Re: [Dovecot] ACL Groups
Ok - so where are acl_groups, and their access, defined? -- Daniel The permissions are set in the 'dovecot-acl' files: $ cat dovecot-acl anyone lr authenticated lrws group=PublicMailboxAdmins lrwsik You assign the groups to a particular user per UserDB Extra Fields: userdb_acl_groups=PublicMailboxAdmins Thomas PGP.sig Description: Signierter Teil der Nachricht
[Dovecot] I can't setup namespace per user (with settings keept in sql db)
Hello! I'm trying to setup additional namespace. I'd like to have this setting per user and keep it in postgresql. Global namespace is defined in this way: namespace { inbox = yes location = prefix = separator = . } (mail_location is getting from db) I don't know how should looks like database field:( Now i have such configuration: user_query = select dovecot_location AS location, dovecot_namespace AS namespace FROM ... In db i have this: # select dovecot_location, dovecot_namespace from exim_users where dovecot_namespace is not null; dovecot_location | dovecot_namespace ---+--- location=mdbox:~/.mdbox | prefix=testn (1 row) but this isn't good configuration. I've got in log: debug: sql(mar...@mejor.pl,62.121.127.119): SELECT '/dane/domeny/mejor.pl/mail/marcin/' as home, dovecot_typ_skrzynki ||':'|| '/dane/domeny/mejor.pl/mail/marcin/' ||' .'|| dovecot_typ_skrzynki as mail_location, '*:bytes='||quota_mb||'M' as quota_rule , dovecot_location AS location, dovecot_namespace AS namespace FROM exim_users WHE RE login = lower('marcin') AND domena = lower('mejor.pl') Debug: master out: USER#0112138832897#011mar...@mejor.pl#011home=/dane/domeny/mejor.pl/mail/marcin/#011mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildi r#011quota_rule=*:bytes=0M#011location=location=mdbox:~/.mdbox#011namespace=prefix=testn Login: user=mar...@mejor.pl, method=CRAM-MD5, rip=62.121.127.119, lip=193.238.12.139, mpid=17929, TLS Debug: Loading modules from directory: /usr/lib/dovecot Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib11_imap_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib15_notify_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib20_autocreate_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib20_fts_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib20_mail_log_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib20_zlib_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib21_fts_squat_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib30_imap_zlib_plugin.so Debug: Added userdb setting: mail_location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir Debug: Added userdb setting: plugin/quota_rule=*:bytes=0M Debug: Added userdb setting: plugin/location=location=mdbox:~/.mdbox Debug: Added userdb setting: namespace=prefix=testn Debug: Effective uid=8, gid=12, home=/dane/domeny/mejor.pl/mail/marcin/ Debug: Quota root: name=User quota backend=dict args=:proxy::quota Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 Debug: dict quota: user=mar...@mejor.pl, uri=proxy::quota, noenforcing=0 Debug: Namespace : type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir Debug: maildir++: root=/dane/domeny/mejor.pl/mail/marcin/.maildir, index=, control=, inbox=/dane/domeny/mejor.pl/mail/marcin/.maildir Debug: Namespace : type=private, prefix=, sep=, inbox=no, hidden=no, list=yes, subscriptions=yes location=maildir:/dane/domeny/mejor.pl/mail/marcin/.maildir Debug: maildir++: root=/dane/domeny/mejor.pl/mail/marcin/.maildir, index=, control=, inbox= Error: user mar...@mejor.pl: Initialization failed: namespace configuration error: Duplicate namespace prefix: Error: Invalid user settings. Refer to server log for more information. I've got stuck, i don't have idea how configuration should looks:( Thanks for any help! dovceot-2.0.13
Re: [Dovecot] Converting CLIENT_MAIL_DATA_MAX_INMEMORY_SIZE to a configurable?
