On Thu, 11 Apr 2013 16:15:23 +0300 Timo Sirainen <t...@iki.fi> wrote:
> On 11.4.2013, at 16.07, Stephan von Krawczynski <sk...@ithnet.com> wrote: > > > On Thu, 11 Apr 2013 16:00:22 +0300 > > Timo Sirainen <t...@iki.fi> wrote: > > > >> On 11.4.2013, at 15.07, Stephan von Krawczynski <sk...@ithnet.com> wrote: > >> > >>> I try to configure dovecot to make all imap accesses read-only for a > >>> certain > >>> user. I thought this would be possible by creating a global acl file (here > >>> "global-acl") like: > >> > >> Sorry, there is still no "default ACLs" feature in Dovecot. The only > >> semi-easy way to do what you want is using filesystem permissions. > >> > >> This is something that really should be developed though.. But probably > >> not until v2.3. > > > > Oh, that is _bad_. I cannot use fs permissions because the MTA (postfix) > > must > > have write permissions (to the directories) to create the mail files... > > The MTA can work as it used to, if it can just set a group-read permission to > the files. So your read-only user would belong to that read-only-group. I'm > not sure how Postfix assigns permissions, but if it can't do that you could > switch to Dovecot LDA/LMTP which can set the group correctly. That is not the problem. I can set any type of permission on the mail file itself. Only it does not help because dovecot nevertheless is able to move the mails around or "delete" them by moving to trash box. -- Regards, Stephan
