Andreas Ntaflos
2007-Jul-28 02:11 UTC
[Dovecot] Shared mailboxes (maildir, symlinks) and permissions
Hello list, I am trying to set up a public mailbox for users to put spam in so that sa-learn can do its job at night. Only I can't seem to fully understand how and which permissions should be set. I've read [1] and am using Dovecot 1.0.1. First some background information: I do not host or care (at the moment) about virtual users or virtual mail hosting. All users have Unix system accounts and shell access. I'd like to have a Spam folder, say /var/mail/public/.Spam that is a maildir where users can put Spam that got through the server-side filter. Spamassassin's sa-learn runs nightly and learns from the contents of the Spam folder. After reading [1] I think I should have under /var/mail/public a file called dovecot-shared that belongs to root:mail and has permissions 0660 (with user dovecot being a member of group mail) so that it looks like this: root at host:/var/mail/public# ls drwxr-sr-x 2 root mail 4096 2007-07-28 03:29 . drwxrwsr-x 3 root mail 4096 2007-07-28 02:19 .. -rw-rw---- 1 root mail 0 2007-07-28 02:46 dovecot-shared root at host:/var/mail/public# The first question arises: should Dovecot have write access to /var/mail/public itself? Now I should create the Spam folder called /var/mail/public/.Spam. Should this directory be in maildir format, i.e. should it already contain the subdirectories cur, tmp and new? What of the permissions of this directory? I am pretty sure Dovecot needs write access to it, so it should look like this: root at host:/var/mail/public# ls drwxr-sr-x 3 root mail 4096 2007-07-28 03:44 . drwxrwsr-x 3 root mail 4096 2007-07-28 02:19 .. -rw-rw---- 1 root mail 0 2007-07-28 02:46 dovecot-shared drwxrwsr-x 2 root mail 4096 2007-07-28 03:44 .Spam root at host:/var/mail/public# The .Spam directory here is completely empty. Now in a user's Maildir (/home/user1/Maildir) there are the user's private folders; a symlink to /var/mail/public/.Spam should be added: root at host:/home/user1/Maildir# ln -s /var/mail/public/.Spam . root at host:/home/user1/Maildir# ls ... drwx------ 5 user1 user1 4096 2007-07-19 16:14 .INBOX.foo drwx------ 5 user1 user1 4096 2007-07-06 23:01 .INBOX.bar ... lrwxrwxrwx 1 user1 user1 22 2007-07-28 03:51 .Spam -> /var/mail/public/.Spam ... root at host:/home/user1/Maildir# Is that all I have to do? Probably not, because I keep getting errors like the following when connecting (after subscribing of course): Jul 28 03:52:35 host dovecot: IMAP(user1): mkdir(/home/user1/Maildir/.Spam/cur) failed: Permission denied Should I have created the cur, tmp and new subdirectories manually and set their permissions like /var/mail/public/.Spam? But that still wouldn't give user1 write access. If I gave the users (or "others": chmod o+w) write permissions then Dovecot's index files would be owned by the first user that connects to the server and uses that folder. Apparently also not a solution. I also don't think I should have to make my users members of the mail group, but I could be wrong here. So I am not sure what I am missing, or if what I want to do is at all possible (without taking out the sledgehammer and setting all permissions to 0777). I also apologise for this lengthy post with many details and little interesting questions. It's getting late and I fear I've reached a dead end. I'd really appreciate it if someone knowledgeable could point me in the right direction here. Thanks in advance! Andreas [1] http://wiki.dovecot.org/SharedMailboxes -- Andreas "daff" Ntaflos Vienna, Austria GPG Fingerprint: 6234 2E8E 5C81 C6CB E5EC 7E65 397C E2A8 090C A9B4 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. URL: <http://dovecot.org/pipermail/dovecot/attachments/20070728/b8dbd0d4/attachment-0002.bin>
Sergey A. Kobzar
2007-Jul-28 08:48 UTC
[Dovecot] Shared mailboxes (maildir, symlinks) and permissions
Hi Andreas,
Check mailing list archives. I asked same questions last week.
My Configuration:
mail_location = maildir:/home/mail/%d/%n
mail_extra_groups = mail
namespace public {
separator = /
prefix = Public/
location = maildir:/home/mail/public
}
namespace private {
separator = /
prefix inbox = yes
}
/home/mail/public/:
total 4
drwx------ 7 mail mail 208 Jul 24 10:25 .
drwx------ 4 mail root 104 Jul 24 10:18 ..
drwx------ 5 mail mail 296 Jul 24 10:52 .Non-Spam
drwx------ 5 mail mail 296 Jul 24 10:33 .Spam
drwx------ 2 mail mail 48 Jul 24 10:18 cur
drwx------ 2 mail mail 48 Jul 24 10:18 new
-rw------- 1 mail mail 14 Jul 24 10:25 subscriptions
drwx------ 2 mail mail 48 Jul 24 10:18 tmp
/home/mail/public/.Non-Spam:
total 28
drwx------ 5 mail mail 296 Jul 24 10:52 .
drwx------ 7 mail mail 208 Jul 24 10:25 ..
drwx------ 2 mail mail 48 Jul 24 10:52 cur
-rw------- 1 mail mail 0 Jul 24 10:13 dovecot-shared
-rw------- 1 mail mail 69 Jul 24 10:25 dovecot-uidlist
-rw------- 1 mail mail 144 Jul 24 10:52 dovecot.index
-rw------- 1 mail mail 16384 Jul 24 10:52 dovecot.index.cache
-rw------- 1 mail mail 460 Jul 24 10:52 dovecot.index.log
drwx------ 2 mail mail 48 Jul 24 10:25 new
drwx------ 2 mail mail 48 Jul 24 10:25 tmp
/home/mail/public/.Spam:
total 32
drwx------ 5 mail mail 296 Jul 24 10:33 .
