search for: mail_access_groups

...es seems to say that the mail_privileged_group = mail setting is all I should need to make dovecot use group mail to create dotlock files. My understanding from what I read is that mail_privileged_group is used to set the group used while creating dotlock files in (in my case) /var/spool/mail, and mail_access_groups is used to set the group used to actually access the mailbox. In my case, /var/spool/mail is group 'mail and group writable/searchable drwxrwxr-x 2 root mail 4096 May 7 08:35 /var/spool/mail and the individual mailboxes are owned by the respective users. So it seems that I would need "...

...ssions and partly to do with not wanting users to mess their mail folders / sieve configs up). I specifically don't want to switch to a "single dovecot user" style installation. Current config: mail_location = maildir:/home/mail/%d/%n/Maildir mail_privileged_group = mail mail_access_groups = maildir drwxrws--- 3 nobody maildir 21 2009-11-15 10:52 /home/mail drwxrws--- 4 nobody adomain.com 30 2009-11-15 12:12 /home/mail/adomain.com/ drwxrws--- 3 auser adomain.com 20 2009-11-15 10:52 /home/mail/adomain.com/auser drwxrws--- 3 auser adomain.com 20 2009-11-15 10:52 /home/mail...

"Warning: mail_extra_groups setting was often used insecurely so it is now deprecated, use mail_access_groups or mail_privileged_group instead" I use the following: mail_extra_groups = mail nogroup Because I have the real and virtual accounts. What's the correct way to replace the above line? It seems that mail_privileged_group only accepts one group, but I need two. Any suggestion? Thank...

...ays using mode 0700, if i change the permission of the user maildir all new mails arrived get the correct umask: dovecot: lmtp(24960, *): Debug: Namespace INBOX.: Using permissions from .../maildir: mode=0770 The problem is: I need to all accounts have the permission 0770. Tried to use the option: mail_access_groups but doesn't work at all when the first creation of the user path. "For example a simple way to set up shared mailbox access for all system users is to make all mail dirs/files 0770/0660 mode and owned by group "sharedmail" and then set mail_access_groups=sharedmail. Using more f...

...first connection (ignore chown failure) or b)it should not work for following connection, so the behavior should be more consistent. Also it seems unclear what configuration option is required for making this work in new dovecot versions where configuration is split to mail_privileged_group and mail_access_groups. I see that after reading documentation in 10-mail.conf, some admins expects mail_privileged_group to be enough while mail_access_group is required to prevent fchown failure. Would it be possible to explicitly mention in the config file what option is required? I can add patch with this to our...

...is /home/user/mymail The problem is /var/mail (Owner is useraccount and the group us mail) , and here comes the problem Dovecot keeps trying to chown the imap folder inside the homedirectory with user:mail account and since And this is the reason of error that appears in my log file. The option mail_access_groups=mail solve the problem.. but I read it is not secure.. With my current configutation, users login with imap to read mail , can they use any the mail_access_groups=mail and read other poeple mail ? does my configutation is a shard mailbox and could be unsecure.. my main quesion , for my current co...

With this settings I don't get the expectet result, still get wrong permissions on new mailboxes. Aki did you also try with %u ? > In /etc/dovecot/conf.d/10-mail.conf follow options are set: > mail_gid = mail > mail_privileged_group = mail > mail_access_groups = mail > mail_location = mdbox:/var/spool/mail/%u On 15.05.2018 13:06, Aki Tuomi wrote: > I have to correct myself. I tested with sdbox now too, and it seems that > using > > mail_location=sdbox:~/Mail > > produces the expected behaviour. mdbox uses same code as sdbo...

...gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc2.tar.gz.sig Changes since rc1: * mail_extra_groups setting was commonly used insecurely. This setting is now deprecated. Most users should switch to using mail_privileged_group setting, but if you really need the old functionality use mail_access_groups instead. + Expire plugin now supports wildcards in mailbox names. + dbox: Expire plugin supports moving old mails to alternative dbox directory + Maildir++ quota: quota_rule=?:<rule> specifies a default rule which is used only if the maildirsize file doesn't exist. + If SSL/TLS...

...gz http://dovecot.org/releases/1.1/rc/dovecot-1.1.rc2.tar.gz.sig Changes since rc1: * mail_extra_groups setting was commonly used insecurely. This setting is now deprecated. Most users should switch to using mail_privileged_group setting, but if you really need the old functionality use mail_access_groups instead. + Expire plugin now supports wildcards in mailbox names. + dbox: Expire plugin supports moving old mails to alternative dbox directory + Maildir++ quota: quota_rule=?:<rule> specifies a default rule which is used only if the maildirsize file doesn't exist. + If SSL/TLS...

...May 6 12:48:54 sbh16 dovecot: pop3-login: Login: user=<xxx>, method=PLAIN, rip=72.52.113.36, lip=72.52.113.36, secured I then put "mail_extra_groups = mail" back in the configuration. This seems to have the effect of setting both "mail_privileged_group = mail" and "mail_access_groups = mail" as well as issuing "Warning: mail_extra_groups setting was often used insecurely so it is now deprecated, use mail_access_groups or mail_privileged_group instead" when dovecot is started. So my question is what do I need. I thought it would be just "mail_privileged_grou...

