Bug/feature: mail fs pollution on IMAP select namespace/{non-existent}
Hi all,
I have noticed a strange behavior with dovecot (tested with 2.2.13). I use shared folders to share mailboxes between users. I have a namespace called "Accounts" that hosts the shared folder for the users (prefix Accounts/%%n/). However, When I issue an IMAP select command on a random non-existent mailbox name under "Accounts", dovecot auto-creates it and pollutes my mail root directory:
Python test code snippet:
imapConn=imaplib.IMAP4_SSL(serverIP, serverPort) imapConn.login(serverLogin, serverPass) print imapConn.select("Accounts/NonExistentMailbox") imapConn.logout()
Resulting in this:
drwxr-x--- 1 vmail vmail 4096 Jun 12 10:00 _attachments_
drwx------ 1 vmail vmail 4096 Jun 24 14:27 NonExistentMailbox <<< drwxr-x--- 1 vmail vmail 4096 Jun 24 00:54 user1 drwxr-x--- 1 vmail vmail 4096 Jun 24 01:24 user2 ... -rwxr-x--- 1 vmail vmail 72 Jun 24 14:27 shared-mailboxes.db
ls -l NonExistentMailbox/
-rw------- 1 vmail vmail 0 Jun 24 14:27 dovecot-acl-list drwx------ 1 vmail vmail 4096 Jun 24 14:27 mailboxes <<< (empty)
I attached a debug log and and my sanitized dovecot config.
Please help! Is this a bug or a feature? I assume it might even cause more serious problems e.g., if I would select "Accounts/_attachments_" or something similar... I noticed this behavior with the latest Thunderbird client when I tried to subscribe to shared folders and it started to pollute my mail dirs (which signals that Thunderbird might be also buggy as it should not select non-existent folders under "Accounts"). I just reproduced it for simplicity with the above python script.
Best regards,
Peter
debug log
Jun 24 14:27:51 efi-backup dovecot: imap-login: Login: user=user2@domain.com, method=PLAIN, rip=192.168.1.1, lip=192.168.1.3, mpid=10787, TLS, session=<t36aFpT8ggDAqAEB> Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_zlib_plugin.so Jun 24 14:27:51 efi-backup dovecot: imap: Debug: Added userdb setting: plugin/master_user=user2@domain.com Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: Effective uid=5000, gid=5000, home=/mail/mailboxes/domain.com/user2 Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:~ Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: fs: root=/mail/mailboxes/domain.com/user2, index=, indexpvt=, control=, inbox=, alt= Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: initializing backend with data: vfile Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: acl username = user2@domain.com Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: owner = 1 Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl vfile: Global ACLs disabled Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: Namespace : type=shared, prefix=Accounts/%n/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=mdbox:/mail/mailboxes/%d/%n:INDEX=/mail/mailboxes/%d/%n:INDEXPVT=/mail/mailboxes/domain.com/user2/indexpvt-accounts/%n Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: initializing backend with data: vfile Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: acl username = user2@domain.com Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: owner = 0 Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl vfile: Global ACLs disabled Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: fs: root=/mail/mailboxes/domain.com/NonExistentMailbox, index=, indexpvt=/mail/mailboxes/domain.com/user2/indexpvt-accounts/NonExistentMailbox, control=, inbox=, alt= Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: Namespace : /mail/mailboxes/domain.com/NonExistentMailbox doesn't exist yet, using default permissions Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: Namespace : Using permissions from /mail/mailboxes/domain.com/NonExistentMailbox: mode=0700 gid=default Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: initializing backend with data: vfile Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: acl username = user2@domain.com Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: owner = 0 Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl vfile: Global ACLs disabled Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: fs: root=/mail/mailboxes/domain.com/NonExistentMailbox, index=, indexpvt=/mail/mailboxes/domain.com/user2/indexpvt-accounts/NonExistentMailbox, control=, inbox=, alt= Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: initializing backend with data: vfile Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: acl username = user2@domain.com Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl: owner = 0 Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl vfile: Global ACLs disabled Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl vfile: file /mail/mailboxes/domain.com/NonExistentMailbox/mailboxes/INBOX/dbox-Mails/dovecot-acl not found Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: Namespace Accounts/NonExistentMailbox/: Using permissions from /mail/mailboxes/domain.com/NonExistentMailbox: mode=0700 gid=default Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Debug: acl vfile: file /mail/mailboxes/domain.com/NonExistentMailbox/mailboxes/INBOX/dbox-Mails/dovecot-acl not found Jun 24 14:27:51 efi-backup dovecot: imap(user2@domain.com): Disconnected: Logged out in=56 out=481
doveconf -n
# 2.2.13 (38cd37cea8b1): /etc/dovecot/dovecot.conf auth_master_user_separator = * auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = plain hostname = mail.domain.com listen = * login_greeting = $hostname IMAP server mail_attachment_dir = /mail/mailboxes/%d/_attachments_ mail_attachment_fs = sis-queue /mail/mailboxes/%d/_attachments_/queue:posix mail_attachment_min_size = 16 k mail_debug = yes mail_location = mdbox:~ mail_plugins = " zlib acl" mdbox_rotate_interval = 5 days mdbox_rotate_size = 5 M namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = mdbox:/mail/mailboxes/%%d/%%n:INDEX=/mail/mailboxes/%%d/%%n:INDEXPVT=/mail/mailboxes/%d/%n/indexpvt-accounts/%%n prefix = Accounts/%%n/ separator = / subscriptions = no type = shared } passdb { args = /mail/config/dovecot/passwd driver = passwd-file } passdb { args = /mail/config/dovecot/passwd-master driver = passwd-file master = yes pass = yes } plugin { acl = vfile acl_defaults_from_inbox = yes acl_shared_dict = file:/mail/mailboxes/%d/shared-mailboxes.db zlib_save = gz zlib_save_level = 6 } postmaster_address = postmaster@domain.com protocols = imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } } ssl = required ssl_cert =
On 24.6.2014, at 16.04, Peter Benko pbopbo@freemail.hu wrote:
I have noticed a strange behavior with dovecot (tested with 2.2.13). I use shared folders to share mailboxes between users. I have a namespace called "Accounts" that hosts the shared folder for the users (prefix Accounts/%%n/). However, When I issue an IMAP select command on a random non-existent mailbox name under "Accounts", dovecot auto-creates it and pollutes my mail root directory: .. mail_location = mdbox:~ .. namespace { list = children location = mdbox:/mail/mailboxes/%%d/%%n:INDEX=/mail/mailboxes/%%d/%%n:INDEXPVT=/mail/mailboxes/%d/%n/indexpvt-accounts/%%n
location = mdbox:%%h:INDEXPVT=/mail/mailboxes/%d/%n/indexpvt-accounts/%%n
This forces Dovecot to do a userdb lookup for the user to get the home dir, which should fail if the user doesn't exist.
participants (2)
-
Peter Benko
-
Timo Sirainen