hi!
i would appreciate to have some comments on my below scenario:
# from the config
userdb static {
args = uid=vmail gid=mail home=/vmail/%d/%n
}
namespace public {
separator = /
prefix = All/
location = maildir:/vmail/%d/all/Maildir:CONTROL=~/Maildir/control/
all:INDEX=~/Maildir/index/all
inbox = no
hidden = no
}
namespace private {
separator = /
prefix =
location = maildir:~/Maildir
inbox = yes
hidden = no
}
# end config
the public namespace is also the maildir of the user "[EMAIL PROTECTED]".
a sieve skript is dropping mail for [EMAIL PROTECTED] to the appropriate
maildir within this maildir/namespace (e.g. .Support/)
first of all: this works to some point but is such a configuration
valid? can a public namespace be the maildir of a user?
if a new mail for [EMAIL PROTECTED] comes in, all subscribed users (of
this domain) can view it and it is marked as /Seen individually.
the important feature to me: the /Seen flags are managed per user as
configured in the public namespace
now the problem:
the whole mail system runs with one uid/gid and virtual users, which
has the effect that some user can delete mails in the public
namespace or drop mails into it, create folders etc. this is not
wanted. i wanted a read-only public namespace. so i decided to use
acls. as namespace prefixes are ignored i needed to create them
globally. my first try was:
/etc/dovecot/acls/Support:
owner lrwstiekxa
authenticated lr
which lead to the result that other users than [EMAIL PROTECTED] cannot
manipulate the public namespace at all, including setting their /Seen
flag. that was the first surprise to me as i thought this flag would
be managed seperately in the users homes.
after a (very short) thought i came to this (allow setting the /Seen
flag for others):
owner lrwstiekxa
authenticated lrs
which lead to another unexpected result: the /Seen flag is now set
globally. if one user marks a mail /Seen, it is /Seen for all other
users too.
where is the problem? except for the iso/osi layer 8 problem i am
aware of...
marc
