Re: Questions on supporting Shared Mailboxes using imapc://

Fri, 06 Nov 2015 09:38:58 -0800 

On 2015-10-09 10:33 AM, Nathan Coulson wrote:

I was not able to get a shared mailbox setup working using imapc. 
Tested using mailboxes on the same server, as well as other servers.

We are using dovecot 2.2.10 from Centos 7, following the guide at 
http://wiki2.dovecot.org/SharedMailboxes/ClusterSetup


imapc_host=192.168.5.5 #(Local dovecot server)
imapc_master_user= %u
imapc_password=TempPass
#imapc_user=te...@example.com # Added for testing.
namespace {
  type = shared
  separator = /
  prefix = shared/%%u/
  list = children
  location = imapc:~/shared/%%u/
}
namespace { # used as a control to verify that shared mailboxes work
  type = shared
  separator = /
  prefix = shared2/%%u/
  list = children
  location = sdbox:%%h:INDEXPVT=~/shared2/%%u
}


dict {
  acl = mysql:/etc/dovecot/dovecot-sql_aggelos_shares.conf.ext
}

plugin {
  acl = vfile
  acl_shared_dict = proxy::acl
}

mail_plugins = acl

protocol imap {
  mail_plugins = acl imap_acl
}

passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}


passdb { # for master user logins
  driver = sql
  args = /etc/dovecot/dovecot-sql_aggelos_aclmaster.conf.ext
  master = yes
  pass = yes
}

userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}






I can login using te...@example.com*t...@example.com (and see all of 
test2's email), and it looks like it authenticates ok via imap, but 
shared never shows up.  No issues using shared2 which uses direct 
access to the mailbox



doveadm acl debug -u t...@example.com shared/te...@example.com (Fails, 
uses imapc)

doveadm(t...@example.com): Info: Mailbox 'INBOX' is in namespace 
'shared/te...@example.com/'
doveadm(t...@example.com): Info: Mailbox path: 
/misc/1/2/mail/t...@example.com-4/shared/te...@example.com/.INBOX
doveadm(t...@example.com): Info: All message flags are shared across 
users in mailbox
doveadm(t...@example.com): Info: User t...@example.com has no rights 
for mailbox
doveadm(t...@example.com): Error: User t...@example.com is missing 
'lookup' right
doveadm(t...@example.com): Info: Mailbox shared/te...@example.com is 
NOT visible in LIST




doveadm acl debug -u t...@example.com shared/te...@example.com/Junk 
(Fails, contains a folder that exists)
doveadm(t...@example.com): Info: Mailbox 'Junk' is in namespace 
'shared/te...@example.com/'
doveadm(t...@example.com): Info: Mailbox path: 
/misc/1/2/mail/t...@example.com-4/shared/te...@example.com/.Junk
doveadm(t...@example.com): Info: All message flags are shared across 
users in mailbox
doveadm(t...@example.com): Info: User t...@example.com has no rights 
for mailbox
doveadm(t...@example.com): Error: User t...@example.com is missing 
'lookup' right
doveadm(t...@example.com): Info: Mailbox shared/te...@example.com/Junk 
is NOT visible in LIST



doveadm acl debug -u t...@example.com shared/te...@example.com/z 
(Fails,  contains a folder that does not exist.  Expected result)

doveadm(t...@example.com): Error: Mailbox 'z' in namespace 
'shared/te...@example.com/' doesn't exist in 
/misc/1/2/mail/t...@example.com-4/shared/te...@example.com/.z




doveadm acl debug -u t...@example.com shared2/te...@example.com 
(Works, using direct storage)

doveadm(t...@example.com): Info: Mailbox 'INBOX' is in namespace 
'shared2/te...@example.com/'
doveadm(t...@example.com): Info: Mailbox path: 
/misc/1/2/mail/te...@example.com-87/mailboxes/INBOX/dbox-Mails

doveadm(t...@example.com): Info: Per-user private flags in mailbox: \Seen

doveadm(t...@example.com): Info: User t...@example.com has rights: 
lookup read write-seen

doveadm(t...@example.com): Info: Mailbox found from dovecot-acl-list

doveadm(t...@example.com): Info: User te...@example.com found from ACL 
shared dict
doveadm(t...@example.com): Info: Mailbox shared2/te...@example.com is 
visible in LIST




It feels like the acl information in the vfiles is not available when 
using imapc.




Our setup is as follows: (Currently does not use Dovecot Director, but 
has the same issues where shared mailboxes may not be local on the 
server)

* Front servers, that are running dovecot (proxy to backend servers)
* Backend Servers, each handle their own local users.


Thank you


Adding to this, Is it possible to set the location for the VFile's when 
using imapc?  If so, I believe that would allow this to work. (Available 
over NFS [later GFS2] on remote servers,  Technically we could also use 
the storage directly but I was concerned about 2 dovecot processes on 
different servers using the same sdbox storage location).


--
Nathan Coulson
System Administrator for Bravenet
www.bravenet.com
nat...@bravenet.com






















					Reply via email to