Hello Robert,
Thank you for your reply.
It is the way I did it yes, and it works but only inside the same domain:
- setting acl of userA at domA to include userC at domA works well, and
appears under the "Shared" pseudo-folder
- but setting acl of userA at domA to include userB at domB does not appear
under the "Shared"
Here is the config
-------------------------------------------------
# 2.2.13: /etc/dovecot/dovecot.conf
auth_mechanisms = plain login
default_login_user = virmail
first_valid_gid = 5501
first_valid_uid = 5501
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 50001
last_valid_uid = 50001
listen = *
log_path = /sd/_host-1/var/log/dovecot/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = virmail
mail_location = maildir:/sd/MAIL_IMAP_POP/%d/%n:LAYOUT=fs
mail_plugins = quota notify acl
mail_privileged_group = virmail
mail_temp_dir = /sd/tmp
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave vnd.dovecot.filter
namespace {
hidden = no
list = children
location =
maildir:/sd/MAIL_IMAP_POP/%d/Public:LAYOUT=fs:CONTROL=/sd/MAIL_IMAP_POP/%d/%n/__Public:INDEX=/sd/MAIL_IMAP_POP/%d/%n/__Public
prefix = Public/
separator = /
subscriptions = no
type = public
name }
namespace {
list = yes
location =
maildir:/sd/MAIL_IMAP_POP/%%d/%%n:LAYOUT=fs:INDEX=/sd/MAIL_IMAP_POP/%d/%n/__Shared/%%u:INDEXPVT=/sd/MAIL_IMAP_POP/%d/%n/__Shared/%%u
prefix = Shared/%%d/%%n/
separator = /
subscriptions = yes
type = shared
name }
namespace {
inbox = yes
location mailbox {
auto = subscribe
special_use = \Drafts
name = Drafts
}
mailbox {
auto = subscribe
special_use = \Junk
name = Junk
}
mailbox {
special_use = \Sent
name = Sent
}
mailbox {
special_use = \Sent
name = Sent Messages
}
mailbox {
special_use = \Trash
name = Trash
}
prefix separator = /
type = private
name = inbox
}
passdb {
driver = pam
}
passdb {
args = scheme=CRYPT username_format=%u /sd/MAIL_IMAP_POP/%d/passwd_%d
driver = passwd-file
}
passdb {
args = scheme=SHA1 /sd/MAIL_IMAP_POP/%d/passwd_%d
driver = passwd-file
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/sd/MAIL_IMAP_POP/%d/shared-mailboxes
antispam_backend = pipe
antispam_pipe_program = /usr/bin/spamc
antispam_pipe_program_args = --username;debian-spamd
antispam_pipe_program_notspam_arg = --learntype=ham
antispam_pipe_program_spam_arg = --learntype=spam
antispam_pipe_tmpdir = /sd/tmp
antispam_signature = X-Spam-Flag
antispam_signature_missing = move
antispam_spam = Spam;Junk
antispam_spam_pattern = spam;Spam;junk;Junk
antispam_spam_pattern_ignorecase = SPAM;JUNK
antispam_trash = trash;Trash;Deleted Items;Deleted Messages
antispam_trash_pattern = trash;Trash;Deleted *
antispam_trash_pattern_ignorecase = TRASH
quota = maildir:User quota:ns quota2 = maildir:Public quota:ns=Public/
quota2_rule = *:storage=2G
quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
quota_rule = *:storage=1G
quota_rule2 = Trash:storage=+10%%
quota_rule3 = Spam:storage=+20%%
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_status_success = DUNNO
quota_warning = storage=90%% quota-warning 90 %u %d
quota_warning2 = storage=75%% quota-warning 75 %u %d
sieve = /sd/MAIL_IMAP_POP/%d/%n/__Sieve
sieve_after = /sd/MAIL_IMAP_POP/%d/SieveAfter/
sieve_after2 = /sd/MAIL_IMAP_POP/SieveAfter/
sieve_before = /sd/MAIL_IMAP_POP/SieveBefore
sieve_default = /sd/_host-1/var/lib/dovecot/sieve/default.sieve
sieve_extensions = +vnd.dovecot.filter
sieve_filter_bin_dir = /etc/dovecot/sieve-filters
sieve_global_dir = /sd/_host-1/var/lib/dovecot/sieve/global/
sieve_plugins = sieve_extprograms
}
postmaster_address = postmaster at domA
protocols = imap sieve
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
user = $default_internal_user
name = auth-worker
}
service {
unix_listener {
group = postfix
mode = 0660
