dovecot - Feb 2018 - ACLs, shared, public, virtual mailboxes not working

Hello,

I'm running Dovecot 2.2.3, and am having issues with my public
folders, shared folders, and virtual/ALl folders apparently ACLs are
on that list as well.

I was debugging an unrelated problem with my smtp server and got the
following dovecot debug log output. Below is also a doveconf -n output
as well as my shared-folder definition file and my global-acls file.

What I'm trying to accomplish is:

1. Have a public folder that any user on the system can put messages
into and respond to.
2. Have a shared folder in which user1 at example.com and
user1 at example2.com can exchange messages.
3. For each user on the system give them a Virtual/All folder for *all
of their messages.

I'd appreciate any help. As an aside if anyone sees an issue with my
SSL ciphers list i'd appreciate knowing that as well, in brief I'm
trying to get the most secure list, pfs, and not worrying about
backware compatibility. If it's not TLS 1.2 I don't touch it.

Thanks.
Dave.
Feb 12 08:48:40 imap(user at example.com): Debug: Module loaded:
/usr/local/lib/dovecot/lib01_acl_plugin.so
Feb 12 08:48:40 imap(user at example.com): Debug: Module loaded:
/usr/local/lib/dovecot/lib02_imap_acl_plugin.so
Feb 12 08:48:40 imap(user at example.com): Debug: Effective uid=999,
gid=999, home=/home/vmail/example.com/user
Feb 12 08:48:40 imap(user at example.com): Debug: Namespace inbox:
type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
Feb 12 08:48:40 imap(user at example.com): Debug: fs:
root=/home/vmail/example.com/user/mail, index=, indexpvt=, control=,
inbox=/home/vmail/example.com/user/mail, altFeb 12 08:48:40 imap(user at
example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username user at
example.com
Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 1
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
type=public, prefix=public/, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes
location=maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
Feb 12 08:48:40 imap(user at example.com): Debug: fs:
root=/home/vmail/public,
index=/home/vmail/example.com/user/mail/public,
indexpvt=/home/vmail/example.com/user/mail/public,
control=/home/vmail/example.com/user/mail/public, inbox=, altFeb 12 08:48:40
imap(user at example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username user at
example.com
Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 0
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=maildir:~/mail/:INDEX=~/mail/shared/%Ld/%Ln
Feb 12 08:48:40 imap(user at example.com): Debug: shared:
root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, altFeb 12 08:48:40
imap(user at example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username user at
example.com
Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 0
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
type=private, prefix=virtual/, sep=/, inbox=no, hidden=no, list=yes,
subscriptions=yes location=virtual:/usr/local/etc/dovecot/virtual
Feb 12 08:48:40 imap(user at example.com): Debug: fs:
root=/usr/local/etc/dovecot/virtual, index=, indexpvt=, control=,
inbox=, altFeb 12 08:48:40 imap(user at example.com): Debug: acl: initializing
backend with data:
vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username user at
example.com
Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 1
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
file: /usr/local/etc/dovecot/global-acls
Feb 12 08:48:40 imap(user at example.com): Debug: quota: quota_over_flag
check: quota_over_script unset - skipping
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Drafts/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Spam/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Trash/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Sent/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Archives/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/logcheck/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/public/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
'public/TestFolder' matches global ACL pattern
'public/TestFolder'
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/public/TestFolder/dovecot-acl not
found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/virtual/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/.Junk/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/ham/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/fail2ban/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/.Sent/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/.Trash/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Maildir/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Maildir/public/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Maildir/public/.TestFolder/dovecot-acl
not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Deleted Items/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Archive/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/home/vmail/example.com/user/mail/Junk/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
'public/TestFolder' matches global ACL pattern
'public/TestFolder'
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
/home/vmail/public/TestFolder/dovecot-acl
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
/home/vmail/public/TestFolder1/dovecot-acl
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
/home/vmail/public/dovecot-acl
Feb 12 08:48:40 imap(user at example.com): Debug: acl: No lookup right to
mailbox: public/TestFolder1
Feb 12 08:48:40 imap(user at example.com): Debug: Namespace shared/:
Using permissions from : mode=0700 gid=default
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/usr/local/etc/dovecot/virtual/dovecot-acl not found
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
/usr/local/etc/dovecot/virtual/All/dovecot-acl not found