Hi, Sorry for the late answer... On 06/13/11 15:40, Timo Sirainen wrote: On Thu, 2011-06-09 at 20:56 +0200, Attila Nagy wrote: Hi, Currently Dovecot's LMTPd writes incoming emails to mail_temp_dir if it's bigger than 128k. But I would like to spare those unnecessary operations (creating a file, deleting it, writing into it, reading from it, checking whether there is free space and if not, rejecting (temporarily) the message). Memory is cheap, disk IO is not. :) And BTW, on a lot of systems, /tmp is a memory file system already, so there is absolute no need for this. If there's not enough disk space, nowadays the message is read fully into memory instead of tempfailing. Well, that doesn't seem to be the case (or maybe it's caused by other stuff, like pigeonhole?). Dovecot 2.0.13, with a temp dir capable of holding 64k: Filesystem SizeUsed Avail Capacity Mounted on tmpfs64k4.0k 60k 6% /data/tmp Sending a message of 60k succeeds: smtp-source -d -f from@from -l 6 -m 1 -s 1 -S test -t to@to -L -v dovecot:24 /var/tmp/smtp-source: name_mask: all /var/tmp/smtp-source: smtp_stream_setup: maxtime=300 enable_deadline=0 /var/tmp/smtp-source: vstream_tweak_tcp: TCP_MAXSEG 1448 /var/tmp/smtp-source: 220 dovecot Dovecot LMTP ready /var/tmp/smtp-source: LHLO me /var/tmp/smtp-source: 250-dovecot /var/tmp/smtp-source: 250-8BITMIME /var/tmp/smtp-source: 250-ENHANCEDSTATUSCODES /var/tmp/smtp-source: 250 PIPELINING /var/tmp/smtp-source: MAIL FROM:from@from /var/tmp/smtp-source: 250 2.1.0 OK /var/tmp/smtp-source: RCPT TO:to@to /var/tmp/smtp-source: 250 2.1.5 OK /var/tmp/smtp-source: DATA /var/tmp/smtp-source: 354 OK /var/tmp/smtp-source: . /var/tmp/smtp-source: 250 2.0.0 to@to id Saved /var/tmp/smtp-source: QUIT /var/tmp/smtp-source: 221 2.0.0 Client quit While with a bigger message: smtp-source -d -f from@from -l 20 -m 1 -s 1 -S test -t to@to -L -v dovecot:24 /var/tmp/smtp-source: name_mask: all /var/tmp/smtp-source: smtp_stream_setup: maxtime=300 enable_deadline=0 /var/tmp/smtp-source: vstream_tweak_tcp: TCP_MAXSEG 1448 /var/tmp/smtp-source: 220 dovecot Dovecot LMTP ready /var/tmp/smtp-source: LHLO me /var/tmp/smtp-source: 250-dovecot /var/tmp/smtp-source: 250-8BITMIME /var/tmp/smtp-source: 250-ENHANCEDSTATUSCODES /var/tmp/smtp-source: 250 PIPELINING /var/tmp/smtp-source: MAIL FROM:from@from /var/tmp/smtp-source: 250 2.1.0 OK /var/tmp/smtp-source: RCPT TO:to@to /var/tmp/smtp-source: 250 2.1.5 OK /var/tmp/smtp-source: DATA /var/tmp/smtp-source: 354 OK /var/tmp/smtp-source: . /var/tmp/smtp-source: 451 4.3.0 Temporary internal failure /var/tmp/smtp-source: fatal: end of data rejected: 451 4.3.0 Temporary internal failure When I give a bigger tmp filesystem to it, it accepts the message. Also are you sure that writing to the file actually produces disk I/O? It depends. On a tmpfs file system, it is possible, if there is not enough memory and the system must page. Pretty bad condition. Of course this is mostly the same with no temporary files (holding the emails in memory). Well, mostly, because you don't duplicate all e-mails in memory. And if emails come and go in the range of some hundred Mbps, this can count. Also, a file in tmpfs possibly requires more memory than the same message in an efficient memory structure (a c string for example, which has only a small metadata, compared to tmpfs). If the tmp directory is not a tmpfs, it depends on whether you commit the written bits (I guess you don't fsync it, why would you :) and whether the file system wants to write them. There are file systems, which can't handle blocks belonging to different files independently with fsync. So if you fsync a small file, and you have written 3 GB to the temporary dir (let's assume they are on the same FS), which you will delete in the next second and you haven't fsynced them, 3 GB plus the small file will be written (to the log). Of course you can (and will) separate the temporary file system, which alleviates this problem. But even then it will be possible that the bits will written, for example because the file system's commit time has come and see the above, it may write out a lot of stuff. Even if /tmp isn't a memory filesystem, I think there's a good chance that the file will be gone before any disk writes have a chance to start. Can you see some measurable disk I/O change by changing this value? I can't really measure it now, because I don't have a separate disk pool for temporary files (because nothing uses /tmp, so it would be useless, all resources are delegated to the main pool) and I use tmpfs. But even it's just a few IOPS and some wasted CPU cycles, why wouldn't I set that? :) I think it would be nice to have this as a configurable option, so there would be no need to rebuild every time.
