[Dovecot] using Lazy_Expunge to enforce retention policy

Jim Salter jim at jrs-s.net
Mon Jul 26 21:35:00 EEST 2010


Is that something we can look forward to in the near future?

I had originally intended to just hack in my own fast-and-dirty patch to 
add a "purged" directory alongside cur, new, and tmp in each maildir, 
and have expunged mails get mv'ed into ../pur rather than get rm'ed.  
Lazy_Expunge seems like a much more elegant solution, but if users can 
delete the emails anyway it's not really fitting the bill.

For my own purposes, I don't necessarily care a lot whether the users 
can see deleted mails or not... I just don't want them to be able to 
permanently delete them in violation of retention policy.

Thanks for your time - and for Dovecot, which I've been using since 
something like 0.4 or so. =)



Timo Sirainen wrote:
> On Sun, 2010-07-25 at 15:37 -0400, Jim Salter wrote:
>
>   
>> How can I use Lazy_Expunge to completely PREVENT users from deleting 
>> email permanently?
>>     
>
> I guess currently there is no easy way to do it. You could use
> non-guessable prefixes, but that's security through obscurity..
>
> I was first thinking about using a default ACL file, but that doesn't
> really work either. I guess I should some day implement proper "default
> ACLs for a namespace" support..
>
>
>   


More information about the dovecot mailing list