doveconf -n
# 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: FreeBSD 11.1-RELEASE-p4 amd64
auth_default_realm = example.com
auth_mechanisms = plain login
auth_realms = example.com example2.com
dict {
  acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
  sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
}
first_valid_gid = 999
first_valid_uid = 999
hostname = mail.example.com
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
last_valid_gid = 999
last_valid_uid = 999
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = 127.0.0.1 xxx.xxx.xxx.xxx
lmtp_rcpt_check_quota = yes
mail_access_groups = vmail
mail_fsync = never
mail_gid = vmail
mail_home = /home/vmail/%d/%n
mail_location = maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome zlib
mail_server_admin = mailto:postmaster at example.com
mail_uid = vmail
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
namespace {
  hidden = no
  list = yes
  location =
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
  mailbox TestFolder {
    auto = subscribe
    comment = Public Folder for message sharing
  }
  prefix = public/
  separator = /
  subscriptions = yes
  type = public
}
namespace {
  list = yes
  location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
  prefix = shared/%%u/
  separator = /
  subscriptions = yes
  type = shared
}
namespace {
  location = virtual:/usr/local/etc/dovecot/virtual
  mailbox All {
    auto = subscribe
    comment = All my messages
    special_use = \All
  }
  prefix = virtual/
  separator = /
}
namespace inbox {
  inbox = yes
  location   mailbox Archive {
    auto = no
    special_use = \Archive
  }
  mailbox Archives {
    auto = subscribe
    special_use = \Archive
  }
  mailbox "Deleted Messages" {
    auto = no
    autoexpunge = 30 days
    special_use = \Trash
  }
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Junk {
    auto = no
    autoexpunge = 30 days
    special_use = \Junk
  }
  mailbox "Junk E-mail" {
    auto = no
    autoexpunge = 30 days
    special_use = \Junk
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox "Sent Items" {
    auto = no
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    auto = no
    special_use = \Sent
  }
  mailbox Spam {
    auto = subscribe
    autoexpunge = 30 days
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    autoexpunge = 30 days
    special_use = \Trash
  }
  prefix   separator = /
  type = private
}
passdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
  acl_anyone = allow
  acl_shared_dict = proxy::acl
  imapsieve_mailbox1_before file:/usr/local/lib/dovecot/sieve/report-spam.sieve
  imapsieve_mailbox1_causes = COPY
  imapsieve_mailbox1_name = Spam
  imapsieve_mailbox2_before = file:/usr/local/lib/dovecot/sieve/report-ham.sieve
  imapsieve_mailbox2_causes = COPY
  imapsieve_mailbox2_from = Spam
  imapsieve_mailbox2_name = *
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  quota = count:User quota
  quota_clone_dict = proxy::sqlquota
  quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
  quota_grace = 10%%
  quota_status_nouser = DUNNO
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
  quota_vsizes = true
  quota_warning = storage=100%% quota-exceeded 100 %u
  quota_warning2 = storage=95%% quota-warning 95 %u
  quota_warning3 = storage=90%% quota-warning 90 %u
  quota_warning4 = storage=85%% quota-warning 85 %u
  quota_warning5 = storage=75%% quota-warning 75 %u
  sieve = ~/.dovecot.sieve
  sieve_before = /home/vmail/sieve/before.d
  sieve_default = /home/vmail/sieve/default.sieve
  sieve_dir = ~/sieve
  sieve_extensions = +notify +imapflags
  sieve_global_dir = /home/vmail/sieve
  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
  sieve_max_redirects = 30
  sieve_max_script_size = 1M
  sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_user_log = /home/vmail/sieve/sieve_error.log
  trash = /usr/local/etc/dovecot/trash.conf
  welcome_script = welcome %u
  welcome_wait = yes
}
postmaster_address = postmaster at example.com
protocols = imap lmtp sieve
sendmail_path = /usr/local/sbin/sendmail
service auth-worker {
  user = $default_internal_user
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-userdb {
    group = vmail
    mode = 0666
    user = vmail
  }
}
service dict {
  unix_listener dict {
    group = vmail
    mode = 0660
    user = vmail
  }
}
service imap-login {
  inet_listener imap {
    address = 127.0.0.1
    port = 143
  }
  inet_listener imaps {
    address = xxx.xxx.xxx.xxx
    port = 993
    ssl = yes
  }
}
service imap {
  executable = imap
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
    address = 127.0.0.1
    port = 4190
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  unix_listener /var/spool/postfix/private/dovecot-quota {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service quota-warning {
  executable = script /usr/local/etc/dovecot/quota-warning.sh
  unix_listener quota-warning {
    group = vmail
    mode = 0660
    user = vmail
  }
  user = vmail
}
service welcome {
  executable = script /usr/local/etc/dovecot/welcome.sh
  unix_listener welcome {
    user = vmail
  }
  user = vmail
}
ssl = required
ssl_cert = </usr/local/etc/ssl/acme/example.com/fullchain.pem
ssl_cipher_list
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
at STRENGTH
ssl_dh_parameters_length = 2048
ssl_key =  # hidden, use -P to show it
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
userdb {
  args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocol lmtp {
  mail_plugins = acl mail_log notify quota quota_clone trash virtual
welcome zlib quota sieve
}
protocol lda {
  mail_fsync = optimized
  mail_plugins = acl mail_log notify quota quota_clone trash virtual
welcome zlib sieve
}
protocol imap {
  mail_plugins = acl mail_log notify quota quota_clone trash virtual
welcome zlib imap_acl imap_quota imap_sieve imap_zlib last_login
}

shared-folders.conf
connect = DatabaseConnectionParameters
# For shared mailboxes
map {
  pattern = shared/shared-boxes/user/$to/$from
  table = user_shares
  value_field = dummy

  fields {
    from_user = $from
    to_user = $to
  }
}

# To share mailbox to anyone uncomment acl_anyone=allow in
# 90-acl.conf
map {
  pattern = shared/shared-boxes/anyone/$from
  table = anyone_shares
  value_field = dummy

  fields {
    from_user = $from
  }
}

global-acls
public/TestFolder user=user lrwstipekxa

Hi!

