[Dovecot] Plugins: virtuals vs acls
Hi all dovecot-virtual: * all when dovecot-acl files restrict some subset of * for a user, does dovecot respect these ACLs when collecting messages for virtual folder? I'd like a confirmation about what I should be seeing when I start implementing this setup.
Re: [Dovecot] Plugins: virtuals vs acls
On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: > dovecot-virtual: > * >all > > when dovecot-acl files restrict some subset of * for a user, does > dovecot respect these ACLs when collecting messages for virtual folder? If they aren't respected, it's a bug.
Re: [Dovecot] Plugins: virtuals vs acls
On Fri, Sep 16, 2011 at 03:03:47PM +0300, Timo Sirainen wrote: ..On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: .. ..> dovecot-virtual: ..> * ..>all ..> ..> when dovecot-acl files restrict some subset of * for a user, does ..> dovecot respect these ACLs when collecting messages for virtual folder? .. ..If they aren't respected, it's a bug. (dovecot-2.2.19) So, 5 years later, I got to implementing `dovecot-virtual` :) I'd like to set up a `LargeMailbox/Virtual/30d` mailbox that restricts the view of a hidden, and otherwise inaccessible `LargeMailbox` to "last 30 days" rolling window. `dovecot-virtual` for that is simple enough, but ACL-s get in the way. LargeMailbox ACL user=Moi none LargeMailbox/Virtual/30d ACL user=Moi lrwsip It looks like `docevot` is correctly restricting reading `LargeMailbox` - user Moi is able to subscribe the mailbox, but sees zero messages in there. How can I make `LargeMailbox` readable from a virtual without giving the mail client the ability to read all of `LargeMailbox` on its own? -- Leho Kraav, senior technology & marketing architect Mobile: +372-56-603673 G+: lkoogliz...@gmail.com
Re: [Dovecot] Plugins: virtuals vs acls
>On Fri, 2011-09-16 at 14:48 +0300, Leho Kraav wrote: > >How can I make `LargeMailbox` readable from a virtual without giving the >mail client the ability to read all of `LargeMailbox` on its own? Symlinking a hidden "secret key" mailbox name works: 1. Symlink LargeMailbox -> LargeMailbox.sa0yaiy9Nah0thoo5do9iew1ciJaeXahphoox4si (secret key) 2. Start using `vfile:/etc/dovecot/global-acl` LargeMailbox.sa0yaiy9Nah0thoo5do9iew1ciJaeXahphoox4si user=Moi rwsi (hide mailbox, but allow modifications) LargeMailbox.Virtual.30d user=Moi lrwsip (full list + modification permissions) 3. `LargeMailbox.Virtual.30d/dovecot-virtual` !LargeMailbox.sa0yaiy9Nah0thoo5do9iew1ciJaeXahphoox4si (save to backing mailbox) all younger 2592000 Remaining excercise questions: * any more sensible / simpler techniques available? * any holes - is it possible for user=Moi to somehow learn the "secret key" name of the backing mailbox?
