On 2/14/20 11:44 AM, Tobias Kirchhofer wrote: > On 14 Feb 2020, at 11:06, Armin Schindler wrote: > > Hello! > > we are about to move from cyrus to dovecot and have one open issue > for that migration. > With cyrus we have "shared/" folders with a name that is self defined like > shared/project-xyz > but the email address for direct delivery to that folder my be different > (not project-...@domain.com <mailto:project-...@domain.com>). > > With dovecot we try to have it similar (at least how the user sees it in > the client) > like it is now. > > When configuring a namespace of type=shared, I see in the docs the the > prefix > can be configured with %%u , %%n or %%d. But is it possible to configure > the name different to the email address? E.g. to hide the email address of > that folder and show a nice name instead? > > I also thought about using public namespace instead. Does this make sense > here? > With public (maybe configured with prefix=shared/) folder I can set any > name > as subdir in prefix, right? > So would this be more like what we have with cyrus shared folder? > > If so, how could these public folders have an email address for direct > mail delivery into? > Can something like a global sieve rule do that? Or can a public folder > have an email address? > > Thanks in advance. > Armin > > Hi, we went through this some years ago. It is a bit tricky in the details. > Involved is postfix, > public namespace, subscriptions, acl, sieve. > > We found a quite comprehensive solution so far. It is working similar to > Cyrus shared folder. Do not > mix the names. Cyrus „shared“ folders are „public“ folders in Dovecot. > Dovecot „shared“ folders are > personally shared folders from one user to another. > > For our new setup (planned with CentOS 8, waiting for the official repo for > the latest dovecot > version…) we have a prototype on Debian base with the latest version of > Dovecot. In opposite to our > current solution we will implement global acls with user and groups from > LDAP. This is very nice.
Wow, thanks. This seem to be exactly what I need to go on.
Our base system is a Univention UCS, so LDAP users and groups is what we
already have working :-)
With your elements I think we really could have the cyrus shared folders with
dovecot by
using a namespace of
type=public
but with
prefix=shared/
(we might use type=shared with prefix=usershared/ later).
Or is the idea of just *one* public folder with name "shared" and with
subdirs for different "projects/departments/topics" not working as expected?
ACL is something I didn't look at yet. Is it possible to set different
permissions
for the folders in the public prefix like /shared/dir1 , /shared/dir2 , etc.
or even for sub-subfolders?
Global ACLs aren't neccessary when using folder acls, right?
Armin
> Some elements:
>
> Global ACL:
> |
> [..]
> Newsletter group=administrator lrwstipekxa
> Newsletter/* group=team lrwstipe
> Newsletter/* user=n...@domain.tld lrwstipe
> […]
> |
>
> Public folder:
> |
> namespace {
> type = public
> prefix = Newsletter/
> separator = /
> location =
> maildir:/var/vmail/public/$DOMAIN/newsletter:LAYOUT=fs:INDEXPVT=~/public/$DOMAIN/newsletter
> subscriptions = no
> hidden = no
> list = children
> }
> |
>
> Subscriptions (! This one was tricky)
> ```
> namespace subscriptions {
> subscriptions = yes
> prefix =
> separator = /
> list = no
> hidden = yes
> }
>
> namespace inbox {
> inbox = yes
> separator = /
> prefix = INBOX/
> subscriptions = no
> […]
> ```
>
> „Dovecot“ Shared folder (optional):
> |
> namespace shared {
> type = shared
> separator = /
> prefix = Shared/%%u/
> location = maildir:%%h/:INDEXPVT=~/shared/%%u
> list = children
> subscriptions = no
> }
> |
>
> The sorting in the according public folder happens in a global sieve script
> before user scripts are
> fireing. It is combined with the ‚+‘ notation in postfix for sub addresses
> and an special ‚listadm‘ user
>
> postfix:
> |
> listadm+Verteiler/info@$DOMAIN
> |
>
> The sieve script is then reading the generated address and delivers it into
> the according public
> folder. We learned a lot about sieve scripting with this task :-)
>
> |sieve_before = /var/vmail/sieve/global/global-before.sieve […] |
>
> More details would be to much here.
>
> To be honest, we needed some time to get it done properly. It is a
> combination of features and A LOT
> OF testing and analysing the behaviour of
> postfix/dovecot/public-folder/sieve/acl. For now we have a
> Public folder setup which is as nice like it is with Cyrus. With Cyrus this
> issue is less complex to
> implement.
>
> Maybe this helps a bit. Take exclusivly one to two weeks for this task and
> read and test a lot! :-)
>
> Tobias
>
> --
> collect@shift.agency <mailto:collect@shift.agency>
>
smime.p7s
Description: S/MIME Cryptographic Signature