It seems you are running 2.2.33.2 =)

Also,

Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
'public/TestFolder' matches global ACL pattern
'public/TestFolder'
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
/home/vmail/public/TestFolder/dovecot-acl
Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
/home/vmail/public/dovecot-acl

it seems there are some folder specific ACLs, can you check these?

Aki

On 15.02.2018 10:40, David Mehler wrote:
> Hello,
>
> I'm running Dovecot 2.2.3, and am having issues with my public
> folders, shared folders, and virtual/ALl folders apparently ACLs are
> on that list as well.
>
> I was debugging an unrelated problem with my smtp server and got the
> following dovecot debug log output. Below is also a doveconf -n output
> as well as my shared-folder definition file and my global-acls file.
>
> What I'm trying to accomplish is:
>
> 1. Have a public folder that any user on the system can put messages
> into and respond to.
> 2. Have a shared folder in which user1 at example.com and
> user1 at example2.com can exchange messages.
> 3. For each user on the system give them a Virtual/All folder for *all
> of their messages.
>
> I'd appreciate any help. As an aside if anyone sees an issue with my
> SSL ciphers list i'd appreciate knowing that as well, in brief I'm
> trying to get the most secure list, pfs, and not worrying about
> backware compatibility. If it's not TLS 1.2 I don't touch it.
>
> Thanks.
> Dave.
> Feb 12 08:48:40 imap(user at example.com): Debug: Module loaded:
> /usr/local/lib/dovecot/lib01_acl_plugin.so
> Feb 12 08:48:40 imap(user at example.com): Debug: Module loaded:
> /usr/local/lib/dovecot/lib02_imap_acl_plugin.so
> Feb 12 08:48:40 imap(user at example.com): Debug: Effective uid=999,
> gid=999, home=/home/vmail/example.com/user
> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace inbox:
> type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
> subscriptions=yes location=maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
> Feb 12 08:48:40 imap(user at example.com): Debug: fs:
> root=/home/vmail/example.com/user/mail, index=, indexpvt=, control=,
> inbox=/home/vmail/example.com/user/mail, alt> Feb 12 08:48:40 imap(user
at example.com): Debug: acl: initializing
> backend with data:
> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username >
user at example.com
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 1
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
> file: /usr/local/etc/dovecot/global-acls
> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
> type=public, prefix=public/, sep=/, inbox=no, hidden=no, list=yes,
> subscriptions=yes
>
location=maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
> Feb 12 08:48:40 imap(user at example.com): Debug: fs:
> root=/home/vmail/public,
> index=/home/vmail/example.com/user/mail/public,
> indexpvt=/home/vmail/example.com/user/mail/public,
> control=/home/vmail/example.com/user/mail/public, inbox=, alt> Feb 12
08:48:40 imap(user at example.com): Debug: acl: initializing
> backend with data:
> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username >
user at example.com
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 0
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
> file: /usr/local/etc/dovecot/global-acls
> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
> type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes,
> subscriptions=yes location=maildir:~/mail/:INDEX=~/mail/shared/%Ld/%Ln
> Feb 12 08:48:40 imap(user at example.com): Debug: shared:
> root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt> Feb 12
08:48:40 imap(user at example.com): Debug: acl: initializing
> backend with data:
> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username >
user at example.com
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 0
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
> file: /usr/local/etc/dovecot/global-acls
> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
> type=private, prefix=virtual/, sep=/, inbox=no, hidden=no, list=yes,
> subscriptions=yes location=virtual:/usr/local/etc/dovecot/virtual
> Feb 12 08:48:40 imap(user at example.com): Debug: fs:
> root=/usr/local/etc/dovecot/virtual, index=, indexpvt=, control=,
> inbox=, alt> Feb 12 08:48:40 imap(user at example.com): Debug: acl:
initializing
> backend with data:
> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username >
user at example.com
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 1
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
> file: /usr/local/etc/dovecot/global-acls
> Feb 12 08:48:40 imap(user at example.com): Debug: quota: quota_over_flag
> check: quota_over_script unset - skipping
