limit sharing ability to certain users

Aki Tuomi aki.tuomi at dovecot.fi
Mon Aug 6 08:27:46 EEST 2018



On 06.08.2018 08:26, Aki Tuomi wrote:
>
> You could do
>
> userdb {
>    driver = username_format=%Lu passwd-file
>    args = /etc/dovecot/share.passwd
> }
>
> #  /etc/dovecot/share.passwd
> test at onnet.ch::::::: userdb_acl=vfile:/etc/dovecot/dovecot-acl
> userdb_acl_globals_only = yes
>
> should prevent the user from modifying any ACL files.
>
> Aki
>

userdb_acl_globals_only=yes should be written without spaces...

Aki

> On 05.08.2018 17:04, Simeon Ott wrote:
>> Hello
>>
>> Is it possible to limit the ability of sharing it’s own mailboxes to
>> only a few users?
>> We have a few sensitive mailboxes of users where the ability to share
>> via IMAP SETACL should be prevented.
>>
>> I tried the following so far…
>>   doveadm acl remove -u test at onnet.ch <mailto:test at onnet.ch> INBOX
>> user=test at onnet.ch <mailto:user=test at onnet.ch> admin
>>
>> but when doing this the admin rights are still there
>>   doveadm acl rights -u test at onnet.ch <mailto:test at onnet.ch> INBOX
>>   vmail at buserver:~$ doveadm acl rights -u test at onnet.ch
>> <mailto:test at onnet.ch> INBOX
>>   Rights                                                            
>>                                                    
>>   lookup read write write-seen write-deleted insert post expunge
>> create delete admin
>>
>> Thanks in advance for your help
>> Simeon
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180806/2ec06961/attachment-0001.html>


More information about the dovecot mailing list