user1 and user2 with the same
quota limit, the operation succeeds perfectly.
==============
Can anyone help me solve the problem? Is this a problem
that is related to my configuration?
Below I attach the output of dovecot -n
Try
plugin {
quota_rule=Shared/*:ignore
}
Aki
Thanks Aki, your suggestion definitely fixed the error of copying messages to a shared mailbox, great!
But it is not clear to me whether this way the quota of the shared mailbox is still taken into account, or ignored completely. If it were ignored completely, in theory it would be possible for another account to copy or move messages to a shared folder without any limit, exceeding the quota that should be enforced on the main account.
What are your thoughts on this?
Gabriele