Current revision as of 08:30, 3 October 2012

Mailbox sharing related settings are configured by default in iRedMail-0.7.0, you just need to enable acl plugins in dovecot.conf, section "protocols lda {}" and "protocol imap {}".
Not all companies will allow user to share mailboxes, it may leak confidential information, so this feature is disabled in iRedMail by default.
Do not mistake "shared folders" for "public folders". For shared folders, users must select which folder they want to share and with who, using an interface, like the ones available with SOGo and SOGo connectors, or IMAP command line.

Summary

With Dovecot-1.2, it's possible to share your IMAP folders to other users. This article describes:

How to enable mailbox sharing in Dovecot
How to enable mailbox sharing in Roundcube webmail.
How to test mailbox sharing with telnet

Note:

For Roundcube user, there's a plugin available for roundcube-0.5, it's easy to let user manage their mailbox sharing.
For Thunderbird user, there's a add-on available too.

You can find links in Reference section.

Requirements

iRedMail-0.7.0 or later versions.

Some explainations:

iRedMail-0.7.0 ships dovecot-1.2, with all share folder related settings configured. But share folder is disabled by default.
Roundcube webmail in iRedMail-0.7.0 works with share folder by default. There's no addition change required.

Configure Dovecot

With iRedMail-0.7.0 or later versions, what we need to do is just enable ACL plugins to provide folder sharing.

Edit /etc/dovecot.conf (RHEL/CentOS) or /etc/dovecot/dovecot.conf (Debian/Ubuntu/openSUSE) or /usr/local/etc/dovecot.conf (FreeBSD), add ACL plugins in section "protocol lda {}" and "protocol imap {}":

File: dovecot.conf

protocol lda {
    mail_plugins = ... acl
}

protocol imap {
    mail_plugins = ... acl imap_acl
}

Test shared folder

Please restart dovecot after you modified its config file.

To test shared folder, I will share my (from@domain.ltd) 'Sent' folder to my colleague 'testing@domain.ltd'.

Steps:

Set a share folder with telnet.
- WARNING: Do not forget the dot before IMAP command.

Terminal:

# telnet localhost 143                   # <- Type this.
* OK [...] Dovecot ready.

. login from@domain.ltd passwd           # <- Type this. Login with my email address and plain password.
. OK [... ACL ..] Logged in

. SETACL Sent testing@domain.ltd rli      # <- Type this. Share folder 'Sent' to user testing@domain.ltd, with permissions: read (r), lookup (l) and insert (i).
. OK Setacl complete.
^]                                       # <- Press 'Ctrl + ]' to exit telnet.
telnet> quit

Log into roundcube webmail with account testing@domain.ltd. And you can see the shared folder. See screenshot here

Some more details:

After you shared folder with 'SETACL' command, dovecot will insert a record in MySQL database.
- With OpenLDAP backend, it's stored in iredadmin.share_folder.
- With MySQL backend, it's stored in vmail.share_folder.

Terminal:

# mysql -uroot -p
mysql> USE vmail;
mysql> SELECT * FROM share_folder;
+-----------------+--------------------+-------+
| from_user       | to_user            | dummy |
+-----------------+--------------------+-------+
| from@domain.ltd | testing@domain.ltd | 1     |
+-----------------+--------------------+-------+

References

BigMichi1's contribution
maxie_ro's contribution
Dovecot wiki: Mailbox sharing between users (v1.2+)
Plugin for Roundcube webmail (0.5+): http://lists.roundcube.net/mail-archive/dev/2011-01/0000012.html
- NOTE: This plugin is shipped in Roundcubemail, since Roundcubemail-0.7.x, plugin name "acl".
Imap-ACL-Extension for Thunderbird, manage acls/permissions for shared mailboxes/folders on imap servers.

