On Wed, 2009-08-05 at 11:08 +0300, Nikita Koshikov wrote:
> Here is namespace part of config file:
> namespace private {
>     prefix = Company/
>     separator = /
>     location = virtual:/var/mail/virtual:INDEX=MEMORY:LAYOUT=maildir++
>     subscriptions = no
> }
..
> Then I tried to setup ACL for virtual mailbox. Adding "acl" to mail_plugins 
> in imap and lda section and acl=vfile to plugins config. Under 
> /var/mail/virtual in each mailbox I create dovecot-acl file contaning:
> user=koshikov.n lrwstiekxa
> authenticated lrwstipe
> 
> But this didn't work.

That's because in private namespaces user owns the mails, and
"authenticated" doesn't reduce the user's privileges. You could use
"owner" instead.

Also I don't think you should use ACLs at all here. It's easier and more
secure to just make /var/mail/virtual non-writable to imap process. For
example change file/dir owners to root and make them world-readable.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to