Shared mailbox visible but not readable
After the previous thread, I am now able to see / list the structure of a shared mailbox but cannot see the messages.
doveadm acl get -u test2 INBOX ID Global Rights user=test1 admin create delete expunge insert lookup post read write write-deleted write-seen
dovecot -n # 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.13 (cdd19fe3) # OS: Linux 5.10.0-10-amd64 x86_64 Debian 11.2 ext4 # Hostname: server.example.com auth_debug = yes auth_default_realm = EXAMPLE.COM auth_gssapi_hostname = server.example.com auth_krb5_keytab = /etc/keytab/dovecot.keytab auth_master_user_separator = * auth_mechanisms = gssapi gss-spnego plain auth_realms = EXAMPLE.COM auth_verbose = yes first_valid_gid = 986 first_valid_uid = 990 hostname = server.example.com imap_client_workarounds = tb-extra-mailbox-sep imap_max_line_length = 2 M login_greeting = Dovecot ready. mail_debug = yes mail_gid = 986 mail_location = maildir:/srv/mail/vmail/example.com/%n/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEX=/srv/mail/vmail/example.com/%n/index:CONTROL=/srv/mail/vmail/example.com/%n/control:VOLATILEDIR=/srv/mail/vmail/example.com/%n/volatile mail_plugins = zlib notify push_notification listescape acl mail_shared_explicit_inbox = yes mail_uid = 990 namespace { hidden = no list = children location = maildir:/srv/mail/vmail/example.com/%%n/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEXPVT=/srv/mail/vmail/example.com/%n/index_shared/%%u:CONTROL=/srv/mail/vmail/example.com/%%n/control:VOLATILEDIR=/srv/mail/vmail/example.com/%%n/volatile prefix = shared~%%n~ separator = ~ subscriptions = no type = shared } namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Inbox { auto = subscribe } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = separator = ~ subscriptions = yes type = private } passdb { args = username_format=%u /etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = /etc/dovecot/ldap_user_to_principal.conf.ext driver = ldap pass = yes } passdb { args = nopassword=y allow_nets=127.0.0.1/32 driver = static } passdb { driver = pam } plugin { acl = vfile acl_defaults_from_inbox = yes acl_shared_dict = file:/srv/mail/dovecot/lib/shared-mailboxes.db acl_user = %n autocreate = Trash autocreate2 = Drafts autocreate3 = Sent autosubscribe = Trash autosubscribe2 = Drafts autosubscribe3 = Sent } protocols = " imap lmtp submission" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imap_local { address = 127.0.0.1 port = 144 ssl = no } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 1 } service indexer-worker { vsz_limit = 2 G } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service submission-login { inet_listener submission { port = 465 ssl = yes } } ssl = required ssl_cert = </etc/dovecot/private/dovecot.pem ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM ssl_client_ca_dir = /etc/ssl/certs ssl_curve_list = X25519:secp521r1:secp384r1:prime256v1 ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_min_protocol = TLSv1.2 submission_client_workarounds = whitespace-before-path submission_relay_host = localhost userdb { args = /etc/dovecot/ldap_user_domain.conf.ext driver = ldap result_success = continue } userdb { args = uid=vmail gid=vmail home=/srv/mail/vmail allow_all_users=yes driver = static } protocol lmtp { mail_plugins = zlib notify push_notification listescape acl } protocol lda { mail_plugins = zlib notify push_notification listescape acl } protocol imap { mail_max_userip_connections = 50 mail_plugins = zlib notify push_notification listescape acl imap_acl }
Server-side logging: Feb 17 18:19:46 server dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=wnsM+TnYeNt/AAAB#011lip=127.0.0.1#011rip=127.0.0.1#011lport=144#011rport=56184#011resp=<hidden> Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1@example.com,127.0.0.1,<wnsM+TnYeNt/AAAB>): Performing passdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1@example.com,127.0.0.1,<wnsM+TnYeNt/AAAB>): pass search: base=OU=User Accounts,OU=Interactive Users,OU=Groupware,DC=example,DC=com scope=subtree filter=(&(objectClass=user)(sAMAccountName=test1)(memberOf:1.2.840.113556.1.4.1941:=CN=mail_user-example.com,OU=Mail Domains,OU=Groups,DC=example,DC=com)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) fields=userPrincipalName Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1@example.com,127.0.0.1,<wnsM+TnYeNt/AAAB>): result: userPrincipalName=test1@example.com; userPrincipalName unused Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1@example.com,127.0.0.1,<wnsM+TnYeNt/AAAB>): username changed test1@example.com -> test1 Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Finished passdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: static(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Performing passdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: static(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): lookup Feb 17 18:19:46 server dovecot: auth: Debug: static(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): allow_nets: Matching for network 127.0.0.1/32 Feb 17 18:19:46 server dovecot: auth: Debug: static(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Finished passdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: auth(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Auth request finished Feb 17 18:19:46 server dovecot: auth: Debug: client passdb out: OK#0111#011user=test1#011k5principals=test1@example.com Feb 17 18:19:46 server dovecot: auth: Debug: master in: REQUEST#011674496513#011982757#0111#011bdc4ed95a66c86ed9e287682de2cc297#011session_pid=982760#011request_auth_token Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Performing userdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): user search: base=OU=User Accounts,OU=Interactive Users,OU=Groupware,DC=example,DC=com scope=subtree filter=(&(objectClass=user)(sAMAccountName=test1)(memberOf:1.2.840.113556.1.4.1941:=CN=mail_user-,OU=Mail Domains,OU=Groups,DC=example,DC=com)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) fields= Feb 17 18:19:46 server dovecot: auth: Debug: auth client connected (pid=982759) Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): no fields returned by the server Feb 17 18:19:46 server dovecot: auth: ldap(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): unknown user Feb 17 18:19:46 server dovecot: auth: Debug: ldap(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Finished userdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: static(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Performing userdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: static(test1,127.0.0.1,<wnsM+TnYeNt/AAAB>): Finished userdb lookup Feb 17 18:19:46 server dovecot: auth: Debug: master userdb out: USER#011674496513#011test1#011uid=990#011gid=986#011home=/srv/mail/vmail#011auth_mech=PLAIN#011auth_token=7f5013248866ebfbfb636b8de817aad6ac5af767 Feb 17 18:19:46 server dovecot: imap-login: Login: user=<test1>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=982760, secured, session=<wnsM+TnYeNt/AAAB> Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Effective uid=990, gid=986, home=/srv/mail/vmail Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Namespace inbox: type=private, prefix=, sep=~, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/srv/mail/vmail/example.com/test1/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEX=/srv/mail/vmail/example.com/test1/index:CONTROL=/srv/mail/vmail/example.com/test1/control:VOLATILEDIR=/srv/mail/vmail/example.com/test1/volatile Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: fs: root=/srv/mail/vmail/example.com/test1/store, index=/srv/mail/vmail/example.com/test1/index, indexpvt=, control=/srv/mail/vmail/example.com/test1/control, inbox=, alt= Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: initializing backend with data: vfile Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: acl username = test1 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: owner = 1 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl vfile: Global ACLs disabled Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Namespace : type=shared, prefix=shared~%n~, sep=~, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/srv/mail/vmail/example.com/%n/store:LAYOUT=fs:FULLDIRNAME=0_FolderContent:UTF-8:INDEXPVT=/srv/mail/vmail/example.com/test1/index_shared/%u:CONTROL=/srv/mail/vmail/example.com/%n/control:VOLATILEDIR=/srv/mail/vmail/example.com/%n/volatile Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: shared: root=/run/dovecot, index=, indexpvt=, control=, inbox=, alt= Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: fts: Indexes disabled for namespace 'shared~%n~' Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: initializing backend with data: vfile Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: acl username = test1 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: owner = 0 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl vfile: Global ACLs disabled Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: fs: root=/srv/mail/vmail/example.com/test2/INBOX/store, index=, indexpvt=/srv/mail/vmail/example.com/test1/index_shared/test2/INBOX, control=/srv/mail/vmail/example.com/test2/INBOX/control, inbox=, alt= Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: initializing backend with data: vfile Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: acl username = test2/INBOX Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: owner = 1 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl vfile: Global ACLs disabled Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: fs: root=/srv/mail/vmail/example.com/test2/INBOX/store, index=, indexpvt=/srv/mail/vmail/example.com/test1/index_shared/test2/INBOX, control=/srv/mail/vmail/example.com/test2/INBOX/control, inbox=, alt= Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: initializing backend with data: