Applying ACLs to a Dovecot public namespace

Posted by larsks on Server Fault See other posts from Server Fault or by larsks
Published on 2011-02-22T03:37:23Z Indexed on 2011/02/22 15:26 UTC
Read the original article Hit count: 282

Filed under:
|
|
|
|

I have a public namespace define in my dovecot (dovecot-2.0.9) configuration that looks like this:

namespace {
  type = public
  separator = .
  prefix = news.
  location = maildir:/var/spool/news
  subscriptions = no  
}

I would like to make all the mailboxes in this namespace read-only. I've got the following configuration for the ACL plugin:

plugin {
  acl = vfile:/etc/dovecot/acls:cache_secs=300
}

After perusing the documentation, it seemed as if I had a mailfolder /var/spool/news/.foo.bar that I could place the following into /var/spool/news/.foo.bar/dovecot-acl:

anyone rl

But that doesn't have any affect. I also tried creating a file /usr/local/etc/dovecot/acls/news.foo.bar with the same contents, but that didn't do anything, either. I've turned on mail debugging:

mail_debug = yes

But the log doesn't produce anything that appears to be relevant to ACL processing. I'm curious to know if anyone has gotten this to work correctly and if so if you could provide some configuration examples.

Also, if there's any way to do this that doesn't involve per-mailbox configuration (.e.g, the ability to apply an ACL to news.* or something), that would be awesome. Getting the documented behavior for default ACLs working would be a step in the right direction.

© Server Fault or respective owner

Related posts about mail

Related posts about acl