@@ Line 3: / Line 3: @@
 Note:
 * Mailbox sharing related settings are configured by default in iRedMail-0.7.0, you just need to enable acl plugins in '''dovecot.conf''', section '''"protocols lda {}"''' and '''"protocol imap {}"'''.
-* Not all companies will allow user to share mailboxes, it may leak confidential information, so this feature is disabled by default.
+* Not all companies will allow user to share mailboxes, it may leak confidential information, so this feature is disabled in iRedMail by default.
+* Do not mistake "shared folders" for "public folders". For shared folders, users must select which folder they want to share and with who, using an interface, like the ones available with SOGo and SOGo connectors, or IMAP command line.
 = Summary =
@@ Line 20: / Line 21: @@
 = Requirements =
-* Dovecot >= 1.2. If you're using 1.1, please follow [[IRedMail/FAQ/Upgrade.Dovecot.1.1.to.1.2 |this detail tutorial]] to upgrade it.
+* iRedMail-0.7.0 or later versions.
-* Roundcube Webmail >= 0.5 -stable release.
+Some explainations:
+* iRedMail-0.7.0 ships dovecot-1.2, with all share folder related settings configured. But share folder is disabled by default.
+* Roundcube webmail in iRedMail-0.7.0 works with share folder by default. There's no addition change required.
 = Configure Dovecot =
-* Add ACL plugins in lda and imap:
+With iRedMail-0.7.0 or later versions, what we need to do is just enable ACL plugins to provide folder sharing.
+* Edit /etc/dovecot.conf (RHEL/CentOS) or /etc/dovecot/dovecot.conf (Debian/Ubuntu/openSUSE) or /usr/local/etc/dovecot.conf (FreeBSD), add ACL plugins in section '''"protocol lda {}"''' and '''"protocol imap {}"''':
 {{cfg|dovecot.conf|<pre>
 protocol lda {
@@ Line 35: / Line 41: @@
 </pre>}}
-* Add necessary NAMESPACE and ACL config:
+= Test shared folder =
-{{cfg|dovecot.conf|<pre>
-namespace private {
-  separator = /
-  prefix =
-  #location defaults to mail_location.
-  inbox = yes
-}
-namespace shared {
+Please restart dovecot after you modified its config file.
-  separator = /
-  prefix = Shared/%%u/
-  location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
-  # this namespace should handle its own subscriptions or not.
-  subscriptions = yes
-  list = children
-}
-plugin {
+To test shared folder, I will share my (from@domain.ltd) 'Sent' folder to my colleague 'testing@domain.ltd'.
-    acl = vfile
-}
-</pre>}}
-With the above configuration it's possible to open shared mailboxes if you know their name, but they won't be visible in the mailbox list. This is because Dovecot has no way of knowing what users have shared mailboxes to whom. Iterating through all users and looking inside their mail directories would be horribly inefficient for more than a couple users.
-To overcome this problem Dovecot needs a dictionary, which contains the list of users who have shared mailboxes and to whom they have shared. If the users aren't properly listed in this dictionary, their shared mailboxes won't be visible. Currently there's no way to automatically rebuild this dictionary, so make sure it doesn't get lost. If it does, each user having shared mailboxes must use the IMAP SETACL command (see below) to get the dictionary updated for themselves.
-{{cfg|dovecot.conf|<pre>
-plugin {
-    acl_shared_dict = proxy::acl
-}
-dict {
-    acl = mysql:/etc/dovecot/dovecot-share-folder.conf
-}
-</pre>}}
-* Create mysql lookup file: '''/etc/dovecot/dovecot-share-folder.conf''':
-{{cfg|/etc/dovecot/dovecot-share-folder.conf|<pre>
-connect = host=localhost dbname=vmail user=vmailadmin password=cZ0LFtKO7eqXzOzxruwbZ4h2F2PqkJ
-map {
-    pattern = shared/shared-boxes/user/$to/$from
-    table = share_folder
-    value_field = dummy
-    fields {
-        from_user = $from
-        to_user = $to
-    }
-}
-</pre>}}
-Note: MySQL user name must be vmailadmin or other users which have read/write privileges.
-* Create database in MySQL database: '''vmail'''.
-{{cmd|<pre>
