On 11.4.2013, at 16.07, Stephan von Krawczynski <sk...@ithnet.com> wrote:
> On Thu, 11 Apr 2013 16:00:22 +0300 > Timo Sirainen <t...@iki.fi> wrote: > >> On 11.4.2013, at 15.07, Stephan von Krawczynski <sk...@ithnet.com> wrote: >> >>> I try to configure dovecot to make all imap accesses read-only for a certain >>> user. I thought this would be possible by creating a global acl file (here >>> "global-acl") like: >> >> Sorry, there is still no "default ACLs" feature in Dovecot. The only >> semi-easy way to do what you want is using filesystem permissions. >> >> This is something that really should be developed though.. But probably not >> until v2.3. > > Oh, that is _bad_. I cannot use fs permissions because the MTA (postfix) must > have write permissions (to the directories) to create the mail files... The MTA can work as it used to, if it can just set a group-read permission to the files. So your read-only user would belong to that read-only-group. I'm not sure how Postfix assigns permissions, but if it can't do that you could switch to Dovecot LDA/LMTP which can set the group correctly.
