On 2/28/2013 12:40 PM, Bradley Rintoul wrote:

Hello:

I've been tasked with trying to find a way to keep users from ever "permanently" deleting emails. The users are running Thunderbird and are using the "Archive" option for when emails are deleted. However, they are still able to delete emails from the Archive folders... I'm wondering if there's any way that I can configure Dovecot to make sure that emails *never* get removed from the filesystem. I know it's probably kind of a bizarre request, but is there any way that Dovecot can help me out in this regard?

In addition to the answer of locking the Archive folder, provided by Michael, consider that requests of this kind often are the result of a client or customer having a problem for which they came up with the proposed solution.

I hope the machine has a lot of disk space.

Depending on where the machine is, laws may require keeping emails for a certain period of time, keeping them then purging them after a period of time, etc. By asking the requester what problem they have that this solution is trying to solve, you can often get to the root of the problem and offer a solution that may work better.

Forbidding archive deletion is going to require more work from the admin, because unless the admin is willing to regularly go through and manually delete old emails, eventually, the disk will fill up with all sorts of resulting problems.

Also, consider how this may impact mail server behavior if any quotas are in effect. Could be a clash.

Depending on what the original problem is, several solutions might be adding a dummy account and have all emails copied to it, on a separate drive (NFS, sshfs or dsync, maybe?) or using shared mailboxes.

Cheers.

Dem

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Thu, 28 Feb 2013, Bradley Rintoul wrote:

I've been tasked with trying to find a way to keep users from ever "permanently" deleting emails. The users are running Thunderbird and are using the "Archive" option for when emails are deleted. However, they are still able to delete emails from the Archive folders... I'm wondering if there's any way that I can configure Dovecot to make sure that emails *never* get removed from the filesystem. I know it's probably kind of a bizarre request, but is there any way that Dovecot can help me out in this regard?

hmm, I understand your request so that a) you want to prevent to delete any message, b) you want to prevent to delete from Archive.

For a) go with Robert's idea, e.g. add a global "before" Sieve script, that files a copy of the message into yet another mailbox hierarchie, the user has been restricted by ACLs. Or redirect a copy of these mails to yet another "backup" account the users may access via a shared namespace.

For b) ACLs may work. However, users cannot move messages around in the Archive anymore, I think.

Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUTBxIl3r2wJMiz2NAQLfvggAoPkEtp7VEpwbAC5zyo/ONt6S3h7CWDuS GxRyDLtqVEVbKd3RabUWGqDO167SzCEL/Tgq1QKHO8M2nqepanJ3ZCgguvajTnhg ITI/Lq1mbJtwzAJbK0WNx+qbKLCf84XWh7EiHHGzr9EFAKVnnWSNAHI3GrOPJak2 EoSKPAKDtNGFwjLc56vc+U3BG8DYhCsFHGuBLocIWQMo0qNj/aaw+kxeUWXD+dbi 1tayk8U7uL6b2k0rdlDv6Jxl8pSlQpnwnV2JABjQBtkPqjMGp2KeiqoKBjg5n7pn 5aniYnKsY6Abx0zpQYIZnUAMW1fAz1T39REBRR4vIDVJ62qAb3zjsQ== =B9Fv -----END PGP SIGNATURE-----