[Dovecot] Providing shared folders with multiple backend servers

Sven Hartge sven at svenhartge.de
Mon Jan 9 21:31:58 EET 2012


Timo Sirainen <tss at iki.fi> wrote:
> On 9.1.2012, at 20.47, Sven Hartge wrote:

>>>> Can "mmap_disable = yes" and the other NFS options be set per
>>>> namespace or only globally?
>> 
>>> Currently only globally.
>> 
>> Ah, too bad.
>> 
>> Back to the drawing board then.

> mmap_disable=yes works pretty well even if you're only using it for local filesystems. It just spends some more memory when reading dovecot.index.cache files.

>> Implementing my idea in my environment using a cluster filesystem would
>> be a very big pain in the lower back, so I need a different idea to
>> share the shared folders with all nodes but still keeping the user
>> specific mailboxes fixed and local to a node.
>> 
>> The imapc backed namespace you mentioned sounds very interesting, but
>> this is not implemented right now for shared folders, is it?

> Well.. If you don't need users sharing mailboxes to each others, 

God heavens, no! If I allowed users to share their mailboxes with other
users, hell would break loose. Nononono, just shared folders set up by
the admin team, statically assigned to groups of users (for example, the
central postmaster@ mail alias ends in such a shared folder).

> then you can probably already do this with Dovecot v2.1:

> 1. Configure the user Dovecots:

> namespace {
>  type = public
>  prefix = Shared/
>  location = imapc:~/imapc-shared
> }
> imapc_host = sharedmails.example.com
> imapc_password = master-user-password

> # With latest v2.1 hg you can do:
> imapc_user = shareduser
> imapc_master_user = %u
> # With v2.1.rc2 and older you need to do:
> imapc_user = shareduser*%u
> auth_master_user_separator = *

So, in my case, this would look like this:

,----
| # User's private mail location
| mail_location = mdbox:~/mdbox
|
| # When creating any namespaces, you must also have a private namespace:
| namespace {
|   type = private
|   separator = .
|   prefix = INBOX.
|   #location defaults to mail_location.
|   inbox = yes
| }
|
| namespace {
|   type = public
|   separator = .
|   prefix = #shared.
|   location = imapc:~/imapc-shared
|   subscriptions = no
| }
|
| imapc_host = m-st-sh-01.foo.bar
| imapc_password = master-user-password
| imapc_user = shareduser
| imapc_master_user = %u
`----

Where do I add "list = children"? In the user-dovecots shared namespace
or on the shared-dovecots private namespace?

> 2. Configure the shared Dovecot:

> You need master passdb that allows all existing users to log in as "shareduser" user. You can probably simply do (not tested):

> passdb {
>  type = static
>  args = user=shareduser pass=master-user-password
>  master = yes
> }

> The "shareduser" owns all of the actual shared mailboxes and has the
> necessary ACLs set up for individual users. ACLs use the master
> username (= the real username in this case) to do the ACL checks.

So this is kind of "backwards", since normally the imapc_master_user would be
the static user and imapc_user would be dynamic, right?

All in all, a _very_ interesting configuration.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.




More information about the dovecot mailing list