Hi
I appreciate this has been discussed before but I dont believe there was a solution given which met my needs so I thought Id run this by the list. I would like to prevent the owner of a mailbox deleting it, the reason being that if this is done accidently or maliciously the child messages are removed from the dbmail database and not recoverably without a major effort involving recovery from backups. Normally of course if someone accidently (or maliciously) deletes a message and even purges it the message remains in the database until dbmail-util is run with the correct flags. Unfortunately it is quite frequent for there to be a delay between a user deleting folder and this being brought to anyones attention. Im sure everyone can imagine the user/admin conversations which have arisen as a result of user finger trouble etc. Changing the permission flag in dbmail_mailboxes to 1 (from 2) has been suggested. This prevents a user deleting the mailbox but also prevents all changes to messages in the mailbox (or adding messages to it) which is too restrictive. Using ACL permissions has also been suggested but this doesnt help because the owner always has delete permission on their own mailbox. I suppose I could set up a system where all mailboxes are shared and people are not the owner of their own mailboxes but this seems like a lot of trouble given we have several thousand mailboxes. I considered changing the permissions on the dbmail_mailboxes table for the dbmail user to prevent deletion but then realised that using MySQL I would have to remove all the dbmail uers permissions (which are currently grant all on the dbmail database) and set permissions one at a time for each table, doable and I expect this is the approach I should take, but Id be concerned about such a level of interference on a production system. So, would the best quick fix for me be to remove the foreign key constraints to prevent the deletion of a mailbox having the knock-on effect (i.e. of deleting all the contained messages from the folder from the database) which Im trying to avoid? If so, should I just remove the dbmail_messages_ibfk_2 on dbmail_messages (cascade constraint on dbmail_mailboxes mailbox_idnr/mailbox_idnr). If I make this change does anyone know of any possible unforeseen consequences? The only one I can envisage is a situation where a mailbox is deleted and then another created (which I imagine could potentially have the same mailbox_idnr). Clearly Id prefer a dbmail flag or folder permission setting which achieves the same goal and if that exists I trust someone will let me know. Thank you! Daniel Schütze
_______________________________________________ DBmail mailing list [email protected] http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
