[Dovecot] Questions still about a uw-imap -> dovecot conversion

[Joseph Tam]

Steve Campbell <campbell at cnpapers.com> writes:

> >     This was piped into a script that Email'd users about the changes
> >     that was going to happen, what they would expect to see, and a
> >     FAQ on how to set up a mail client correctly.
> 
> Here, I'm not sure what should be done. The users with the secondary 
> folders that are not in ~/mail can't seem to get the client configured.

"Great artists steal".  Google around for a good set of instructions
on how to set up IMAP prefix's for various mail clients, and refer
your users to that.

I also referred them to our webmail (with the correct mail prefix) as a
reference to a list of mailboxes they ought to see.  If they don't match,
then that's a symptom of a bad prefix.

> I've tried this and modified the .mailboxlist, but I'm thinking Dovecot 
> is ignoring this and I'm not sure what it's looking at to determine the 
> imap folders.
>
> >         - .subscription files were moved into the mail folder
> >         (don't have to edit prefixes since the aliasing
> >         will take care of that).
> 
> And when would these .subscription files be created? The first time the 
> folders would be accessed, or when? This seems to be part of my fix that 
> I'm getting lost on.

Sorry, as Timo intimated, dovecot uses .subscription, which can
be adjusted back to .mailboxlist, which uw-imapd uses.  You shouldn't
have to edit it if you set up namespace aliasing.  Just move it from
the top-level into your user's mail directory during cutover:

 	(if you use dovecot's default subscription filename)
 	mv $USER/.mailboxlist $USER/mail/.subscription

If your IMAP client is still ignoring subscriptions, it usually
means the client was configured that way.

> >     - your setup is fairly close to mine, so you may also run into
> >     the problem of user having mailboxes with group ownership that
> >     users are not part of (for example, group "mail" for INBOX set
> >     by your LDA or personal mailboxes with groups the user is no
> >     longer a member of) *and* with group permission not mode=0.
> 
> Sendmail sort of requires the "mail" group, does it not? I'll take a 
> look and see if all users are part of this or not. A crazy solution 
> would be in order here?

I think sendmail works fine if you set your mail spool mode=1777 (like
/tmp), but have each inbox mode=0600.  This setting will persist.

It's sendmail LDA mail.local that's the problem: it autocreates new
inboxes with permissions user:mail/660 and unless the user is in group
"mail", chaos will ensue.

You can maybe do a cron script or some other hack, or better yet,
use dovecot LDA, which sets up the perms correctly (and keeps indexes
updated).  A one time "chmod go-rwx" during cutover is all that is
required then.

The log entry that points this problem out looks like

 	dovecot: imap(smith): Error: chown(/dc-cache/smith/.imap/xx, group=6(mail)) failed: Operation not permitted (egid=5678(goodgroup), group based on /home/smith/mail/xx - see http://wiki2.dovecot.org/Errors/ChgrpNoPerm)
 	dovecot: imap(smith): Error: mkdir(/dc-cache/smith/.imap/xx) failed: Not owner

Joseph Tam <jtam.home at gmail.com>