SharedMailboxes

There are 3 ways to share mailboxes in dovecot as outlined here.

This document explains how IRCNOW teams can configure this feature to share the mailboxes for support@ with all members of your server team. It is assumed you already have a working Dovecot.Install.

Symlink Method

The simplest way to do this is using the symlink method as described here. The advantage this has is there is no need to change your dovecot config. The disadvantage is you need to manually manage the symlinks and each folder to be shared has to be specified individually.

Consider the following example for sharing the support@planetofnix.com INBOX and a sub folder .INBOX.cron with user izzyb.

ln -s /var/vmail/planetofnix.com/support/Maildir /var/vmail/planetofnix.com/izzyb/Maildir/.shared.support
ln -s /var/vmail/planetofnix.com/support/Maildir/.INBOX.cron /var/vmail/planetofnix.com/izzyb/Maildir/.shared.support.cron

In your email client, you'll need to subscribe to these new mailboxes if you don't see them automatically.

Public Mailboxes

This method uses a public namespace as described in this document. The idea being that each user will have a Public Mailbox they can create sub-Mailboxes in that will be shared to all users on the system. You'd need to run something like procmail to auto sort incoming mail to the public folders for the support@ account, and it would be visible to all users. As such, this isn't a recommended solution to for sharing support@ emails as there is no way to limit who has access.

WIP - example to follow

Shared Mailboxes

This is the recommended method, but also most complicated to setup. It uses shared mailboxes as described in this document.

There are two ways this can be done; Global ACL Method, or Per User ACL Method.

Global ACL Method

This method isn't recommended for the same reasons as the public share method. There is no way to limit which users shared folders are accessible to the users grated access. Sharing INBOX this way would grant access to the inbox of all users, not just support@planetofnix.com. This is more useful for creating a default PUBLIC mailbox that all users can put publicly shared mailboxes into. Again, this is global so it grants access to the PUBLIC mailboxes of all users.

WIP...

Per User ACL Method

This is broken ATM - WIP

This document follows this guide in part

The first step is to enable the shared namespace. Edit the file /etc/dovecot/conf.d/10-mail.conf. You'll see a commented out section that looks something like this. Remove the comments to enable it as shown here:

# Example shared namespace configuration
namespace {
  type = shared
  separator = /

  # Mailboxes are visible under "shared/user@domain/"
  # %%n, %%d and %%u are expanded to the destination user.
  prefix = shared/%%u/

  # Mail location for other users' mailboxes. Note that %variables and ~/
  # expands to the logged in user's data. %%n, %%d, %%u and %%h expand to the
  # destination user's data.
  location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u

  # Use the default namespace for saving subscriptions.
  subscriptions = no

  # List the shared/ namespace only if there are visible shared mailboxes.
  list = children
}

# (...) scroll down to the mail_plugins section and edit like this:

# Space separated list of plugins to load for all services. Plugins specific to
# IMAP, LDA, etc. are added to this list in their own .conf files.
mail_plugins = acl

Next you need to enable imap_acl by editing /etc/dovecot/conf.d/20-imap.conf to look something like this:

protocol imap {
  # Space separated list of plugins to load (default is global mail_plugins).
  mail_plugins = $mail_plugins imap_acl

  # Maximum number of IMAP connections allowed for a user from each IP address.
  # NOTE: The username is compared case-sensitively.
  mail_max_userip_connections = 10
}

Now you need to provide some configuration parameters for the acl plugin by removing the comments in /etc/dovecot/conf.d/90-acl.conf so it looks like this:

plugin {
  # using /etc/mail/ instead of /etc/dovecot/ since this is where user config details are stored
  acl = vfile:/etc/mail/global-acls:cache_secs=300
}

# To let users LIST mailboxes shared by other users, Dovecot needs a
# shared mailbox dictionary. For example:
plugin {
  acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
}

Finally, enter the following to restart Dovecot and you should have mailbox sharing enabled.

doas rcctl reload dovecot

Sharing Mailboxes

Now that you have mailbox sharing enabled, we need to share some mailboxes. These instructions cover using doveadm acl (see man doveadm-acl) for sharing mailboxes from the support@ email account.

To be continued...