[Dovecot] ACL enabled Public folder dovecot
Hi All, I am trying to do ACL enabled Public folder on dovecot version 1.1.20, but the ACL thing is not working, the public folder is visible and accessible to everyone. My dovecot config for public folder is like namespace public { separator = / prefix = Public/ location = maildir:/var/mail/public subscriptions = no } plugin { acl = vfile } # and I have my dovecot-acl file in /var/mail/public/.test which reads ** user=t...@mydomain.comlrw ** but every user can see the public folders and subscribe to it, which I don't want :( Can someone please suggest. Thanks in Advance, Shantanu
Re: [Dovecot] ACL enabled Public folder dovecot
Hi Gregory, this is the output from dovecot -n # 1.1.20: /etc/dovecot.conf # OS: Linux 2.6.18-194.32.1.el5 i686 CentOS release 5.5 (Final) ext3 base_dir: /var/run/dovecot/ protocols: imap imaps listen: *:143 ssl_listen: *:943 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_greeting: READY. login_processes_count: 2 mail_location: maildir:/mail/%d/%n/Maildir mail_debug: yes namespace: type: public separator: / prefix: Public/ location: maildir:/var/mail/public list: yes namespace: type: private separator: / location: maildir:/mail/%d/%n/Maildir inbox: yes list: yes subscriptions: yes lda: postmaster_address: postmas...@example.com auth default: verbose: yes debug: yes debug_passwords: yes passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: passwd userdb: driver: ldap args: /etc/dovecot-ldap.conf plugin: acl: vfile Thanks Shantanu On Fri, Jun 17, 2011 at 9:24 PM, Gregory Finch gfi...@ldmltd.ca wrote: On 2011-06-17 8:29 AM, kumar shantanu wrote: Hi All, I am trying to do ACL enabled Public folder on dovecot version 1.1.20, but the ACL thing is not working, the public folder is visible and accessible to everyone. My dovecot config for public folder is like namespace public { separator = / prefix = Public/ location = maildir:/var/mail/public subscriptions = no } plugin { acl = vfile } # and I have my dovecot-acl file in /var/mail/public/.test which reads ** user=t...@mydomain.comlrw ** but every user can see the public folders and subscribe to it, which I don't want :( Can someone please suggest. Thanks in Advance, Shantanu suggestion #1: post the output of dovecot -n -Greg
Re: [Dovecot] ACL enabled Public folder dovecot
As per the top of http://wiki1.dovecot.org/ACL you need to set mail_plugins in order to use acls, as acl support is via a plugin, not a core piece of dovecot. -Greg On 2011-06-17 8:57 AM, kumar shantanu wrote: Hi Gregory, this is the output from dovecot -n # 1.1.20: /etc/dovecot.conf # OS: Linux 2.6.18-194.32.1.el5 i686 CentOS release 5.5 (Final) ext3 base_dir: /var/run/dovecot/ protocols: imap imaps listen: *:143 ssl_listen: *:943 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_greeting: READY. login_processes_count: 2 mail_location: maildir:/mail/%d/%n/Maildir mail_debug: yes namespace: type: public separator: / prefix: Public/ location: maildir:/var/mail/public list: yes namespace: type: private separator: / location: maildir:/mail/%d/%n/Maildir inbox: yes list: yes subscriptions: yes lda: postmaster_address: postmas...@example.com auth default: verbose: yes debug: yes debug_passwords: yes passdb: driver: ldap args: /etc/dovecot-ldap.conf userdb: driver: passwd userdb: driver: ldap args: /etc/dovecot-ldap.conf plugin: acl: vfile Thanks Shantanu On Fri, Jun 17, 2011 at 9:24 PM, Gregory Finch gfi...