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Drafts/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Spam/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Trash/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Sent/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Archives/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/logcheck/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/public/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
> 'public/TestFolder' matches global ACL pattern
'public/TestFolder'
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/public/TestFolder/dovecot-acl not
> found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/virtual/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/.Junk/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/ham/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/fail2ban/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/.Sent/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/.Trash/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Maildir/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Maildir/public/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Maildir/public/.TestFolder/dovecot-acl
> not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Deleted Items/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Archive/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /home/vmail/example.com/user/mail/Junk/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
> 'public/TestFolder' matches global ACL pattern
'public/TestFolder'
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
> /home/vmail/public/TestFolder/dovecot-acl
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
> /home/vmail/public/TestFolder1/dovecot-acl
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
> /home/vmail/public/dovecot-acl
> Feb 12 08:48:40 imap(user at example.com): Debug: acl: No lookup right to
> mailbox: public/TestFolder1
> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace shared/:
> Using permissions from : mode=0700 gid=default
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /usr/local/etc/dovecot/virtual/dovecot-acl not found
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
> /usr/local/etc/dovecot/virtual/All/dovecot-acl not found
>
> doveconf -n
> # 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.21 (92477967)
> # OS: FreeBSD 11.1-RELEASE-p4 amd64
> auth_default_realm = example.com
> auth_mechanisms = plain login
> auth_realms = example.com example2.com
> dict {
>   acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
>   sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
> }
> first_valid_gid = 999
> first_valid_uid = 999
> hostname = mail.example.com
> imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
> last_valid_gid = 999
> last_valid_uid = 999
> lda_mailbox_autocreate = yes
> lda_mailbox_autosubscribe = yes
> listen = 127.0.0.1 xxx.xxx.xxx.xxx
> lmtp_rcpt_check_quota = yes
> mail_access_groups = vmail
> mail_fsync = never
> mail_gid = vmail
> mail_home = /home/vmail/%d/%n
> mail_location = maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
> mail_plugins = acl mail_log notify quota quota_clone trash virtual welcome
zlib
> mail_server_admin = mailto:postmaster at example.com
> mail_uid = vmail
> mailbox_list_index = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate mime foreverypart
> extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
> namespace {
>   hidden = no
>   list = yes
>   location =
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
>   mailbox TestFolder {
>     auto = subscribe
>     comment = Public Folder for message sharing
>   }
>   prefix = public/
>   separator = /
>   subscriptions = yes
>   type = public
> }
> namespace {
>   list = yes
>   location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
>   prefix = shared/%%u/
>   separator = /
>   subscriptions = yes
>   type = shared
> }
> namespace {
>   location = virtual:/usr/local/etc/dovecot/virtual
>   mailbox All {
>     auto = subscribe
>     comment = All my messages
>     special_use = \All
>   }
>   prefix = virtual/
>   separator = /
> }
> namespace inbox {
>   inbox = yes
>   location >   mailbox Archive {
>     auto = no
>     special_use = \Archive
>   }
>   mailbox Archives {
>     auto = subscribe
>     special_use = \Archive
>   }
>   mailbox "Deleted Messages" {
>     auto = no
>     autoexpunge = 30 days
>     special_use = \Trash
>   }
>   mailbox Drafts {
>     auto = subscribe
>     special_use = \Drafts
>   }
>   mailbox Junk {
>     auto = no
>     autoexpunge = 30 days
>     special_use = \Junk
>   }
>   mailbox "Junk E-mail" {
>     auto = no
>     autoexpunge = 30 days
>     special_use = \Junk
>   }
>   mailbox Sent {
>     auto = subscribe
>     special_use = \Sent
>   }
>   mailbox "Sent Items" {
>     auto = no
>     special_use = \Sent
>   }
>   mailbox "Sent Messages" {
>     auto = no
>     special_use = \Sent
>   }
>   mailbox Spam {
>     auto = subscribe
>     autoexpunge = 30 days
>     special_use = \Junk
>   }
>   mailbox Trash {
>     auto = subscribe
