[Dovecot] delegation of admin rights

Ariel Biener ariel at post.tau.ac.il
Mon May 23 18:07:42 EEST 2011



Hello,


  We're a rather largish university (largest in Israel), with some
60-70k users, using Dovecot 1.2.14
(we're cautious about moving to 2.0.x for now).

   We need to provide admin rights to faculty computer/IT staff, so they
can have access to the mailboxes
of their respective users. We use LDAP as an
authentication/authorization backend.

    Currently, dovecot has a "master user" which can access all
mailboxes. I am looking for a solution,
preferably within dovecot, to create a delegation type of
administration, allowing certain users to
access the mailboxes of other users based on an LDAP filter or LDAP
attribute value. If possible,
allowing per protocol access(that is, I would like to give them IMAP
access and not POP3) and within IMAP
allowing only to view a mailbox, but not to change it, that would be
even better.

    Does anyone on this list know of any IMAP proxy providing such
abilities, and also, would the Dovecot team
consider this as a candidate for a request for enhancement ?  This would
be very useful in a delegated administration
environment, like most larger organizations, hosting & ISP, and other
environments where delegation is an important
and very much needed ability.

thanks a bunch,

-- Ariel
 --
 Ariel Biener
 e-mail: ariel at post.tau.ac.il
 PGP: http://www.tau.ac.il/~ariel/pgp.html



More information about the dovecot mailing list