Stephen Kestle wrote: > I wish I knew if there was a term for this: > > An imap account that virtualises all the users as subfolders of the > 'super' account. e.g. > > Stephen > - Inbox > - Sent > - Trash > > Bob > - Inbox > .... > > 'super' > -Stephen > -Inbox > ... > -Bob > -Inbox > ... > > Is it possible to do such a configuration in exim? > > Cheers > > Stephen >
Yes. Couple of ways that I can think of, but none are really Exim issues, nor even, necessarily IMAP daemon issues: 1) IF you are storing messages with a UID:GID other-than that of Exim, (end-user UID). You might use *n*x user:group file perms and group membership so that one or more 'super users' had (at least) read access to to all/some subset(s) of others, by virtue of multiple memberships in the group. You need to be *really* careful here, else you may open a serious security hole. 2) Not (necessarily) recommended, but in production here for a long time, is to relay on an SQL RDBMS to store rights and mailstore mapping with hierarchical options. In practice, a field in the DB indicates which group or department a user is a staff-member of, and/or a supervisor of. A supervisor's 'working' account maps only to his/her own messages. Same as any other ordinary account. A supervisor's "functional supervisory" account maps to the mailstore of all the accounts of all subordinates in the group/department(s) below his/her level. At the top level, that could be the entire firm. This is just as 'legal' as the 'management' having access to all the keys to the desks and file cabinets in a business environment, though making sure staff are *aware* that the 'company' email is treated the same as any other 'company property or files is de riguer. For an ISP, or a hobbyist running a friends and family mailserver w/o an agreed covering ToS, it could be legal suicide. However, on that score, anyone with 'root' privileges and/or membership in the Exim-runner or IMAP-runner group, can, of course read nearly all mail on the system with 'lynx' anyway. So, too, anyone allowed to do a 'cp' to a directory their MUA can already access. Not one bit of which is recommended unless yurazz is well-covered from a legal standpoint... Even then, while it may not be illegal for a skunk to attend a wedding, it will never be welcome! ;-) Manners... Bill -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