>     autoexpunge = 30 days
>     special_use = \Trash
>   }
>   prefix >   separator = /
>   type = private
> }
> passdb {
>   args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> plugin {
>   acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>   acl_anyone = allow
>   acl_shared_dict = proxy::acl
>   imapsieve_mailbox1_before >
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
>   imapsieve_mailbox1_causes = COPY
>   imapsieve_mailbox1_name = Spam
>   imapsieve_mailbox2_before =
file:/usr/local/lib/dovecot/sieve/report-ham.sieve
>   imapsieve_mailbox2_causes = COPY
>   imapsieve_mailbox2_from = Spam
>   imapsieve_mailbox2_name = *
>   mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
>   mail_log_fields = uid box msgid size
>   quota = count:User quota
>   quota_clone_dict = proxy::sqlquota
>   quota_exceeded_message = Storage quota for this account has been
> exceeded, please try again later.
>   quota_grace = 10%%
>   quota_status_nouser = DUNNO
>   quota_status_overquota = 552 5.2.2 Mailbox is full
>   quota_status_success = DUNNO
>   quota_vsizes = true
>   quota_warning = storage=100%% quota-exceeded 100 %u
>   quota_warning2 = storage=95%% quota-warning 95 %u
>   quota_warning3 = storage=90%% quota-warning 90 %u
>   quota_warning4 = storage=85%% quota-warning 85 %u
>   quota_warning5 = storage=75%% quota-warning 75 %u
>   sieve = ~/.dovecot.sieve
>   sieve_before = /home/vmail/sieve/before.d
>   sieve_default = /home/vmail/sieve/default.sieve
>   sieve_dir = ~/sieve
>   sieve_extensions = +notify +imapflags
>   sieve_global_dir = /home/vmail/sieve
>   sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
>   sieve_max_redirects = 30
>   sieve_max_script_size = 1M
>   sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
>   sieve_plugins = sieve_imapsieve sieve_extprograms
>   sieve_user_log = /home/vmail/sieve/sieve_error.log
>   trash = /usr/local/etc/dovecot/trash.conf
>   welcome_script = welcome %u
>   welcome_wait = yes
> }
> postmaster_address = postmaster at example.com
> protocols = imap lmtp sieve
> sendmail_path = /usr/local/sbin/sendmail
> service auth-worker {
>   user = $default_internal_user
> }
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0660
>     user = postfix
>   }
>   unix_listener auth-userdb {
>     group = vmail
>     mode = 0666
>     user = vmail
>   }
> }
> service dict {
>   unix_listener dict {
>     group = vmail
>     mode = 0660
>     user = vmail
>   }
> }
> service imap-login {
>   inet_listener imap {
>     address = 127.0.0.1
>     port = 143
>   }
>   inet_listener imaps {
>     address = xxx.xxx.xxx.xxx
>     port = 993
>     ssl = yes
>   }
> }
> service imap {
>   executable = imap
> }
> service lmtp {
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>     group = postfix
>     mode = 0660
>     user = postfix
>   }
> }
> service managesieve-login {
>   inet_listener sieve {
>     address = 127.0.0.1
>     port = 4190
>   }
> }
> service quota-status {
>   client_limit = 1
>   executable = quota-status -p postfix
>   unix_listener /var/spool/postfix/private/dovecot-quota {
>     group = postfix
>     mode = 0660
>     user = postfix
>   }
> }
> service quota-warning {
>   executable = script /usr/local/etc/dovecot/quota-warning.sh
>   unix_listener quota-warning {
>     group = vmail
>     mode = 0660
>     user = vmail
>   }
>   user = vmail
> }
> service welcome {
>   executable = script /usr/local/etc/dovecot/welcome.sh
>   unix_listener welcome {
>     user = vmail
>   }
>   user = vmail
> }
> ssl = required
> ssl_cert = </usr/local/etc/ssl/acme/example.com/fullchain.pem
> ssl_cipher_list >
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
at STRENGTH
> ssl_dh_parameters_length = 2048
> ssl_key =  # hidden, use -P to show it
> ssl_options = no_compression
> ssl_prefer_server_ciphers = yes
> ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
> userdb {
>   args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> protocol lmtp {
>   mail_plugins = acl mail_log notify quota quota_clone trash virtual
> welcome zlib quota sieve
> }
> protocol lda {
>   mail_fsync = optimized
>   mail_plugins = acl mail_log notify quota quota_clone trash virtual
> welcome zlib sieve
> }
> protocol imap {
>   mail_plugins = acl mail_log notify quota quota_clone trash virtual
> welcome zlib imap_acl imap_quota imap_sieve imap_zlib last_login
> }
>
> shared-folders.conf
> connect = DatabaseConnectionParameters
> # For shared mailboxes
> map {
>   pattern = shared/shared-boxes/user/$to/$from
>   table = user_shares
>   value_field = dummy
>
>   fields {
>     from_user = $from
>     to_user = $to
>   }
> }
>
> # To share mailbox to anyone uncomment acl_anyone=allow in
> # 90-acl.conf
> map {
>   pattern = shared/shared-boxes/anyone/$from
>   table = anyone_shares
>   value_field = dummy
>
>   fields {
>     from_user = $from
>   }
> }
>
> global-acls
> public/TestFolder user=user lrwstipekxa