@ldmltd.ca wrote: On 2011-06-17 8:29 AM, kumar shantanu wrote: Hi All, I am trying to do ACL enabled Public folder on dovecot version 1.1.20, but the ACL thing is not working, the public folder is visible and accessible to everyone. My dovecot config for public folder is like namespace public { separator = / prefix = Public/ location = maildir:/var/mail/public subscriptions = no } plugin { acl = vfile } # and I have my dovecot-acl file in /var/mail/public/.test which reads ** user=t...@mydomain.comlrw ** but every user can see the public folders and subscribe to it, which I don't want :( Can someone please suggest. Thanks in Advance, Shantanu suggestion #1: post the output of dovecot -n -Greg signature.asc Description: OpenPGP digital signature
[Dovecot] Maildir parent directory permissions incorrect for new mailbox
Hi, My issue is with the automatic creation of parent directories above new maildirs. It seems to be that they're being set with incorrect (or unhelpful) permissions, applying the permissions of the mailbox down the path towards the mailbox root, as opposed to taking the permissions of the mailbox root up towards the mailbox. Our mail is stored under the scheme: location = maildir:/var/dovecot/mail/%d/%n:INDEX=/var/dovecot/index/%d/%n Initially, /var/dovecot consists of acl, index and mail, all empty. The permissions on these are: ls -l total 6 drwxrwxr-x 2 hmgp hmgp 512 17 Jun 12:23 acl drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 index drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 mail If I perform a mail delivery to my mailbox, the mailbox parent directory is created with the following permissions: ls -l total 2 drwx-- 3 dm hmgp 512 17 Jun 15:56 insidetrading.co.uk Note that the user ID is my own and the mode restricts all other access. When I perform a second delivery to different mailbox under that domain, one mapped to a different UID, the delivery fails because that user cannot access the parent folder in order to create the new maildir. I've read on the Wiki that Dovecot copies permissions from the parent directory when adding new messages to a mailbox. That would suit my situation, but it doesn't happen here. Maybe there is there a reason why this is the case? I've had a look at the code and it it works in the opposite direction, starting from the full path (with its associated mode, uid gid) and working by removing a section from the right-hand side each time. For me, at least, it would be better if it started from the bottom and worked upwards, inheriting the parent uid, gid and mode until the mailbox directory, where the existing behaviour would be retained, looking like: ls -dl insidetrading.co.uk/dm total 2 drwx-- 5 dm hmgp 512 17 Jun 15:56 dm I know I could hold all our mail under a single uid/gid or I could fix the mode manually, but I'd rather not do either. Am I missing some key configuration detail or should I work on a patch for this? Thanks, Dominic dovecot -n # 2.0.12: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.2-RELEASE amd64 auth_debug = yes listen = * mail_debug = yes mail_plugins = acl namespace { inbox = yes location = maildir:/var/dovecot/mail/%d/%n:INDEX=/var/dovecot/index/%d/%n prefix = separator = / type = private } namespace { list = children location = maildir:/var/dovecot/mail/%%d/%%n:INDEX=/var/dovecot/index/%%d/shared/%%n prefix = shared/%%n separator = / subscriptions = no type = shared } passdb { args = /usr/local/etc/dovecot/ldap.conf driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/dovecot/acl/%d/%n-shared.db } protocols = lmtp imap service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { port = 993 ssl = yes } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } ssl = required ssl_ca = /usr/local/etc/ssl/cert/geotrust-all.pem ssl_cert = /usr/local/etc/ssl/cert/mail.helenmarks.co.uk.pem ssl_cipher_list = AES+HIGH ssl_key = /usr/local/etc/ssl/private/mail.helenmarks.co.uk.key userdb { args = /usr/local/etc/dovecot/ldap.conf driver = ldap } verbose_proctitle = yes protocol imap { mail_plugins = acl imap_acl }
