limit sharing ability to certain users

Aki Tuomi aki.tuomi at dovecot.fi
Mon Aug 6 08:26:47 EEST 2018


You could do

userdb {
   driver = username_format=%Lu passwd-file
   args = /etc/dovecot/share.passwd
}

#  /etc/dovecot/share.passwd
test at onnet.ch::::::: userdb_acl=vfile:/etc/dovecot/dovecot-acl
userdb_acl_globals_only = yes

should prevent the user from modifying any ACL files.

Aki

On 05.08.2018 17:04, Simeon Ott wrote:
> Hello
>
> Is it possible to limit the ability of sharing it’s own mailboxes to
> only a few users?
> We have a few sensitive mailboxes of users where the ability to share
> via IMAP SETACL should be prevented.
>
> I tried the following so far…
>   doveadm acl remove -u test at onnet.ch <mailto:test at onnet.ch> INBOX
> user=test at onnet.ch <mailto:user=test at onnet.ch> admin
>
> but when doing this the admin rights are still there
>   doveadm acl rights -u test at onnet.ch <mailto:test at onnet.ch> INBOX
>   vmail at buserver:~$ doveadm acl rights -u test at onnet.ch
> <mailto:test at onnet.ch> INBOX
>   Rights                                                              
>                                                  
>   lookup read write write-seen write-deleted insert post expunge
> create delete admin
>
> Thanks in advance for your help
> Simeon

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180806/51428f46/attachment.html>


More information about the dovecot mailing list