[Dovecot] Make entire mailbox read-only (ACLs?)
Hello,
Is there a way of locking a mailbox, effectively making it read-only to IMAP clients?
I've read through http://wiki2.dovecot.org/ACL. I created dovecot-acl with the content "owner lr" in .INBOX which seems to keep me from copying messages into the folder, but not out.
I have the plugin configured correctly, it seems, since MYRIGHTS command shows the correct value:
30 MYRIGHTS "INBOX"
- MYRIGHTS "INBOX" lr
Am I barking up the wrong tree? Is there an easier way to lock a mailbox? post-login scripting perhaps?
Thanks!
On Fri, 2011-12-09 at 11:16 -0800, David Jonas wrote:
Is there a way of locking a mailbox, effectively making it read-only to IMAP clients?
By "mailbox" you mean the user's all folders? This isn't possible currently, except by modifying filesystem permissions. A "default ACL for entire namespace" would be a nice feature, but it's just not done yet..
On Fri, 2011-12-09 at 11:16 -0800, David Jonas wrote:
Is there a way of locking a mailbox, effectively making it read-only to IMAP clients? By "mailbox" you mean the user's all folders? This isn't possible currently, except by modifying filesystem permissions. A "default ACL for entire namespace" would be a nice feature, but it's just not done yet.. Looks like changing the filesystem permissions gets me what I'm looking for. I simply removed write permissions for {cur,tmp,new}. Mailbox access seems to work just fine. Thunderbird shows the server responding with "SERVERBUG" and I get a "Permission denied" error in the logs,
On 12/9/11 9:13 PM, Timo Sirainen wrote: though. Not a big deal, the users will be notified before hand. Thanks!
On Fri, 2011-12-09 at 22:00 -0800, David Jonas wrote:
On Fri, 2011-12-09 at 11:16 -0800, David Jonas wrote:
Is there a way of locking a mailbox, effectively making it read-only to IMAP clients? By "mailbox" you mean the user's all folders? This isn't possible currently, except by modifying filesystem permissions. A "default ACL for entire namespace" would be a nice feature, but it's just not done yet.. Looks like changing the filesystem permissions gets me what I'm looking for. I simply removed write permissions for {cur,tmp,new}. Mailbox access seems to work just fine. Thunderbird shows the server responding with "SERVERBUG" and I get a "Permission denied" error in the logs,
On 12/9/11 9:13 PM, Timo Sirainen wrote: though. Not a big deal, the users will be notified before hand. Thanks!
If you remove the write permissions also from the parent Maildir (or possibly some other files too), it shouldn't send SERVERBUG.
participants (2)
-
David Jonas
-
Timo Sirainen