On 21 Oct 2014, at 11:27, Ralf Hildebrandt <r...@sys4.de> wrote: > But how can I "lock" a user during migration? > > The plan is: > ============ > > * lock the user > * kick the user (doveadm kick) > * migrate mailbox (some rsync magic) > * unlock the user again
Alternative is to use "doveadm sync" and you don't necessarily even need to lock anything at all. > But how would I lock the user? > > What locking needs to achieve: > > 1) Disallow IMAP/POP login (that's easy!) Yeah, many ways. > 2) defer LMTP delivery somehow (Postfix is talking to dovecot's LMTP server) - LMTP proxy does a passdb lookup. I'm not sure if there's any good way to fail in here. I was planning to suggest allow_nets=0.0.0.0/32 but looks like LMTP proxying just ignores that. Fixed now: http://hg.dovecot.org/dovecot-2.2/rev/3a8b417b0b80 - LMTP backend does a userdb lookup. Userdb lookup can return either "user doesn't exist" or "temporary failure". Nothing else. You can have it return a temporary failure by having it return "tempfail" extra field.