Hello,

Thank you for your reply. Here's my acl files:


public/TestFolder dovecot-acl
anyone lr
user=user1 akxeilprwts
-user=user1
user=user2 lr

public/TestFolder1 dovecot-acl
user=user1 lr
user=user2 lr

public/dovecot-acl
user=user1 lr
user=user2 lr

and I have another dovecot-acl file in shared/office folder:

user=user1 at domain.com lrwstipekxa
user=user2 at domain.com lrwstipekxa

Thanks.
Dave.


On 2/15/18, Aki Tuomi <aki.tuomi at dovecot.fi>
wrote:
> Hi!
>
> It seems you are running 2.2.33.2 =)
>
> Also,
>
> Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
> 'public/TestFolder' matches global ACL pattern
'public/TestFolder'
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
> /home/vmail/public/TestFolder/dovecot-acl
> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading file
> /home/vmail/public/dovecot-acl
>
> it seems there are some folder specific ACLs, can you check these?
>
> Aki
>
> On 15.02.2018 10:40, David Mehler wrote:
>> Hello,
>>
>> I'm running Dovecot 2.2.3, and am having issues with my public
>> folders, shared folders, and virtual/ALl folders apparently ACLs are
>> on that list as well.
>>
>> I was debugging an unrelated problem with my smtp server and got the
>> following dovecot debug log output. Below is also a doveconf -n output
>> as well as my shared-folder definition file and my global-acls file.
>>
>> What I'm trying to accomplish is:
>>
>> 1. Have a public folder that any user on the system can put messages
>> into and respond to.
>> 2. Have a shared folder in which user1 at example.com and
>> user1 at example2.com can exchange messages.
>> 3. For each user on the system give them a Virtual/All folder for *all
>> of their messages.
>>
>> I'd appreciate any help. As an aside if anyone sees an issue with
my
>> SSL ciphers list i'd appreciate knowing that as well, in brief
I'm
>> trying to get the most secure list, pfs, and not worrying about
>> backware compatibility. If it's not TLS 1.2 I don't touch it.
>>
>> Thanks.
>> Dave.
>> Feb 12 08:48:40 imap(user at example.com): Debug: Module loaded:
>> /usr/local/lib/dovecot/lib01_acl_plugin.so
>> Feb 12 08:48:40 imap(user at example.com): Debug: Module loaded:
>> /usr/local/lib/dovecot/lib02_imap_acl_plugin.so
>> Feb 12 08:48:40 imap(user at example.com): Debug: Effective uid=999,
>> gid=999, home=/home/vmail/example.com/user
>> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace inbox:
>> type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes,
>> subscriptions=yes location=maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
>> Feb 12 08:48:40 imap(user at example.com): Debug: fs:
>> root=/home/vmail/example.com/user/mail, index=, indexpvt=, control=,
>> inbox=/home/vmail/example.com/user/mail, alt>> Feb 12 08:48:40
imap(user at example.com): Debug: acl: initializing
>> backend with data:
>> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username
>> user at example.com
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 1
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
>> file: /usr/local/etc/dovecot/global-acls
>> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
>> type=public, prefix=public/, sep=/, inbox=no, hidden=no, list=yes,
>> subscriptions=yes
>>
location=maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
>> Feb 12 08:48:40 imap(user at example.com): Debug: fs:
>> root=/home/vmail/public,
>> index=/home/vmail/example.com/user/mail/public,
>> indexpvt=/home/vmail/example.com/user/mail/public,
>> control=/home/vmail/example.com/user/mail/public, inbox=, alt>>
Feb 12 08:48:40 imap(user at example.com): Debug: acl: initializing
>> backend with data:
>> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username
>> user at example.com
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 0
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
>> file: /usr/local/etc/dovecot/global-acls
>> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
>> type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=yes,
>> subscriptions=yes location=maildir:~/mail/:INDEX=~/mail/shared/%Ld/%Ln
>> Feb 12 08:48:40 imap(user at example.com): Debug: shared:
>> root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt>>
Feb 12 08:48:40 imap(user at example.com): Debug: acl: initializing
>> backend with data:
>> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username
>> user at example.com
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 0
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
>> file: /usr/local/etc/dovecot/global-acls
>> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace :
>> type=private, prefix=virtual/, sep=/, inbox=no, hidden=no, list=yes,
>> subscriptions=yes location=virtual:/usr/local/etc/dovecot/virtual
>> Feb 12 08:48:40 imap(user at example.com): Debug: fs:
>> root=/usr/local/etc/dovecot/virtual, index=, indexpvt=, control=,
>> inbox=, alt>> Feb 12 08:48:40 imap(user at example.com): Debug:
acl: initializing
>> backend with data:
>> vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: acl username
>> user at example.com
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: owner = 1
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: Global ACL
>> file: /usr/local/etc/dovecot/global-acls
>> Feb 12 08:48:40 imap(user at example.com): Debug: quota:
quota_over_flag
>> check: quota_over_script unset - skipping
