• Apfeltalk ändert einen Teil seiner Allgemeinen Geschäftsbedingungen (AGB), die Werbung betreffend.
    Näheres könnt Ihr hier nachlesen: AGB-Änderung

macOS Server: Dovecot und shared mailboxes

j33n5

Horneburger Pfannkuchenapfel
Mitglied seit
18.12.06
Beiträge
1.407
Tag allerseits,

ich möchte gerne für Kollegen bestimmte Mail-Ordner eines Users freigeben. Bisher habe ich damit allerdings wenig Erfolg.

Kann mir jemand behilflich sein, die Anleitungen im Netz sind entweder nicht für Mac oder für mich unverständlich.

Ich habe Schwierigkeiten die Zusammenhänge zwischen ACL, name spaces und den tatsächlich vorhanden Ordnerrechten zu verstehen. Bin für jede Hilfe dankbar!


Edit:

Code:
# doveconf -n
liefert das:

Code:
bash-3.2# doveconf -n
# 2.2.24 (a82c823): /Library/Server/Mail/Config/dovecot/dovecot.conf
# OS: Darwin 16.7.0 x86_64  hfs
aps_topic = com.apple.mail.XServer.3599a134-d386-408e-9416-d7aab8dba225
auth_mechanisms = cram-md5 digest-md5 plain login apop gssapi
auth_realms = SERVER.DOMAIN.de
auth_socket_path = /var/run/dovecot/auth-userdb
auth_username_format = %n
debug_log_path = /Library/Logs/Mail/mail-debug.log
default_internal_user = _dovecot
default_login_user = _dovenull
disable_plaintext_auth = no
first_valid_gid = 6
first_valid_uid = 6
imap_id_log = *
imap_id_send = "name" * "version" *
imap_urlauth_submit_user = submit
info_log_path = /Library/Logs/Mail/mail-info.log
log_path = /Library/Logs/Mail/mail-err.log
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
mail_access_groups = mail
mail_attribute_dict = file:/Library/Server/Mail/Data/attributes/attributes.dict
mail_location = maildir:/Library/Server/Mail/Data/mail/%u
mail_log_prefix = "%s(pid %p user %u): "
mail_plugins = quota zlib acl fts fts_sk
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mdbox_rotate_size = 200 M
namespace acl-mailboxes {
  list = children
  location = maildir:/Library/Server/Mail/Data/mail/users/%%u:INDEX=/Library/Server/Mail/Data/mail/shared/%%u
  prefix = shared.%%u.
  separator = .
  subscriptions = no
  type = shared
}
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
namespace list-archives {
  list = children
  location = maildir:/Library/Server/Mail/Data/listserver/messages/archive/lists/%%u:INDEX=/Library/Server/Mail/Data/listserver/messages/archive/shared/%%u
  prefix = archives.%%u.
  separator = .
  subscriptions = no
  type = shared
}
passdb {
  driver = od
}
passdb {
  args = /Library/Server/Mail/Config/dovecot/submit.passdb
  driver = passwd-file
}
plugin {
  acl = vfile:/Library/Server/Mail/Config/dovecot/global-acls:cache_secs=300
  acl_shared_dict = file:/Library/Server/Mail/Data/shared/shared-mailboxes
  fts = sk
  quota = maildir:User quota
  quota_warning = storage=100%% quota-exceeded %u
  quota_warning2 = storage=80%% quota-warning %u
  sieve = /Library/Server/Mail/Data/rules/%u/dovecot.sieve
  sieve_dir = /Library/Server/Mail/Data/rules/%u
  stats_refresh = 30 secs
  stats_track_cmds = yes
}
postmaster_address = info@DOMAIN.de
protocols = lmtp sieve imap pop3
quota_full_tempfail = yes
service auth {
  idle_kill = 15 mins
  unix_listener auth-userdb {
    user = _dovecot
  }
}
service dict {
  unix_listener dict {
    user = _dovecot
  }
}
service dns_client {
  unix_listener dns-client {
    mode = 0600
  }
}
service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
  service_count = 0
}
service imap {
  client_limit = 5
  process_limit = 200
  service_count = 0
}
service indexer-worker {
  user = _dovecot
}
service lmtp {
  unix_listener lmtp {
    mode = 0600
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 110
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}
service pop3 {
  client_limit = 5
  process_limit = 200
  service_count = 0
}
service quota-exceeded {
  executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-exceeded.sh
  unix_listener quota-exceeded {
    group = mail
    mode = 0660
    user = _dovecot
  }
  user = _dovecot
}
service quota-warning {
  executable = script /Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/quota-warning.sh
  unix_listener quota-warning {
    group = mail
    mode = 0660
    user = _dovecot
  }
  user = _dovecot
}
service stats {
  fifo_listener stats-mail {
    mode = 0600
    user = _dovecot
  }
}
ssl = required
ssl_ca = </etc/certificates/CERT
ssl_cert = </etc/certificates/CERT
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!ADH:!eNULL
ssl_key = </etc/certificates/CERT
ssl_key_path = /etc/certificates/CERT
userdb {
  args = partition=/Library/Server/Mail/Config/dovecot/partition_map.conf global_quota=0 enforce_quotas=yes
  driver = od
}
userdb {
  args = /Library/Server/Mail/Config/dovecot/submit.passdb
  driver = passwd-file
}
verbose_proctitle = yes
protocol lmtp {
  mail_plugins = quota zlib acl fts fts_sk sieve push_notify
}
protocol lda {
  mail_plugins = quota zlib acl fts fts_sk sieve push_notify
}
protocol imap {
  mail_max_userip_connections = 20
  mail_plugins = quota zlib acl fts fts_sk imap_acl imap_quota imap_zlib
}
protocol pop3 {
  mail_max_userip_connections = 6
}
 
Zuletzt bearbeitet:

j33n5

Horneburger Pfannkuchenapfel
Mitglied seit
18.12.06
Beiträge
1.407
Okay, es scheint zu laufen, ein:

Code:
doveadm acl set -u USER1  INBOX user=USER2 lookup read
Hat es vollbracht. Es werden die Dateien dovecot-acl-list und dovecot-acl entsprechend geändert.

Nun habe ich ein weiteres Problem, meine User heißen zum Teil x.nachname und dadurch können Ordner von diesen Usern nicht abonniert werden. Ich habe versucht, das entsprechend diesen Beitrags zu fixen: https://dovecot.org/list/dovecot/2014-April/095749.html
und namespace separator von „.“ auf „/“ umgestellt. Jetzt tauchen die Ordner auf, ich kann sie jedoch nicht abonnieren. Ich gehe davon aus, dass es sich um ein Rechtsproblem handelt.