-$ mysql -uroot -p
-mysql> USE vmail;
-mysql> CREATE TABLE IF NOT EXISTS share_folder (
-->  from_user VARCHAR(150) NOT NULL,
-->  to_user VARCHAR(150) NOT NULL,
-->  dummy CHAR(1),
-->  PRIMARY KEY (from_user, to_user)
--> );
-</pre>}}
-= Configure Roundcube Webmail =
-Roundcube-0.5 supports shared IMAP folder, with one config setting in '''main.inc.php''':
-{{cfg|main.inc.php|<pre>
-// imap's folder delimiter
-$rcmail_config['imap_delimiter'] = "/";
-// Leave below settings as "null".
-$rcmail_config['imap_ns_personal'] = null;
-$rcmail_config['imap_ns_other']    = null;
-$rcmail_config['imap_ns_shared']   = null;
-</pre>}}
-= Test shared folder =
-Please restart dovecot and apache web server after you modified dovecot and roundcube.
 Steps:
 * Set a share folder with telnet.
+** WARNING: Do not forget the dot before IMAP command.
 {{cmd|<pre>
-# telnet localhost 143
+# telnet localhost 143                   # <- Type this.
 * OK [...] Dovecot ready.
-. login from@domain.ltd passwd           # <- Login with your email address and password.
+. login from@domain.ltd passwd           # <- Type this. Login with my email address and plain password.
 . OK [... ACL ..] Logged in
-. SETACL Sent testing@a.cn rl          # <- Share folder 'Sent' to user testing@a.cn, allow to read (r) and lookup (l).
+. SETACL Sent testing@domain.ltd rli      # <- Type this. Share folder 'Sent' to user testing@domain.ltd, with permissions: read (r), lookup (l) and insert (i).
 . OK Setacl complete.
-^]                                       # <- Ctrl + ]
+^]                                       # <- Press 'Ctrl + ]' to exit telnet.
 telnet> quit
 </pre>}}
-* Log into roundcube webmail with account testing@a.cn. And you can now see the shared folder. See [http://screenshots.iredmail.googlecode.com/hg/iredmail/roundcube/imap-share-folder.png screenshot here]
+* Log into roundcube webmail with account testing@domain.ltd. And you can see the shared folder. See [http://screenshots.iredmail.googlecode.com/hg/iredmail/roundcube/imap-share-folder.png screenshot here]
-* After you shared folder with 'SETACL' command, dovecot will insert a record in MySQL database (table '''share_folder'''):
+Some more details:
+* After you shared folder with 'SETACL' command, dovecot will insert a record in MySQL database.
+** With OpenLDAP backend, it's stored in '''iredadmin.share_folder'''.
+** With MySQL backend, it's stored in '''vmail.share_folder'''.
 {{cmd|<pre>
 # mysql -uroot -p
 mysql> USE vmail;
 mysql> SELECT * FROM share_folder;
-+--------------+--------------+-------+
++-----------------+--------------------+-------+
-| from_user    | to_user      | dummy |
+| from_user       | to_user            | dummy |
-+--------------+--------------+-------+
++-----------------+--------------------+-------+
-| www@a.cn     | testing@a.cn | 1     |
+| from@domain.ltd | testing@domain.ltd | 1     |
-+--------------+--------------+-------+
++-----------------+--------------------+-------+
 </pre>}}
 = References =
 * [http://www.iredmail.org/forum/topic1446-howto-creating-shared-folders.html BigMichi1's contribution]
+* [[Addition/Shared_folders_with_dovecot_1.2 |maxie_ro's contribution]]
 * Dovecot wiki: [http://wiki.dovecot.org/SharedMailboxes/Shared Mailbox sharing between users (v1.2+)]
 * Plugin for Roundcube webmail (0.5+): http://lists.roundcube.net/mail-archive/dev/2011-01/0000012.html
+** NOTE: This plugin is shipped in Roundcubemail, since Roundcubemail-0.7.x, plugin name "acl".
 * [https://addons.mozilla.org/en-US/thunderbird/addon/imap-acl-extension/ Imap-ACL-Extension for Thunderbird], manage acls/permissions for shared mailboxes/folders on imap servers.
+[[Category: iRedMail/FAQ]]
+[[Category: FAQ]]

IRedMail/FAQ/Share.IMAP.Folder

From iRedMail

Current revision as of 08:30, 3 October 2012

Contents

Summary

Requirements

Configure Dovecot

Test shared folder

References

Views

Personal tools

Navigation

Search

Toolbox