user = postfix
path = /var/spool/postfix/private/auth
}
user = root
name = auth
}
service config {
name = config
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns_client
}
service doveadm-server {
name = doveadm
}
service {
inet_listener {
port = 0
name = imap
}
inet_listener {
port = 993
name = imaps
}
process_min_avail = 1
user = virmail
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service login/imap {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service {
unix_listener {
group = postfix
mode = 0666
user = postfix
path = /var/spool/postfix/private/dovecot-lmtp
}
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service {
executable = script /sd/MAIL_IMAP_POP/_scripts/quota-warning
unix_listener {
user = virmail
path = quota-warning
}
user = virmail
name = quota-warning
}
service replicator-doveadm {
name = replicator
}
service login/ssl-params {
name = ssl-params
}
service stats-mail {
name = stats
}
ssl_ca = </sd/MAIL_IMAP_POP/_ssl/imap.domA_letsencrypt_cacert.crt
ssl_cert = </sd/MAIL_IMAP_POP/_ssl/imap.domA_letsencrypt_domain.crt
ssl_key = </sd/MAIL_IMAP_POP/_ssl/imap.domA_letsencrypt_domain.key
userdb {
driver = passwd
}
userdb {
args = uid=virmail gid=virmail home=/sd/MAIL_IMAP_POP/%d/%n
driver = static
}
userdb {
args = uid=virmail gid=virmail home=/sd/MAIL_IMAP_POP/%d/%n
driver = static
}
protocol lmtp {
log_path = /sd/_host-1/var/log/dovecot/lmtp.log
mail_plugins = quota notify acl sieve
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns_client
}
service doveadm-server {
name = doveadm
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service login/imap {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/ssl-params {
name = ssl-params
}
service stats-mail {
name = stats
}
}
protocol lda {
info_log_path = /sd/_host-1/var/log/dovecot/lda.log
log_path = /sd/_host-1/var/log/dovecot/lda.err
mail_fsync = optimized
mail_plugins = quota notify acl sieve
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns_client
}
service doveadm-server {
name = doveadm
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service login/imap {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/ssl-params {
name = ssl-params
}
service stats-mail {
name = stats
}
}
protocol imap {
imap_idle_notify_interval = 24 mins
mail_max_userip_connections = 512
mail_plugins = quota notify acl imap_quota imap_acl antispam
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns_client
}
service doveadm-server {
name = doveadm
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service login/imap {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/ssl-params {
name = ssl-params
}
service stats-mail {
name = stats
}
}
protocol sieve {
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns_client
}
service doveadm-server {
name = doveadm
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service login/imap {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/ssl-params {
name = ssl-params
}
service stats-mail {
name = stats
}
}
-------------------------------------------------
Thank you for your help
On 01/28/2017 10:40 PM, Robert Schetterer wrote:> Am 28.01.2017 um 22:22 schrieb dovecot at avv.solutions:
>> Hello Community,
>>
>> I am facing the following question: how is it possible to share
malboxes
>> between domains?
>>
>> Example:
>> - 2 domains present on the same dovecot: domA and domB
>> - userA at domA
>> - userB at domB
>>
>> userA at domA wants to share his mailbox to userB at domB (again same
server)?
>>
>> Thank you for your help.
>>
>> Greetz
> https://wiki2.dovecot.org/ACL
> this works also cross domain
>
> you may use
> https://addons.mozilla.org/de/thunderbird/addon/imap-acl-extension/
>
> or horde webmail, roundcube webmail
>
>
> Best Regards
> MfG Robert Schetterer
>