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Drafts/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Spam/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Trash/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Sent/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Archives/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/logcheck/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/public/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
>> 'public/TestFolder' matches global ACL pattern
'public/TestFolder'
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/public/TestFolder/dovecot-acl not
>> found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/virtual/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/.Junk/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/ham/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/fail2ban/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/.Sent/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/.Trash/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Maildir/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Maildir/public/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>>
/home/vmail/example.com/user/mail/Maildir/public/.TestFolder/dovecot-acl
>> not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Deleted Items/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Archive/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /home/vmail/example.com/user/mail/Junk/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: Mailbox
>> 'public/TestFolder' matches global ACL pattern
'public/TestFolder'
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading
file
>> /home/vmail/public/TestFolder/dovecot-acl
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading
file
>> /home/vmail/public/TestFolder1/dovecot-acl
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: reading
file
>> /home/vmail/public/dovecot-acl
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl: No lookup right
to
>> mailbox: public/TestFolder1
>> Feb 12 08:48:40 imap(user at example.com): Debug: Namespace shared/:
>> Using permissions from : mode=0700 gid=default
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /usr/local/etc/dovecot/virtual/dovecot-acl not found
>> Feb 12 08:48:40 imap(user at example.com): Debug: acl vfile: file
>> /usr/local/etc/dovecot/virtual/All/dovecot-acl not found
>>
>> doveconf -n
>> # 2.2.33.2 (d6601f4ec): /usr/local/etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.21 (92477967)
>> # OS: FreeBSD 11.1-RELEASE-p4 amd64
>> auth_default_realm = example.com
>> auth_mechanisms = plain login
>> auth_realms = example.com example2.com
>> dict {
>>   acl = mysql:/usr/local/etc/dovecot/shared-folders.conf
>>   sqlquota = mysql:/usr/local/etc/dovecot/quota.conf
>> }
>> first_valid_gid = 999
>> first_valid_uid = 999
>> hostname = mail.example.com
>> imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
>> tb-lsub-flags
>> last_valid_gid = 999
>> last_valid_uid = 999
>> lda_mailbox_autocreate = yes
>> lda_mailbox_autosubscribe = yes
>> listen = 127.0.0.1 xxx.xxx.xxx.xxx
>> lmtp_rcpt_check_quota = yes
>> mail_access_groups = vmail
>> mail_fsync = never
>> mail_gid = vmail
>> mail_home = /home/vmail/%d/%n
>> mail_location = maildir:~/mail/:LAYOUT=fs:INDEX=~/mail/
>> mail_plugins = acl mail_log notify quota quota_clone trash virtual
welcome
>> zlib
>> mail_server_admin = mailto:postmaster at example.com
>> mail_uid = vmail
>> mailbox_list_index = yes
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate mime foreverypart
>> extracttext imapflags notify imapsieve vnd.dovecot.imapsieve
>> namespace {
>>   hidden = no
>>   list = yes
>>   location >>
maildir:/home/vmail/public/:LAYOUT=fs:CONTROL=~/mail/public:INDEXPVT=~/mail/public:INDEX=~/mail/public
>>   mailbox TestFolder {
>>     auto = subscribe
>>     comment = Public Folder for message sharing
>>   }
>>   prefix = public/
>>   separator = /
>>   subscriptions = yes
>>   type = public
>> }
>> namespace {
>>   list = yes
>>   location = maildir:~/mail/:INDEX=~/mail/shared/%%Ld/%%Ln
>>   prefix = shared/%%u/
>>   separator = /
>>   subscriptions = yes
>>   type = shared
>> }
>> namespace {
>>   location = virtual:/usr/local/etc/dovecot/virtual
>>   mailbox All {
>>     auto = subscribe
>>     comment = All my messages
>>     special_use = \All
>>   }
>>   prefix = virtual/
>>   separator = /
>> }
>> namespace inbox {
>>   inbox = yes
>>   location >>   mailbox Archive {
>>     auto = no
>>     special_use = \Archive
>>   }
>>   mailbox Archives {
>>     auto = subscribe
>>     special_use = \Archive
>>   }
>>   mailbox "Deleted Messages" {
>>     auto = no
>>     autoexpunge = 30 days
>>     special_use = \Trash
>>   }
>>   mailbox Drafts {
>>     auto = subscribe
>>     special_use = \Drafts
>>   }
>>   mailbox Junk {
>>     auto = no
>>     autoexpunge = 30 days
>>     special_use = \Junk
>>   }
>>   mailbox "Junk E-mail" {
>>     auto = no
>>     autoexpunge = 30 days
>>     special_use = \Junk
>>   }
>>   mailbox Sent {
>>     auto = subscribe
>>     special_use = \Sent
>>   }
>>   mailbox "Sent Items" {
>>     auto = no
>>     special_use = \Sent
>>   }
>>   mailbox "Sent Messages" {
>>     auto = no
>>     special_use = \Sent
>>   }
>>   mailbox Spam {
>>     auto = subscribe
