[Dovecot] Forcibly emptying a POP3 mailbox
Hello,
I've recently saw a discussion on this list, about a standardised way of emptying POP3 mailboxes on the server - but no solution came up.
Please provide a suggestion for the following situation:
I am running a stock POP3 dovecot server, on Fedora 12 (dovecot version 1.2.9)
passwd-file authentication via /etc/imap.passwd
users are virtual, sharing the same UID/GID;
storage is in MailDir system;
for remote users, server is POP3-only, since the administrative policy says that every user should download his messages on the local workstation, then delete them from server immediately after succesful download.
IMAP is allowed only locally, in order to be used together via stock squirrelmail Web interface (for emergencies only)
However, there are users that check the infamous „Leave a copy on the server” checkbox (or equivalent) in their mail clients, eventually adding „Delete messages after X days”.
Since I have no direct administrative control on the clients, I absolutely need a way to forbid the above behaviour at server level, in order to enforce the policy. The server's HDD is meant to store received messages from reception to the first access only.
Filesystem quotas are not an option in this scenario, since the UID/GID is the same for all virtual users.
What I need is way to make sure that "cur" and "tmp" subdirectories are perfectly empty after the user downloads his mail.
(I will also need a way to make sure that users using squirrelmail leave no populated "Sent" and "Trash" folders on server's HDD, but that's offtopic here).
Could you please suggest a way to solve this ?
Thanks a lot,
Răzvan
you can always use softquotas (or Maildir quotas) for acchieving quotas on a virtual environment ... which dovecot can handle pretty well.
http://wiki.dovecot.org/Quota/Maildir
Em 03/02/2010 14:41, Răzvan Sandu escreveu:
Filesystem quotas are not an option in this scenario, since the UID/GID is the same for all virtual users.
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
gertrudes@solutti.com.br
My SPAMTRAP, do not email it-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 3 Feb 2010, Răzvan Sandu wrote:
- IMAP is allowed only locally, in order to be used together via stock squirrelmail Web interface (for emergencies only)
However, there are users that check the infamous „Leave a copy on the server” checkbox (or equivalent) in their mail clients, eventually adding „Delete messages after X days”.
Since I have no direct administrative control on the clients, I absolutely need a way to forbid the above behaviour at server level, in order to enforce the policy. The server's HDD is meant to store received messages from reception to the first access only.
Filesystem quotas are not an option in this scenario, since the UID/GID is the same for all virtual users.
What I need is way to make sure that "cur" and "tmp" subdirectories are perfectly empty after the user downloads his mail.
"tmp" is temp, hence, I do:
find /path -maxdepth 4 -name tmp -type d -print0 |
xargs -r0 /usr/local/sbin/emptyDir
==== emptyDir
find "$@" -type f -mtime +2 -delete
====
once a day anyway.
(I will also need a way to make sure that users using squirrelmail leave no populated "Sent" and "Trash" folders on server's HDD, but that's offtopic here).
Well, find /path -maxdepth 3 \( -name .Sent -o -name .Trash \) -print0 |
xargs -r0 /usr/local/sbin/emptyDir
Maybe:
# delete any Maildir mailboxes except INBOX for user in /path/*/Maildir; do # Maildir mailboxes start with a dot find "$user"/.[^.]* -type f -mtime +2 -delete rmdir -p "$user"/.[^.]*/* > /dev/null 2>&1 done
Could you please suggest a way to solve this ?
The problem IMHO is: that you allow IMAP access for emergency, but then want to delete cur/.
How about these:
Once a day you traverse the logs and check when an user has logged in with POP and IMAP, if login(POP) > login(IMAP), empty cur/ .
You do postlogin scripting: http://wiki.dovecot.org/PostLoginScripting for IMAP only. The script sets a flag to _not_ purge cur/ of the particular user once a day.
I would use "-mtime +1" to give each user one day to re-download the mail in case, well, of a problem.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS2qSnb+Vh58GPL/cAQKZSgf+Ohy80TcJhGppStH5DLScZ86MVbgNYKhJ Bgtvy3tU7wZGa4ZJJKNwEIlHKayJV7zgIhQehvSJmg53827BSgJ9kF6f+iBMCOZ6 Ye6UG5549sMicpTezs0MtYnv+xc8qWJs4mhAyjUblfHtiBvQYOxDqcX5uKvHpcqC Bp9GVYpo0TZCPw3qoixfN2aFL6xBDofxBk45uohWe4xWwwQZMwJt0AWbxNdpHtFV hVKlafgJqmvaOzdHq18zUjrdinBuvx60RSV9+XIReSf/Ig2dMK8KoGxi+nzLAg77 HW78XIdzRxmp9sAjedGIw46IlvCp+wq6qcm0jI7wk60ccb1m1fd3Vw== =7FlQ -----END PGP SIGNATURE-----
On Wed, Feb 03, 2010 at 06:41:34PM +0200, R??zvan Sandu wrote:
Please provide a suggestion for the following situation:
- I am running a stock POP3 dovecot server, on Fedora 12 (dovecot version 1.2.9)
...... ......
However, there are users that check the infamous ???Leave a copy on the
server??? checkbox (or equivalent) in their mail clients, eventually
adding ???Delete messages after X days???.Since I have no direct administrative control on the clients, I absolutely need a way to forbid the above behaviour at server level, in
order to enforce the policy. The server's HDD is meant to store received
messages from reception to the first access only.
Well-well-well. I don't know the situation with dovecot POP3 server, but look on RFC 2449 and especially "expire" extension.
I think there is other question and it is right one:
Can dovecot pop3 server deal with pop3 extensions (supports "capa" command) and can it deal with "expire" extension and how to use it?
Sorry that not much help...
WBR Dmitri Ivanov
On Fri, 2010-02-05 at 19:37 +0300, Dmitri V. Ivanov wrote:
Well-well-well. I don't know the situation with dovecot POP3 server, but look on RFC 2449 and especially "expire" extension.
I think there is other question and it is right one:
Can dovecot pop3 server deal with pop3 extensions (supports "capa" command) and can it deal with "expire" extension and how to use it?
I haven't looked at the expire extension, but my guess is that about zero clients support it, so it's not really relevant if Dovecot supports it or not.
On Fri, Feb 05, 2010 at 08:25:01PM +0200, Timo Sirainen wrote:
On Fri, 2010-02-05 at 19:37 +0300, Dmitri V. Ivanov wrote:
Well-well-well. I don't know the situation with dovecot POP3 server, but look on RFC 2449 and especially "expire" extension.
I think there is other question and it is right one:
Can dovecot pop3 server deal with pop3 extensions (supports "capa" command) and can it deal with "expire" extension and how to use it?
I haven't looked at the expire extension, but my guess is that about zero clients support it, so it's not really relevant if Dovecot supports it or not.
Curious...
Cyrus pop3d supports it for some reason, qpopper allows adding it into responce of "capa" pop3 command.
Some old pine releases was crashed with it...
But seem's you are right. There is no support with thunderbird for end-user. So this way to declare expiration policy isn't usefull... Sorry...
WBR Dmitri Ivanov
participants (5)
-
Dmitri V. Ivanov
-
Leonardo Rodrigues
-
Răzvan Sandu
-
Steffen Kaiser
-
Timo Sirainen