Home > Computers > mail > dovecot > DovecotShareFolders | About

Here I describe a method to share mailboxes between two users where you don't need any of :

  1. No need for SQL tables
  2. No need for dictionary mappings
  3. No need for doveadm acl commands
  4. No need for private namespaces

We'll do it with symlinks, as described in http://wiki2.dovecot.org/SharedMailboxes/Symlinks

1. Configure the acl plugin

mail_plugins = " quota acl"

protocol lmtp {
  mail_plugins = " quota acl sieve quota"
protocol lda {
  mail_plugins = " quota acl sieve"
protocol imap {
  mail_plugins = " quota acl imap_quota imap_acl"

2. Configure how access rights are checked

edit 90-acl.conf and configure acl to vfile.

vfile = dovecot-acl file in the Maildir.

plugin {
  acl = vfile

3. No need to configure a shared namespace

$ cd /var/vmail/domain.tld/a.chaouche/
$ ln -s /var/vmail/backup.domain.tld/a.chaouche/ .shared.a_chaouche@backup_domain_tld  <---- change "." to "_"

If I didn't change the dots they would appear as subfolder separators to dovecot (Maildir++ specs ? )

5. Set the appropriate rights

If you do this then a.chaouche@domain.tld can do whatever he wants with a.chaouche@backup.domain.tld mailbox. We don't want this. We want him to only read the mail, not delete it. For this, he needs two permissions : reading of course and listing, because he needs to list the emails in order to choose which one he wants to read. If he doesn't have the listing permission then the MUA would get an error when it tries to list all the messages in the inbox.

We do this by adding a dovecot-acl file in the mailbox we want to share :

root@messagerie[] /var/vmail/backup.domain.tld/a.chaouche # cat dovecot-acl
user=a.chaouche@domain.tld lr
root@messagerie[] /var/vmail/backup.domain.tld/a.chaouche #

This says that user a.chaouche@domain.tld has the "l" right (listing) and the "r" right (reading).

6. Test your setup with the doveadm acl tool

You can make sure that it's setup as expected with the acl tool :

root@messagerie[] ~ # doveadm acl get  -u a.chaouche@domain.tld INBOX.shared.a_chaouche@backup_domain_tld
ID                                Global Rights
user=a.chaouche@domain.tld        lookup read
root@messagerie[] ~ #

contact : @ychaouche yacinechaouche at yahoocom

QR Code
QR Code 1. Configure the acl plugin (generated for current page)