>>     autoexpunge = 30 days
>>     special_use = \Junk
>>   }
>>   mailbox Trash {
>>     auto = subscribe
>>     autoexpunge = 30 days
>>     special_use = \Trash
>>   }
>>   prefix >>   separator = /
>>   type = private
>> }
>> passdb {
>>   args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>>   driver = sql
>> }
>> plugin {
>>   acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300
>>   acl_anyone = allow
>>   acl_shared_dict = proxy::acl
>>   imapsieve_mailbox1_before >>
file:/usr/local/lib/dovecot/sieve/report-spam.sieve
>>   imapsieve_mailbox1_causes = COPY
>>   imapsieve_mailbox1_name = Spam
>>   imapsieve_mailbox2_before >>
file:/usr/local/lib/dovecot/sieve/report-ham.sieve
>>   imapsieve_mailbox2_causes = COPY
>>   imapsieve_mailbox2_from = Spam
>>   imapsieve_mailbox2_name = *
>>   mail_log_events = delete undelete expunge copy mailbox_delete
>> mailbox_rename
>>   mail_log_fields = uid box msgid size
>>   quota = count:User quota
>>   quota_clone_dict = proxy::sqlquota
>>   quota_exceeded_message = Storage quota for this account has been
>> exceeded, please try again later.
>>   quota_grace = 10%%
>>   quota_status_nouser = DUNNO
>>   quota_status_overquota = 552 5.2.2 Mailbox is full
>>   quota_status_success = DUNNO
>>   quota_vsizes = true
>>   quota_warning = storage=100%% quota-exceeded 100 %u
>>   quota_warning2 = storage=95%% quota-warning 95 %u
>>   quota_warning3 = storage=90%% quota-warning 90 %u
>>   quota_warning4 = storage=85%% quota-warning 85 %u
>>   quota_warning5 = storage=75%% quota-warning 75 %u
>>   sieve = ~/.dovecot.sieve
>>   sieve_before = /home/vmail/sieve/before.d
>>   sieve_default = /home/vmail/sieve/default.sieve
>>   sieve_dir = ~/sieve
>>   sieve_extensions = +notify +imapflags
>>   sieve_global_dir = /home/vmail/sieve
>>   sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
>>   sieve_max_redirects = 30
>>   sieve_max_script_size = 1M
>>   sieve_pipe_bin_dir = /usr/local/lib/dovecot/sieve
>>   sieve_plugins = sieve_imapsieve sieve_extprograms
>>   sieve_user_log = /home/vmail/sieve/sieve_error.log
>>   trash = /usr/local/etc/dovecot/trash.conf
>>   welcome_script = welcome %u
>>   welcome_wait = yes
>> }
>> postmaster_address = postmaster at example.com
>> protocols = imap lmtp sieve
>> sendmail_path = /usr/local/sbin/sendmail
>> service auth-worker {
>>   user = $default_internal_user
>> }
>> service auth {
>>   unix_listener /var/spool/postfix/private/auth {
>>     group = postfix
>>     mode = 0660
>>     user = postfix
>>   }
>>   unix_listener auth-userdb {
>>     group = vmail
>>     mode = 0666
>>     user = vmail
>>   }
>> }
>> service dict {
>>   unix_listener dict {
>>     group = vmail
>>     mode = 0660
>>     user = vmail
>>   }
>> }
>> service imap-login {
>>   inet_listener imap {
>>     address = 127.0.0.1
>>     port = 143
>>   }
>>   inet_listener imaps {
>>     address = xxx.xxx.xxx.xxx
>>     port = 993
>>     ssl = yes
>>   }
>> }
>> service imap {
>>   executable = imap
>> }
>> service lmtp {
>>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>>     group = postfix
>>     mode = 0660
>>     user = postfix
>>   }
>> }
>> service managesieve-login {
>>   inet_listener sieve {
>>     address = 127.0.0.1
>>     port = 4190
>>   }
>> }
>> service quota-status {
>>   client_limit = 1
>>   executable = quota-status -p postfix
>>   unix_listener /var/spool/postfix/private/dovecot-quota {
>>     group = postfix
>>     mode = 0660
>>     user = postfix
>>   }
>> }
>> service quota-warning {
>>   executable = script /usr/local/etc/dovecot/quota-warning.sh
>>   unix_listener quota-warning {
>>     group = vmail
>>     mode = 0660
>>     user = vmail
>>   }
>>   user = vmail
>> }
>> service welcome {
>>   executable = script /usr/local/etc/dovecot/welcome.sh
>>   unix_listener welcome {
>>     user = vmail
>>   }
>>   user = vmail
>> }
>> ssl = required
>> ssl_cert = </usr/local/etc/ssl/acme/example.com/fullchain.pem
>> ssl_cipher_list >>
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
at STRENGTH
>> ssl_dh_parameters_length = 2048
>> ssl_key =  # hidden, use -P to show it
>> ssl_options = no_compression
>> ssl_prefer_server_ciphers = yes
>> ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
>> userdb {
>>   args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>>   driver = sql
>> }
>> protocol lmtp {
>>   mail_plugins = acl mail_log notify quota quota_clone trash virtual
>> welcome zlib quota sieve
>> }
>> protocol lda {
>>   mail_fsync = optimized
>>   mail_plugins = acl mail_log notify quota quota_clone trash virtual
>> welcome zlib sieve
>> }
>> protocol imap {
>>   mail_plugins = acl mail_log notify quota quota_clone trash virtual
>> welcome zlib imap_acl imap_quota imap_sieve imap_zlib last_login
>> }
>>
>> shared-folders.conf
>> connect = DatabaseConnectionParameters
>> # For shared mailboxes
>> map {
>>   pattern = shared/shared-boxes/user/$to/$from
>>   table = user_shares
>>   value_field = dummy
>>
>>   fields {
>>     from_user = $from
>>     to_user = $to
>>   }
>> }
>>
>> # To share mailbox to anyone uncomment acl_anyone=allow in
>> # 90-acl.conf
>> map {
>>   pattern = shared/shared-boxes/anyone/$from
>>   table = anyone_shares
>>   value_field = dummy
>>
>>   fields {
>>     from_user = $from
>>   }
>> }
>>
>> global-acls
>> public/TestFolder user=user lrwstipekxa
>
>