[Dovecot] Easy way to make all mailboxes of a user read-only
Stephan von Krawczynski
skraw at ithnet.com
Thu Apr 11 16:24:49 EEST 2013
On Thu, 11 Apr 2013 16:15:23 +0300
Timo Sirainen <tss at iki.fi> wrote:
> On 11.4.2013, at 16.07, Stephan von Krawczynski <skraw at ithnet.com> wrote:
>
> > On Thu, 11 Apr 2013 16:00:22 +0300
> > Timo Sirainen <tss at iki.fi> wrote:
> >
> >> On 11.4.2013, at 15.07, Stephan von Krawczynski <skraw at ithnet.com> wrote:
> >>
> >>> I try to configure dovecot to make all imap accesses read-only for a certain
> >>> user. I thought this would be possible by creating a global acl file (here
> >>> "global-acl") like:
> >>
> >> Sorry, there is still no "default ACLs" feature in Dovecot. The only semi-easy way to do what you want is using filesystem permissions.
> >>
> >> This is something that really should be developed though.. But probably not until v2.3.
> >
> > Oh, that is _bad_. I cannot use fs permissions because the MTA (postfix) must
> > have write permissions (to the directories) to create the mail files...
>
> The MTA can work as it used to, if it can just set a group-read permission to the files. So your read-only user would belong to that read-only-group. I'm not sure how Postfix assigns permissions, but if it can't do that you could switch to Dovecot LDA/LMTP which can set the group correctly.
That is not the problem. I can set any type of permission on the mail file
itself. Only it does not help because dovecot nevertheless is able to move the
mails around or "delete" them by moving to trash box.
--
Regards,
Stephan
More information about the dovecot
mailing list