Re: [Dovecot] Maildir parent directory permissions incorrect for new mailbox
On 17.06.2011 18:35, wrote Dominic Marks: Hi Dominic, Initially, /var/dovecot consists of acl, index and mail, all empty. The permissions on these are: ls -l total 6 drwxrwxr-x 2 hmgp hmgp 512 17 Jun 12:23 acl drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 index drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 mail If I perform a mail delivery to my mailbox, the mailbox parent directory is created with the following permissions: ls -l total 2 drwx-- 3 dm hmgp 512 17 Jun 15:56 insidetrading.co.uk Blind guess: You are delivering the mail via postfix local and not via dovecot-lda or lmtp? Note that the user ID is my own and the mode restricts all other access. When I perform a second delivery to different mailbox under that domain, one mapped to a different UID, the delivery fails because that user cannot access the parent folder in order to create the new maildir.
[Dovecot] pop3-login Error after dovecot 1.2.11 to dovecot 2.0.13
I recently upgaded from dovecot 1.2.11 to 2.0.13. I used this command on my dovecont.conf after the upgrade and then moved the new file into place after removing some plugins. $ sudo doveconf -n -c dovecot-1.conf dovecot-2.conf After 24+ hours with no issues I was getting pop3 login failures. ... /path/to/log/dovecot.log:master: Error: service(pop3): read(status) failed: Interrupted system call ... /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Error: master(pop3): Auth request timed out (received 0/12 bytes) /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Info: Internal login failure (pid=1796 id=1) (auth failed, 1 attempts): user=rrive...@domainname.com, method=APOP, rip=123.4.5.6, lip=123.7.8.9 /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Error: master(pop3): Auth request timed out (received 0/12 bytes) /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Info: Internal login failure (pid=1797 id=1) (auth failed, 1 attempts): user=j...@domainname.com, method=APOP, rip=123.4.5.6, lip=123.7.8.9 /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Error: master(pop3): Auth request timed out (received 0/12 bytes) /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Info: Internal login failure (pid=1798 id=1) (auth failed, 1 attempts): user=gk...@domainname.com, method=APOP, rip=123.4.5.6, lip=123.7.8.9 /path/to/log/dovecot.log:Jun 17 05:25:47 pop3-login: Error: master(pop3): Auth request timed out (received 0/12 bytes) ... /path/to/log/dovecot.log:Jun 17 05:40:34 pop3-login: Error: net_connect_unix(pop3) failed: Operation timed out ... Bouncing dovecot has resolved the login issues for the present. Reading from the wiki I see my post-login scripts will need changing. http://wiki2.dovecot.org/Upgrading/2.0 Is there anything else obviously/dangerously wrong with the following doveconf output? I'm am still in the process of moving directives out of dovecot.conf into the new conf.d files. $ doveconf -n # 2.0.13: /path/to/etc/dovecot/dovecot.conf # OS: Darwin 9.8.0 Power Macintosh hfs auth_mechanisms = plain login cram-md5 ntlm apop