...pectet result, still get wrong >> permissions on new mailboxes. Aki did you also try with %u ? >> >> > In /etc/dovecot/conf.d/10-mail.conf follow options are set: >> > mail_gid = mail >> > mail_privileged_group = mail >> > mail_access_groups = mail >> > mail_location = mdbox:/var/spool/mail/%u >> >> On 15.05.2018 13:06, Aki Tuomi wrote: >>> I have to correct myself. I tested with sdbox now too, and it seems that >>> using >>> >>> mail_location=sdbox:~/Mail >>> &...

...?????drwx--S--- 5 newuser mail 4096 Apr 23 19:31 >>>> /var/spool/mail/newuser/ >>>> >>>> In /etc/dovecot/conf.d/10-mail.conf follow options are set: >>>> ?????mail_gid = mail >>>> ?????mail_privileged_group = mail >>>> ?????mail_access_groups = mail >>>> >>>> I'm missing something to get right group permissions for new mailboxes? >>> >>> What permissions were you expecting? Also, which version of dovecot are >>> you running? >>> >>> Aki >>> >

...imap(io_loop_handler_run+0x110) [0x80d6ad0] -> imap(io_loop_run+0x28) [0x80d5d28] -> imap(main+0x4a1) [0x8067e71] -> /lib/libc.so.6(__libc_start_main+0xe0) [0xb7de6450] -> imap [0x8059d61] ## In my old install, I did have mail_extra_groups = vmail I commented that out and put in: mail_access_groups = vmail mail_privileged_group = vmail The documentation on these parameters is a bit light, so I'm not sure which (or both) to use. Can someone clarify? All the maildirs are owned by group vmail. ### dovecot -n # 1.1.rc5: /etc/dovecot/dovecot.conf ssl_cert_file: /etc/dovecot/ssl/certs/do...

...et up attachment storage, but folders are receiving permission only for current user, so if another user is receiving a mail with same attachment he is getting permission denied error on reading hash file. Is it possible to setup global attachment storage to work with all users, at least in domain? mail_access_groups won't help, as folders are given 0 group permission. Umask and setfacl won't help either.

...770: drwxrws--- 36 root mail 4096 Apr 15 02:30 /var/spool/mail/ But newly created mailboxes get following permissions: drwx--S--- 5 newuser mail 4096 Apr 23 19:31 /var/spool/mail/newuser/ In /etc/dovecot/conf.d/10-mail.conf follow options are set: mail_gid = mail mail_privileged_group = mail mail_access_groups = mail I'm missing something to get right group permissions for new mailboxes?

dear dovecot users, trying to setup this quota-status thingy in dovecot so postfix can query the quota on the mailbox via following in main.cf smtpd_recipient_restrictions = ??? ... ??? check_policy_service inet:127.0.0.1:12340 I got this in my dovecot config service quota-status { ? client_limit = 1 ? executable = quota-status -p postfix ? inet_listener { ??? port = 12340 ? } }

...newly created mailboxes get following permissions: >> ????drwx--S--- 5 newuser mail 4096 Apr 23 19:31 /var/spool/mail/newuser/ >> >> In /etc/dovecot/conf.d/10-mail.conf follow options are set: >> ????mail_gid = mail >> ????mail_privileged_group = mail >> ????mail_access_groups = mail >> >> I'm missing something to get right group permissions for new mailboxes? > > What permissions were you expecting? Also, which version of dovecot are > you running? > > Aki >

...I'm new to dovecot but not Unix or IMAP so I'm sure this is just some configuration option I've missed, any help would be most appreciated. $ /opt/csw/bin/doveconf -n # 2.2.12: /etc/opt/csw/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc disable_plaintext_auth = no first_valid_uid = 100 mail_access_groups = mail mail_location = mbox:~/mail:INBOX=/var/share/mail/%u namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" {...

...supposed to use ACL with system users nowadays? Rubeno P.S: my doveconf -n: # 2.2.31 (65cde28): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.19 (e5c7051) # OS: Linux 4.4.0-119-generic x86_64 Ubuntu 16.04.4 LTS auth_mechanisms = plain login auth_verbose = yes auth_verbose_passwords = plain mail_access_groups = kundividantoj mail_location = maildir:~/Maildir:LAYOUT=fs mail_plugins = acl managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body en...

...ders is a bit cryptic to me. What needs to be done to achieve that? The idea would be that even if I decided to allocated per-virtual-user a system user for stored files, all the files would still be stored and accessible with the same system group. I understand this would be done with the help of mail_access_groups = vmail, right? FWIW, I am getting inspiration from the following explanations: https://www.christianroessler.net/tech/2015/spamassassin-dovecot-postfix.html If I understand correctly, the guy is bypassing the authentication completely with allow_all_users=yes, right? I do not want to do that anyw...