Confused about dovecot ACL
Aki Tuomi
aki.tuomi at open-xchange.com
Fri Jul 12 10:35:03 EEST 2019
On 11.7.2019 20.43, HTMLServices.it via dovecot wrote:
> Hello everyone
>
> sorry i'm not very experienced and also my english
>
> I installed a centos 7 server with ispconfig postfix dovecot 2.2.36
> and roundcube, this server is only a mail archive, so my need is that
> ALL the mailboxes are read-only on roundcube/imap and any user must
> NOT delete the messages. ... so I configured dovecot's ALC following
> the guide "https://wiki2.dovecot.org/ACL" I think I did everything
> correctly and I don't get errors but entering the webmail roundcube I
> CAN DELETE MESSAGES ..... it seems that the acl have no effect ....
>
>
snip
> if I see the line "Info: User test at test.com has rights: lookup read"
> it seems that the ACL (lookup and read) are correctly applied,
> but as I was saying above, entering the user test at test.com on the
> webmail, I can do everything I want to also delete the e-mails .....
> these are days I try to understand but I don't understand what I'm
> wrong and how to solve ....
> thank you all in advance
This is because the rules are applies as "owner", and not as
"test at test.com". If you want to prevent test at test.com from deleting
their mail, you need to create
/var/vmail/test.com/test/Maildir/dovecot-acl with
* owner lr
Aki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190712/27e87697/attachment.html>
More information about the dovecot
mailing list