Joachim Breitner
2013-Oct-14 09:22 UTC
[Dovecot] Public dovecot namespace visible only to some users
Hi,
I have a dovecot IMAP server (version 2.1.7) with Maildirs and a virtual
user setup (e.g. all accounts are mapped to the same system user). I?d
like to create a public namespace shared between users A and B, but not
any other user.
I tried to set up the namespace as follows:
namespace {
type = public
separator = .
prefix = INBOX.XFeeds.
location = maildir:/var/vhosts/feeds:INDEX=~/Maildir/feeds/
subscriptions = no
}
together with a acl-file:
/var/vhosts/feeds $ cat dovecot-acl
user=A lrwstipekxa
user=B lrwipk
Now user C cannot access the contents of the XFeeds mailbox, but it
still shows up in its IMAP client. How can I make sure that other users
cannot observe that this namespace exists?
Thanks,
Joachim
PS: If you collect serverfault reputation, feel free to answer on
http://serverfault.com/questions/544061/public-dovecot-namespace-visible-only-to-some-users
as well :-)
PPS: Relevant parts of my configuration:
first_valid_uid = 109
last_valid_uid = 109
mail_gid = vhost
mail_location = maildir:~/Maildir
mail_privileged_group = mail
mail_uid = vhost
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
namespace {
location = maildir:/var/vhosts/feeds:INDEX=~/Maildir/feeds/
prefix = INBOX.XFeeds.
separator = .
subscriptions = no
type = public
}
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix = INBOX.
separator = .
}
passdb {
args = /etc/vhosts/dovecot-userdb
driver = passwd-file
}
plugin {
acl = vfile
sieve = ~/dovecot.sieve
sieve_dir = ~/sieve
}
userdb {
args = uid=vhost gid=vhost home=/var/vhosts/%d/%n
driver = static
}
protocol imap {
mail_plugins = " acl"
}
--
Joachim ?nomeata? Breitner
mail at joachim-breitner.de ? http://www.joachim-breitner.de/
Jabber: nomeata at joachim-breitner.de ? GPG-Key: 0x4743206C
Debian Developer: nomeata at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20131014/7107d704/attachment.bin>
Joachim Breitner
2013-Oct-14 14:38 UTC
[Dovecot] Public dovecot namespace visible only to some users
H, Am Montag, den 14.10.2013, 11:22 +0200 schrieb Joachim Breitner:> How can I make sure that other users > cannot observe that this namespace exists?something else that I tried since is to set "list = no" in the esttings of "namespace feeds", and add "userdb_namespace/feeds/list=yes" to the passwd file, but the latter did not seem to have any effect. Greetings, Joachim -- Joachim ?nomeata? Breitner mail at joachim-breitner.de ? http://www.joachim-breitner.de/ Jabber: nomeata at joachim-breitner.de ? GPG-Key: 0x4743206C Debian Developer: nomeata at debian.org -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20131014/02cc6dbd/attachment.bin>
Maybe Matching Threads
- Bug#588839: Include pv-grub to securely boot guest kernels
- [Bug 1870] Do not show VisualHostKey unless attached to a terminal
- Safely piping to a shell script
- Relaying some UDP traffic through tinc?
- [Bug 1870] New: Do not show VisualHostKey unless attached to a terminal