is it possible to make specific mailboxes (Maildir) read-only? so users can only read, forward and search mails, but don't delete them?
thanks in advance
Asked
Active
Viewed 1,572 times
2 Answers
2
You can easily do that with ACLs, specifically with the command maildiracl .
Daniele Santi
- 2,479
- 1
- 25
- 22
0
It's not trivial to figure out the right ACL to put, and not trivial to figure out on what folders you need ACLs to be changed. Not putting the right ACLs will show weired behaviour on some mail clients like roundcube, for exampe you might delete a message, the message seems to have disappeared, but if you browse to another folder (say, Sent) and get back to the Inbox the message reappears. So the inbox is still in read-only but we don't want this disappearing/reappearing confusion.
I eventually figured that the right thing to do is :
- Set an ACL of
lrasiwon the INBOX - Set an ACL of
lrasiwon the Sent folder - Set an ACL of lra to the Trash folder
I've put that in a script, you might find it useful :
root@messagerie[CHROOT][10.10.10.19] ~/SCRIPTS/MAIL # cat readonly.single
if [ "$#" -ne 1 ]
then
echo "usage : $0 boite@domain.com"
exit 1
fi
email="$1"
inbox="${1%@*}"
dst="/var/vmail/domain/$inbox"
set -x
maildiracl -set "$dst" "INBOX" owner lrasiw
maildiracl -set "$dst" "INBOX.Sent" owner lrasiw
maildiracl -set "$dst" "INBOX.Trash" owner lra
root@messagerie[CHROOT][10.10.10.19] ~/SCRIPTS/MAIL # cat fullaccess.single
if [ "$#" -ne 1 ]
then
echo "usage : $0 boite@domain.com"
exit 1
fi
email="$1"
inbox="${1%@*}"
dst="/var/vmail/domain/$inbox"
set -x
maildiracl -set "$dst" "INBOX" owner aceilrstwx
maildiracl -set "$dst" "INBOX.Sent" owner aceilrstwx
maildiracl -set "$dst" "INBOX.Trash" owner aceilrstwx
root@messagerie[CHROOT][10.10.10.19] ~/SCRIPTS/MAIL #
ychaouche
- 252
- 3
- 15