vfile Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: acl username = test1 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl: owner = 0 Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: acl vfile: Global ACLs disabled Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Mailbox shared~test2~INBOX: Mailbox opened because: SELECT Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Logged out in=245 out=1711 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Client-side logging: S[0x55ae80a7bb00]: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=GSSAPI AUTH=GSS-SPNEGO AUTH=PLAIN] Dovecot ready. C[0x55ae808c12d0]: 1 login "test1" "" S[0x55ae80a7bb00]: 1 OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY STATUS=SIZE SAVEDATE LITERAL+ NOTIFY SPECIAL-USE ACL RIGHTS=texk] Logged in C[0x55ae808c12d0]: 2 capability S[0x55ae80a7bb00]: * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY STATUS=SIZE SAVEDATE LITERAL+ NOTIFY SPECIAL-USE ACL RIGHTS=texk S[0x55ae80a7bb00]: 2 OK Capability completed (0.001 + 0.000 secs). C[0x55ae808c12d0]: 3 ID ("x-originating-ip" "192.168.10.106") S[0x55ae80a7bb00]: * ID ("name" "Dovecot") S[0x55ae80a7bb00]: 3 OK ID completed (0.001 + 0.001 secs). C[0x55ae808c12d0]: 4 namespace S[0x55ae80a7bb00]: * NAMESPACE (("" "~")) (("shared~" "~")) NIL S[0x55ae80a7bb00]: 4 OK Namespace completed (0.001 + 0.000 secs). C[0x55ae808c12d0]: 5 LIST "" "" S[0x55ae80a7bb00]: * LIST (\Noselect) "~" "" S[0x55ae80a7bb00]: 5 OK List completed (0.001 + 0.001 secs). C[0x55ae808c12d0]: 6 select "INBOX" S[0x55ae80a7bb00]: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) S[0x55ae80a7bb00]: * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. S[0x55ae80a7bb00]: * 1 EXISTS S[0x55ae80a7bb00]: * 0 RECENT S[0x55ae80a7bb00]: * OK [UIDVALIDITY 1637177527] UIDs valid S[0x55ae80a7bb00]: * OK [UIDNEXT 2] Predicted next UID S[0x55ae80a7bb00]: * OK [HIGHESTMODSEQ 10] Highest S[0x55ae80a7bb00]: 6 OK [READ-WRITE] Select completed (0.001 + 0.000 secs). C[0x55ae808c12d0]: 7 UID SEARCH (UNSEEN NOT DELETED) S[0x55ae80a7bb00]: * SEARCH S[0x55ae80a7bb00]: 7 OK Search completed (0.001 + 0.001 secs). C[0x55ae808c12d0]: 8 select "shared~test2~INBOX" S[0x55ae80a7bb00]: * OK [CLOSED] Previous mailbox closed. S[0x55ae80a7bb00]: 8 NO [CANNOT] Invalid mailbox name 'shared~test2~INBOX': Missing namespace prefix 'shared~test2/INBOX~' (0.001 + 0.001 secs). C[0x55ae808c12d0]: 9 logout S[0x55ae80a7bb00]: * BYE Logging out
This issue I am facing is this: 8 NO [CANNOT] Invalid mailbox name 'shared~test2~INBOX': Missing namespace prefix 'shared~test2/INBOX~'
The server-side seems to think everything is fine: Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Mailbox shared~test2~INBOX: Mailbox opened because: SELECT
But I do not get to see any messages in test2's shared mailbox. How to debug this? Or better: how to fix it :-) ??
- Kees
On 17/02/2022 19:34 Kees van Vloten <keesvanvloten@gmail.com> wrote:
After the previous thread, I am now able to see / list the structure of a shared mailbox but cannot see the messages.
doveadm acl get -u test2 INBOX ID Global Rights user=test1 admin create delete expunge insert lookup post read write write-deleted write-seen
This issue I am facing is this: 8 NO [CANNOT] Invalid mailbox name 'shared~test2~INBOX': Missing namespace prefix 'shared~test2/INBOX~'
The server-side seems to think everything is fine: Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Mailbox shared~test2~INBOX: Mailbox opened because: SELECT
But I do not get to see any messages in test2's shared mailbox. How to debug this? Or better: how to fix it :-) ??
- Kees
There is no explicit INBOX, unless you ask for it. The INBOX is shared~test2/
See https://doc.dovecot.org/settings/core/#core_setting-mail_shared_explicit_inb...
Aki
On 17-02-2022 18:45, Aki Tuomi wrote:
On 17/02/2022 19:34 Kees van Vloten <keesvanvloten@gmail.com> wrote:
After the previous thread, I am now able to see / list the structure of a shared mailbox but cannot see the messages.
doveadm acl get -u test2 INBOX ID Global Rights user=test1 admin create delete expunge insert lookup post read write write-deleted write-seen
This issue I am facing is this: 8 NO [CANNOT] Invalid mailbox name 'shared~test2~INBOX': Missing namespace prefix 'shared~test2/INBOX~'
The server-side seems to think everything is fine: Feb 17 18:19:46 server dovecot: imap(test1)<982760><wnsM+TnYeNt/AAAB>: Debug: Mailbox shared~test2~INBOX: Mailbox opened because: SELECT
But I do not get to see any messages in test2's shared mailbox. How to debug this? Or better: how to fix it :-) ??
- Kees There is no explicit INBOX, unless you ask for it. The INBOX is shared~test2/
See https://doc.dovecot.org/settings/core/#core_setting-mail_shared_explicit_inb...
Aki
I asked for it, from "dovecot -n":
mail_shared_explicit_inbox = yes plugin { acl_defaults_from_inbox = yes }
But then again, any folder of the shared user has the same behavior.
participants (2)
-
Aki Tuomi
-
Kees van Vloten