default_internal_user = _dovecot default_login_user = _dovenull disable_plaintext_auth = no log_path = /path/to/log/dovecot.log mail_location = dbox:/path/to/mail/%d/%n/dbox mail_max_userip_connections = 30 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { args = /path/to/etc/dovecot/dovecot_mysql.conf driver = sql } plugin { autocreate = Trash autocreate2 = Spam autosubscribe = Trash autosubscribe2 = Spam } protocols = imap pop3 service auth { unix_listener /path/to/var/spool/postfix/private/auth { group = _postfix mode = 0660 user = _postfix } unix_listener auth-master { mode = 0600 user = _vmail } unix_listener auth-userdb { group = _vmail user = _vmail } } service imap { executable = /path/to/dovecot/bin/log_imap_login.sh } service pop3 { executable = /path/to/dovecot/bin/log_pop3_login.sh } ssl_cert = /path/to/etc/ssl/certs/dovecot.pem ssl_key = /path/to/etc/ssl/private/dovecot.pem userdb { driver = prefetch } userdb { args = /path/to/etc/dovecot/dovecot_mysql.conf driver = sql } Thanks, Bradley Giesbrecht
Re: [Dovecot] Maildir parent directory permissions incorrect for new mailbox
On 17/06/2011 18:16, e-frog wrote: On 17.06.2011 18:35, wrote Dominic Marks: Hi Dominic, Initially, /var/dovecot consists of acl, index and mail, all empty. The permissions on these are: ls -l total 6 drwxrwxr-x 2 hmgp hmgp 512 17 Jun 12:23 acl drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 index drwxrwxr-x 3 hmgp hmgp 512 17 Jun 15:56 mail If I perform a mail delivery to my mailbox, the mailbox parent directory is created with the following permissions: ls -l total 2 drwx-- 3 dm hmgp 512 17 Jun 15:56 insidetrading.co.uk Blind guess: You are delivering the mail via postfix local and not via dovecot-lda or lmtp? Hi e-frog, Nope. From my main.cf: virtual_transport = lmtp:unix:private/dovecot-lmtp From my maillog: Jun 17 18:37:06 comms dovecot: lmtp(75348): Connect from local Jun 17 18:37:06 comms dovecot: lmtp(75348, d...@insidetrading.co.uk): 8en+HVtz+01UJgEA+ZD7hg: msgid=20110617183706.04e3c3b...@mail.helenmarks.co.uk: saved mail to INBOX Jun 17 18:37:06 comms postfix/lmtp[78285]: 04E3C3B618: to=d...@insidetrading.co.uk, relay=mail.helenmarks.co.uk[private/dovecot-lmtp], delay=0.1, delays=0.05/0.04/0/0.01, dsn=2.0.0, status=sent (250 2.0.0 d...@insidetrading.co.uk 8en+HVtz+01UJgEA+ZD7hg Saved) Jun 17 18:37:06 comms dovecot: lmtp(75348): Disconnect from local: Client quit Jun 17 18:37:06 comms postfix/qmgr[99310]: 04E3C3B618: removed In fact, during my tests I invoked the lmtp binary under gdb so I could inspect its behaviour, but prior to that I'd been relaying through lmtp. Thanks, Dominic
Re: [Dovecot] ACL Groups
On 6/17/2011 1:28 AM, Thomas Leuxner wrote: Ok - so where are acl_groups, and their access, defined? -- Daniel The permissions are set in the 'dovecot-acl' files: $ cat dovecot-acl anyone lr authenticated lrws group=PublicMailboxAdmins lrwsik You assign the groups to a particular user per UserDB Extra Fields: userdb_acl_groups=PublicMailboxAdmins So there is no defined list of valid groups - arbitrary names are simply listed in the acl_groups parameter, and are then used in the acl files. If they're in either one of the acl_groups or acl file(s), and not in the other, there's no error - they just don't do anything. Right? -- Daniel
[Dovecot] Default Global ACL
Can I use the .DEFAULT files with global acls to access all mailboxes without explicitly sharing them first? Or must a share be created for every individual mailbox before they will appear in the shared namespace? -- Daniel