drwx------ 7 mail mail 208 Jul 24 10:25 ..
drwx------ 2 mail mail 48 Jul 24 10:29 cur
-rw------- 1 mail mail 0 Jul 24 10:14 dovecot-shared
-rw------- 1 mail mail 62 Jul 24 10:25 dovecot-uidlist
-rw------- 1 mail mail 144 Jul 24 10:29 dovecot.index
-rw------- 1 mail mail 17408 Jul 24 10:29 dovecot.index.cache
-rw------- 1 mail mail 460 Jul 24 10:33 dovecot.index.log
drwx------ 2 mail mail 48 Jul 24 10:18 new
drwx------ 2 mail mail 48 Jul 24 10:25 tmp
Everything works nice.
BTW /home/mail/public/ is not a mailbox and must not contain cur new
and tmp folders. As Timo said this bug was fixed in 1.1.
Saturday, July 28, 2007, 5:11:05 AM, you wrote:
> Hello list,
> I am trying to set up a public mailbox for users to put spam in so that
> sa-learn can do its job at night. Only I can't seem to fully understand
how
> and which permissions should be set. I've read [1] and am using Dovecot
> 1.0.1.
> First some background information: I do not host or care (at the moment)
about
> virtual users or virtual mail hosting. All users have Unix system accounts
> and shell access. I'd like to have a Spam folder, say
/var/mail/public/.Spam
> that is a maildir where users can put Spam that got through the server-side
> filter. Spamassassin's sa-learn runs nightly and learns from the
contents of
> the Spam folder.
> After reading [1] I think I should have under /var/mail/public a file
called
> dovecot-shared that belongs to root:mail and has permissions 0660 (with
user
> dovecot being a member of group mail) so that it looks like this:
> root at host:/var/mail/public# ls
> drwxr-sr-x 2 root mail 4096 2007-07-28 03:29 .
> drwxrwsr-x 3 root mail 4096 2007-07-28 02:19 ..
> -rw-rw---- 1 root mail 0 2007-07-28 02:46 dovecot-shared
> root at host:/var/mail/public#
> The first question arises: should Dovecot have write access
> to /var/mail/public itself?
> Now I should create the Spam folder called /var/mail/public/.Spam. Should
this
> directory be in maildir format, i.e. should it already contain the
> subdirectories cur, tmp and new? What of the permissions of this directory?
I
> am pretty sure Dovecot needs write access to it, so it should look like
this:
> root at host:/var/mail/public# ls
> drwxr-sr-x 3 root mail 4096 2007-07-28 03:44 .
> drwxrwsr-x 3 root mail 4096 2007-07-28 02:19 ..
> -rw-rw---- 1 root mail 0 2007-07-28 02:46 dovecot-shared
> drwxrwsr-x 2 root mail 4096 2007-07-28 03:44 .Spam
> root at host:/var/mail/public#
> The .Spam directory here is completely empty.
> Now in a user's Maildir (/home/user1/Maildir) there are the user's
private
> folders; a symlink to /var/mail/public/.Spam should be added:
> root at host:/home/user1/Maildir# ln -s /var/mail/public/.Spam .
> root at host:/home/user1/Maildir# ls
> ...
> drwx------ 5 user1 user1 4096 2007-07-19 16:14 .INBOX.foo
> drwx------ 5 user1 user1 4096 2007-07-06 23:01 .INBOX.bar
> ...
> lrwxrwxrwx 1 user1 user1 22 2007-07-28 03:51 .Spam ->
/var/mail/public/.Spam
> ...
> root at host:/home/user1/Maildir#
> Is that all I have to do? Probably not, because I keep getting errors like
the
> following when connecting (after subscribing of course):
> Jul 28 03:52:35 host dovecot: IMAP(user1):
> mkdir(/home/user1/Maildir/.Spam/cur) failed: Permission denied
> Should I have created the cur, tmp and new subdirectories manually and set
> their permissions like /var/mail/public/.Spam? But that still wouldn't
give
> user1 write access. If I gave the users (or "others": chmod o+w)
write
> permissions then Dovecot's index files would be owned by the first user
that
> connects to the server and uses that folder. Apparently also not a
solution.
> I also don't think I should have to make my users members of the mail
group,
> but I could be wrong here.
> So I am not sure what I am missing, or if what I want to do is at all
possible
> (without taking out the sledgehammer and setting all permissions to 0777).
I
> also apologise for this lengthy post with many details and little
interesting
> questions. It's getting late and I fear I've reached a dead end.
> I'd really appreciate it if someone knowledgeable could point me in the
right
> direction here.
> Thanks in advance!
> Andreas
> [1] http://wiki.dovecot.org/SharedMailboxes
--
Sergey
On Jul 28, 2007, at 3:47 PM, Sergey A. Kobzar wrote:> > BTW /home/mail/public/ is not a mailbox and must not contain cur new > and tmp folders. As Timo said this bug was fixed in 1.1. >Just for the record, and I realize it's not scheduled to be fixed until v1.1, this is still "broken" in v 1.0.3. Dovecot still creates cur, tmp, and new in /home/mail/public (or applicable, as configured). Doesn't hurt anything but just wanted to make the point.> http://wiki.dovecot.org/SharedMailboxesB. Bodger