dovecot - Mar 2010 - Is it possible to prevent users from ever deleting anything?

Hi, dear dovecot-users,

is it possible to make dovecot ignore the DELETE command for some accounts?

Basically what I want to achieve is: users shall not be able to delete their
emails - but they still should be able write emails.

This is meant for a setup where different users are sending and receiving
emails for a "support" account.

I looked into IMAP virtual folders and ACL but I did not see a way of
totally disabling the possibility to delete emails and share the whole
account.

I realize there may be race conditions with a setup like this and a web
based ticket system might be a better solution, but it is only a very small
team and we can always talk to each others to resolve conflicts - so using
only one mail account for support seems practical and could keep the
overhead small - but we do not want to delete anything from it
(accidentaly).

Of course, at one point in future somebody has to delete some mails from
this accounts to get rid of old stuff - so I would like to implement a
super-user that is able to do that kind of mailbox maintanance.

How would I use ACL to setup such a scenario? Is it even possible?
Or did I misunderstand IMAP shared folders completely???

Thank you very much for your attention!

Have a nice day,
Snaky

Not sure about Dovecot, but with postfix you can make a copy of every
mail that gets in and out of the system and send it to a 'control'
account.

2010/3/24 Snaky Love <snakylove at
googlemail.com>:
> Hi, dear dovecot-users,
>
> is it possible to make dovecot ignore the DELETE command for some accounts?
>
> Basically what I want to achieve is: users shall not be able to delete
their
> emails - but they still should be able write emails.
>
> This is meant for a setup where different users are sending and receiving
> emails for a "support" account.
>
> I looked into IMAP virtual folders and ACL but I did not see a way of
> totally disabling the possibility to delete emails and share the whole
> account.
>
> I realize there may be race conditions with a setup like this and a web
> based ticket system might be a better solution, but it is only a very small
> team and we can always talk to each others to resolve conflicts - so using
> only one mail account for support seems practical and could keep the
> overhead small - but we do not want to delete anything from it
> (accidentaly).
>
> Of course, at one point in future somebody has to delete some mails from
> this accounts to get rid of old stuff - so I would like to implement a
> super-user that is able to do that kind of mailbox maintanance.
>
> How would I use ACL to setup such a scenario? Is it even possible?
> Or did I misunderstand IMAP shared folders completely???
>
> Thank you very much for your attention!
>
> Have a nice day,
> Snaky
>

An ACL setup omitting "t" and "e" permissions like:

$ cat dovecot-acl
user=<user> lrwsi

should allow this.

Regards
Thomas

Snaky Love <snakylove at googlemail.com> wrote:
> Hi, dear dovecot-users,
>
> is it possible to make dovecot ignore the DELETE command for some accounts?
>
> Basically what I want to achieve is: users shall not be able to delete
their
> emails - but they still should be able write emails.
>
> This is meant for a setup where different users are sending and receiving
> emails for a "support" account.
>
> I looked into IMAP virtual folders and ACL but I did not see a way of
> totally disabling the possibility to delete emails and share the whole
> account.
>
> I realize there may be race conditions with a setup like this and a web
> based ticket system might be a better solution, but it is only a very small
> team and we can always talk to each others to resolve conflicts - so using
> only one mail account for support seems practical and could keep the
> overhead small - but we do not want to delete anything from it
> (accidentaly).
>
> Of course, at one point in future somebody has to delete some mails from
> this accounts to get rid of old stuff - so I would like to implement a
> super-user that is able to do that kind of mailbox maintanance.
>
> How would I use ACL to setup such a scenario? Is it even possible?
> Or did I misunderstand IMAP shared folders completely???
>
> Thank you very much for your attention!
>
> Have a nice day,
> Snaky
Have you considered using lazy expunge plugin?
It will make "delete" move messages to another folder.

-- 
[pl>en: Andrew] Andrzej Adam Filip : anfi at onet.eu
Reality is just a convenient measure of complexity.
  -- Alvy Ray Smith