On 10.8.2020 0.58, Jorge Bastos wrote:>
> Howdy,
>
> ?
>
> Is it possible to define IMAP permissions per IT?
>
> What i would like to do is:
>
> ?
>
> * IP 1.1.1.1 IS THE ONLY ONE that has permission for EXPUNGE
>
> ?
>
> Is it possible?
>
> Thanks in advanced,
>
Hi!
This is possible, but can be bit tricky to get right.
It involves setting up userdb
userdb {
? driver = passwd-file
? args = username_format=%r /etc/dovecot/acl.passwd
}
this should be after the one where your users are defined. The previous
userdb should have setting result_success=continue-ok.
the passwd file has lines like
1.1.1.1:*::::: userdb_acl_groups=expunger
then you setup ACL plugin
mail_plugins=$mail_plugins acl
plugin {
? acl = vfile:/etc/dovecot/acl
? acl_globals_only = yes
}
and have lines like these in the ACL file
* authenticated lrwstipkx
* group-override=expunger lrwstipekx
Aki