Hello, I've recently saw a discussion on this list, about a standardised way of emptying POP3 mailboxes on the server - but no solution came up. Please provide a suggestion for the following situation: - I am running a stock POP3 dovecot server, on Fedora 12 (dovecot version 1.2.9) - passwd-file authentication via /etc/imap.passwd - users are virtual, sharing the same UID/GID; - storage is in MailDir system; - for remote users, server is POP3-only, since the administrative policy says that every user should download his messages on the local workstation, then delete them from server immediately after succesful download. - IMAP is allowed only locally, in order to be used together via stock squirrelmail Web interface (for emergencies only) However, there are users that check the infamous ?Leave a copy on the server? checkbox (or equivalent) in their mail clients, eventually adding ?Delete messages after X days?. Since I have no direct administrative control on the clients, I absolutely need a way to forbid the above behaviour at server level, in order to enforce the policy. The server's HDD is meant to store received messages from reception to the first access only. Filesystem quotas are not an option in this scenario, since the UID/GID is the same for all virtual users. What I need is way to make sure that "cur" and "tmp" subdirectories are perfectly empty after the user downloads his mail. (I will also need a way to make sure that users using squirrelmail leave no populated "Sent" and "Trash" folders on server's HDD, but that's offtopic here). Could you please suggest a way to solve this ? Thanks a lot, R?zvan
you can always use softquotas (or Maildir quotas) for acchieving quotas on a virtual environment ... which dovecot can handle pretty well. http://wiki.dovecot.org/Quota/Maildir Em 03/02/2010 14:41, R?zvan Sandu escreveu:> > Filesystem quotas are not an option in this scenario, since the > UID/GID is the same for all virtual users. > >-- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 3 Feb 2010, R?zvan Sandu wrote:> - IMAP is allowed only locally, in order to be used together via stock > squirrelmail Web interface (for emergencies only) > > However, there are users that check the infamous ?Leave a copy on the server? > checkbox (or equivalent) in their mail clients, eventually adding ?Delete > messages after X days?. > > Since I have no direct administrative control on the clients, I > absolutely need a way to forbid the above behaviour at server level, in order > to enforce the policy. The server's HDD is meant to store received messages > from reception to the first access only. > > Filesystem quotas are not an option in this scenario, since the UID/GID is > the same for all virtual users. > > What I need is way to make sure that "cur" and "tmp" subdirectories are > perfectly empty after the user downloads his mail."tmp" is temp, hence, I do: find /path -maxdepth 4 -name tmp -type d -print0 | \ xargs -r0 /usr/local/sbin/emptyDir ==== emptyDir find "$@" -type f -mtime +2 -delete === once a day anyway.> (I will also need a way to make sure that users using squirrelmail leave no > populated "Sent" and "Trash" folders on server's HDD, but that's offtopic > here).Well, find /path -maxdepth 3 \( -name .Sent -o -name .Trash \) -print0 | \ xargs -r0 /usr/local/sbin/emptyDir Maybe: # delete any Maildir mailboxes except INBOX for user in /path/*/Maildir; do # Maildir mailboxes start with a dot find "$user"/.[^.]* -type f -mtime +2 -delete rmdir -p "$user"/.[^.]*/* > /dev/null 2>&1 done> Could you please suggest a way to solve this ?The problem IMHO is: that you allow IMAP access for emergency, but then want to delete cur/. How about these: 1) Once a day you traverse the logs and check when an user has logged in with POP and IMAP, if login(POP) > login(IMAP), empty cur/ . 2) You do postlogin scripting: http://wiki.dovecot.org/PostLoginScripting for IMAP only. The script sets a flag to _not_ purge cur/ of the particular user once a day. I would use "-mtime +1" to give each user one day to re-download the mail in case, well, of a problem. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBS2qSnb+Vh58GPL/cAQKZSgf+Ohy80TcJhGppStH5DLScZ86MVbgNYKhJ Bgtvy3tU7wZGa4ZJJKNwEIlHKayJV7zgIhQehvSJmg53827BSgJ9kF6f+iBMCOZ6 Ye6UG5549sMicpTezs0MtYnv+xc8qWJs4mhAyjUblfHtiBvQYOxDqcX5uKvHpcqC Bp9GVYpo0TZCPw3qoixfN2aFL6xBDofxBk45uohWe4xWwwQZMwJt0AWbxNdpHtFV hVKlafgJqmvaOzdHq18zUjrdinBuvx60RSV9+XIReSf/Ig2dMK8KoGxi+nzLAg77 HW78XIdzRxmp9sAjedGIw46IlvCp+wq6qcm0jI7wk60ccb1m1fd3Vw==7FlQ -----END PGP SIGNATURE-----
