![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
dovecot v2.x
Public Mailboxes
Public mailboxes are created by defining a public namespace and creating the wanted mailboxes under it.
Setting
mail_plugins = ... acl protocol imap { mail_plugins = ... imap_acl } plugin { acl = vfile acl_shared_dict = proxy::acl } dict { acl = mysql:/etc/dovecot/dovecot-share-folder.conf } namespace { type = shared separator = / prefix = Shared/%%u/ location = maildir:%%Lh/Maildir/:INDEX=%%Lh/Maildir/Shared/%%Ld/%%Ln # this namespace should handle its own subscriptions or not. subscriptions = yes list = children }
SQL
connect = host=127.0.0.1 port=3306 dbname=vmail user=vmailadmin password=xxxxxxxxxxxxxx
map {
pattern = shared/shared-boxes/user/$to/$from
table = share_folder
value_field = dummy
fields {
from_user = $from
to_user = $to
}
}
# To share mailbox to anyone, please uncomment 'acl_anyone = allow' in
# dovecot.conf
map {
pattern = shared/shared-boxes/anyone/$from
table = anyone_shares
value_field = dummy
fields {
from_user = $from
}
}
list=children: specifies that if no one has shared mailboxes to the user, the "shared" directory isn't listed by the LIST command.
(visible always, you can set list=yes)
%%h: the user's home directory is asked from auth process via auth-userdb socket
Dirty Shared Folder
ln -s /home/user2/Maildir/.Work /home/user1/Maildir/.shared.user2
ln -s /home/user3/Maildir/.Work /home/user1/Maildir/.shared.user3
With Maildir++ layout it's not possible to automatically share "mailbox and its children".
You'll need to symlink each mailbox separately.
Set ACL By telnet
-
MYRIGHTS <mailbox>: Returns the user's current rights to the mailbox.
-
GETACL <mailbox>: Returns the mailbox's all ACLs.
-
SETACL <mailbox> <id> [+|-]<rights>: Give <id> the specified rights to the mailbox.
-
DELETEACL <mailbox> [-]<id>: Delete <id>'s ACL from the mailbox.
i.e.
# Share folder `Sent` with user [email protected],
# with permissions: read (r), lookup (l) and insert (i).
telnet localhost 143
. login [email protected] passwd
. OK [... ACL ..] Logged in
. SETACL Sent [email protected] rli
After you shared folder with SETACL command, dovecot will insert a record in MySQL database.
Set ACL By Roundcube Plugin
* Roundcubemail has official plugin acl to manage mailbox sharing.
Setting
// Set to an empty array to exclude all special aci subjects.
//$config['acl_specials'] = array('anyone', 'anonymous');
ACL backend
The ACL code was written to allow multiple ACL backends,
but currently Dovecot supports only virtual ACL files.
Note that using ACLs doesn't grant mail processes any extra filesystem permissions that they already don't have.
You must make sure that the processes have enough permissions to be able to access the mailboxes.
-------------
ACL vfile backend ()
vfile backend supports per-mailbox ACLs and global ACLs.
Per-mailbox ACLs are stored in dovecot-acl named file, which exists in:
maildir: The Maildir's mail directory (eg. ~/Maildir, ~/Maildir/.folder/)
<identifier> <ACLs>
--------------
List cache(dovecot-acl-list)
Location: Maildir/dovecot-acl-list
Format: Size FolderName
dovecot-acl-list file lists all mailboxes that have "l" rights assigned. If you manually add/edit dovecot-acl files, you may need to delete the dovecot-acl-list to get the mailboxes visible.
TroubleShoot
mail_debug=yes
doveadm acl debug -u user@domain shared/user/box
