[Dovecot] Public dovecot namespace visible only to some users

[Joachim Breitner]

Hi,

I have a dovecot IMAP server (version 2.1.7) with Maildirs and a virtual
user setup (e.g. all accounts are mapped to the same system user). I’d
like to create a public namespace shared between users A and B, but not
any other user.

I tried to set up the namespace as follows:

        namespace {
          type = public
          separator = .
          prefix = INBOX.XFeeds.
          location = maildir:/var/vhosts/feeds:INDEX=~/Maildir/feeds/
          subscriptions = no
        }
        
together with a acl-file:

        /var/vhosts/feeds $ cat dovecot-acl
        user=A lrwstipekxa
        user=B lrwipk
        
Now user C cannot access the contents of the XFeeds mailbox, but it
still shows up in its IMAP client. How can I make sure that other users
cannot observe that this namespace exists?

Thanks,
Joachim


PS: If you collect serverfault reputation, feel free to answer on
http://serverfault.com/questions/544061/public-dovecot-namespace-visible-only-to-some-users as well :-)

PPS: Relevant parts of my configuration:

first_valid_uid = 109
last_valid_uid = 109
mail_gid = vhost
mail_location = maildir:~/Maildir
mail_privileged_group = mail
mail_uid = vhost
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
namespace {
  location = maildir:/var/vhosts/feeds:INDEX=~/Maildir/feeds/
  prefix = INBOX.XFeeds.
  separator = .
  subscriptions = no
  type = public
}
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = INBOX.
  separator = .
}
passdb {
  args = /etc/vhosts/dovecot-userdb
  driver = passwd-file
}
plugin {
  acl = vfile
  sieve = ~/dovecot.sieve
  sieve_dir = ~/sieve
}
userdb {
  args = uid=vhost gid=vhost home=/var/vhosts/%d/%n
  driver = static
}
protocol imap {
  mail_plugins = " acl"
}



-- 
Joachim “nomeata” Breitner
  mail at joachim-breitner.de • http://www.joachim-breitner.de/
  Jabber: nomeata at joachim-breitner.de  • GPG-Key: 0x4743206C
  Debian Developer: nomeata at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20131014/7107d704/attachment.bin>