Hello, Thanks a lot, but the problem here are not the IMAP users accessing the server via squirrelmail. Few people use this. What I mainly want to avoid are *POP3* users checking the ?Leave a copy on the server? checkmark. I need a way of automatically performing the DELE command at server level, just after a POP3 user *succesfully* downloaded his messages via POP3... Thanks again, R?zvan
Am 04.02.2010 12:39, schrieb R?zvan Sandu:> Hello, > > Thanks a lot, but the problem here are not the IMAP users accessing the > server via squirrelmail. Few people use this. > > What I mainly want to avoid are *POP3* users checking the ?Leave a copy > on the server? checkmark. > > I need a way of automatically performing the DELE command at server > level, just after a POP3 user *succesfully* downloaded his messages via > POP3... > > Thanks again, > R?zvan > >dont think this can be done, perhaps Timo knows magic what might be possible is to send additional warnings http://wiki.dovecot.org/PostLoginScripting whatever some scripting seems to me the only way to goal this -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
Steffen Kaiser wrote:> Well, I know that the client knows it has *successfully* downloaded > messages, but how does the server know? Just to sent down some > packets through the wire does not mean success.Thanks, I see... so the server knows nothing about the success or insuccess of retrieving messages. Only client knows, so only client may act. In that case, the only possibility is to have some automatic script that periodically "cleans" the "cur" subdirectories, as you suggested. However, not being a programmer at all, I'm far from being able to write an industrial-grade solution for this. ;-) Best regards, R?zvan
R?zvan Sandu put forth on 2/4/2010 5:39 AM:> I need a way of automatically performing the DELE command at server > level, just after a POP3 user *succesfully* downloaded his messages via > POP3...And this is going to really upset customers who access a single POP account from a work PC, a home desktop, and a laptop. Once you implement this, said users will download all the email onto, say, the work PC, and then not be able to access the emails from the laptop or home PC. In my experience, the only (intelligent) users who "leave a copy on the server" are those with multiple computers and a provider who offers only POP, and not IMAP or webmail access to the mailbox. Have you taken this into account? -- Stan
On Wed, Feb 03, 2010 at 06:41:34PM +0200, R??zvan Sandu wrote:> Please provide a suggestion for the following situation: > > - I am running a stock POP3 dovecot server, on Fedora 12 (dovecot > version 1.2.9) >...... ......> However, there are users that check the infamous ???Leave a copy on the > server??? checkbox (or equivalent) in their mail clients, eventually > adding ???Delete messages after X days???. > > Since I have no direct administrative control on the clients, I > absolutely need a way to forbid the above behaviour at server level, in > order to enforce the policy. The server's HDD is meant to store received > messages from reception to the first access only.Well-well-well. I don't know the situation with dovecot POP3 server, but look on RFC 2449 and especially "expire" extension. I think there is other question and it is right one: Can dovecot pop3 server deal with pop3 extensions (supports "capa" command) and can it deal with "expire" extension and how to use it? Sorry that not much help... WBR Dmitri Ivanov
Reasonably Related Threads
- Tinc + OSPF - is it feasible?
- tinc initialization (in both Red Hat and Debian families)
- Please HELP: how to delete all messages older than X days
- Please HELP: how to delete all messages older than X days from the server?
- [RFE] A way to encode passwords in the /etc/imap.passwd file