Dear Steffen, Thanks for your feedback. Appreciate it. By permission I mean (read, write, look-up seen). I dont think symlink will allow these features. ACL does support such features. Only problem is that I have to setacl for individual boxes (ie Inbox,Sent,Junk etc.) On Wed, May 6, 2015 at 1:15 PM, Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 5 May 2015, Kevin Laurie wrote: > >> I am trying to map a account(bob at mydomain.com) to help at mydomain.com. I >> would like him to see/access Inbox,Sent,Junk,Trash of >> help at mydomain.com . What would you reckon would be the best way to do >> this? ACL or Symlink? > > > to suggest a "best way" we would need to know more about your Dovecot > installation. > >> With symlink, I dont think I will be able to set permissions. > > > What permissions you are talking of? > >> Is it possible to use ACL to get the entire email account access(the >> inbox, junk, sent etc.)? > > > With ACLs help can allow bob to access selected mailboxes with selected IMAP > permissions, if bob may access the mail storage of help on file system > level. ACLs are more powerful, but require more setup. > > I use both ways: > > ACLs to share mailboxes in general, which appear in the users branch, and > symlinks to place SPAM reporting mailboxes right into the namespace of each > user. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVUmxg3z1H7kL/d9rAQLuHwf/SdVE/ZAH4Tf4/H0EacRvNEn08qUOROGq > eKLpd0p/TFpbHQxfM0YLazH9QEJBIP5mpRWa5U0WVzFiLTfR1UgVPcS3xjJnq+Pl > uR9/vQfUpn/B+viGCsTB8ItKCnTF892mCsiUbiFEs7BeF5jdoTOdHCsHorJL/UKa > bmpTD1ORUeKcA7m075jhTVDB6jwgWRELItIx9W2sqHBu+wfWfMp5lv3qSyOXPLtH > onz+aUYhzAepuAhVI36feMUEwZhzHF+3fvzJmKZJSEQ3BwEZOm0eOqeba4gk52KC > rSCwLZ2aDEwAx9L95MmT+B08M6ChNOuILTiYFlv0o/3G3Qt8qhqHhA=> =Q36P > -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 May 2015, Kevin Laurie wrote:> By permission I mean (read, write, look-up seen). I dont think symlink > will allow these features.Symlinks grant all IMAP permissions, the filesystem level permits. That is, with symlinks you cannot selectivly deny permissions easily.> ACL does support such features. > Only problem is that I have to setacl for individual boxes (ie > Inbox,Sent,Junk etc.)There are front ends for IMAP ACLs and more importantly for your current situation: http://wiki2.dovecot.org/Tools/Doveadm/ACL Works great. If you search the list, you will find posts how to grant permissions for several or all mailboxes of one account with a tool chain using "doveadm mailbox list ".> On Wed, May 6, 2015 at 1:15 PM, Steffen Kaiser > <skdovecot at smail.inf.fh-brs.de> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Tue, 5 May 2015, Kevin Laurie wrote: >> >>> I am trying to map a account(bob at mydomain.com) to help at mydomain.com. I >>> would like him to see/access Inbox,Sent,Junk,Trash of >>> help at mydomain.com . What would you reckon would be the best way to do >>> this? ACL or Symlink? >> >> >> to suggest a "best way" we would need to know more about your Dovecot >> installation. >> >>> With symlink, I dont think I will be able to set permissions. >> >> >> What permissions you are talking of? >> >>> Is it possible to use ACL to get the entire email account access(the >>> inbox, junk, sent etc.)? >> >> >> With ACLs help can allow bob to access selected mailboxes with selected IMAP >> permissions, if bob may access the mail storage of help on file system >> level. ACLs are more powerful, but require more setup. >> >> I use both ways: >> >> ACLs to share mailboxes in general, which appear in the users branch, and >> symlinks to place SPAM reporting mailboxes right into the namespace of each >> user. >> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVUmxg3z1H7kL/d9rAQLuHwf/SdVE/ZAH4Tf4/H0EacRvNEn08qUOROGq >> eKLpd0p/TFpbHQxfM0YLazH9QEJBIP5mpRWa5U0WVzFiLTfR1UgVPcS3xjJnq+Pl >> uR9/vQfUpn/B+viGCsTB8ItKCnTF892mCsiUbiFEs7BeF5jdoTOdHCsHorJL/UKa >> bmpTD1ORUeKcA7m075jhTVDB6jwgWRELItIx9W2sqHBu+wfWfMp5lv3qSyOXPLtH >> onz+aUYhzAepuAhVI36feMUEwZhzHF+3fvzJmKZJSEQ3BwEZOm0eOqeba4gk52KC >> rSCwLZ2aDEwAx9L95MmT+B08M6ChNOuILTiYFlv0o/3G3Qt8qhqHhA=>> =Q36P >> -----END PGP SIGNATURE----- >- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVUm+1Xz1H7kL/d9rAQKe6QgAnKH2zKVKZzfawIEwhpd4qY1fXP1dXNvA Ymzsf4i2MSG2hg8d1Nw91kxPQxmamHq98HLgHFjWy9of/5zW8I23iOAjxgJMpypY pXha/1T1W4rDoF7wnpHSWdkGtyFW4bQu3T1vNfU12bLw/d1ehdgcDjLHdYDncKyh ZZdFQ2BpPYyiHs3+KnZVqixdFna9+lEMOMJddVI1+8dTfRf3JlfZptEbhOp501ko w/slmqMzpZsx/+20QzI+pXh+jmQy0FFAJh8z0mWsnxdJqNbf9zSmSmvCy4lwirhL Mht3x2mudhcGk5l3Z+R86QxJiElEWpzdFv0JJRQp1oRwljAncasCGA==cNmt -----END PGP SIGNATURE-----
Dear Steffan, Noted. Thanks for your feedback! Best Regards Kevin On Wed, May 6, 2015 at 2:12 PM, Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, 6 May 2015, Kevin Laurie wrote: > >> By permission I mean (read, write, look-up seen). I dont think symlink >> will allow these features. > > > Symlinks grant all IMAP permissions, the filesystem level permits. That is, > with symlinks you cannot selectivly deny permissions easily. > >> ACL does support such features. >> Only problem is that I have to setacl for individual boxes (ie >> Inbox,Sent,Junk etc.) > > > There are front ends for IMAP ACLs and more importantly for your current > situation: > > http://wiki2.dovecot.org/Tools/Doveadm/ACL > > Works great. If you search the list, you will find posts how to grant > permissions for several or all mailboxes of one account with a tool chain > using "doveadm mailbox list ". > > >> On Wed, May 6, 2015 at 1:15 PM, Steffen Kaiser >> <skdovecot at smail.inf.fh-brs.de> wrote: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Tue, 5 May 2015, Kevin Laurie wrote: >>> >>>> I am trying to map a account(bob at mydomain.com) to help at mydomain.com. I >>>> would like him to see/access Inbox,Sent,Junk,Trash of >>>> help at mydomain.com . What would you reckon would be the best way to do >>>> this? ACL or Symlink? >>> >>> >>> >>> to suggest a "best way" we would need to know more about your Dovecot >>> installation. >>> >>>> With symlink, I dont think I will be able to set permissions. >>> >>> >>> >>> What permissions you are talking of? >>> >>>> Is it possible to use ACL to get the entire email account access(the >>>> inbox, junk, sent etc.)? >>> >>> >>> >>> With ACLs help can allow bob to access selected mailboxes with selected >>> IMAP >>> permissions, if bob may access the mail storage of help on file system >>> level. ACLs are more powerful, but require more setup. >>> >>> I use both ways: >>> >>> ACLs to share mailboxes in general, which appear in the users branch, and >>> symlinks to place SPAM reporting mailboxes right into the namespace of >>> each >>> user. >>> >>> - -- Steffen Kaiser >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1 >>> >>> iQEVAwUBVUmxg3z1H7kL/d9rAQLuHwf/SdVE/ZAH4Tf4/H0EacRvNEn08qUOROGq >>> eKLpd0p/TFpbHQxfM0YLazH9QEJBIP5mpRWa5U0WVzFiLTfR1UgVPcS3xjJnq+Pl >>> uR9/vQfUpn/B+viGCsTB8ItKCnTF892mCsiUbiFEs7BeF5jdoTOdHCsHorJL/UKa >>> bmpTD1ORUeKcA7m075jhTVDB6jwgWRELItIx9W2sqHBu+wfWfMp5lv3qSyOXPLtH >>> onz+aUYhzAepuAhVI36feMUEwZhzHF+3fvzJmKZJSEQ3BwEZOm0eOqeba4gk52KC >>> rSCwLZ2aDEwAx9L95MmT+B08M6ChNOuILTiYFlv0o/3G3Qt8qhqHhA=>>> =Q36P >>> -----END PGP SIGNATURE----- >> >> > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVUm+1Xz1H7kL/d9rAQKe6QgAnKH2zKVKZzfawIEwhpd4qY1fXP1dXNvA > Ymzsf4i2MSG2hg8d1Nw91kxPQxmamHq98HLgHFjWy9of/5zW8I23iOAjxgJMpypY > pXha/1T1W4rDoF7wnpHSWdkGtyFW4bQu3T1vNfU12bLw/d1ehdgcDjLHdYDncKyh > ZZdFQ2BpPYyiHs3+KnZVqixdFna9+lEMOMJddVI1+8dTfRf3JlfZptEbhOp501ko > w/slmqMzpZsx/+20QzI+pXh+jmQy0FFAJh8z0mWsnxdJqNbf9zSmSmvCy4lwirhL > Mht3x2mudhcGk5l3Z+R86QxJiElEWpzdFv0JJRQp1oRwljAncasCGA=> =cNmt > -----END PGP SIGNATURE-----