New: howto/mailbox.sharing.md.

Formating howto/2-quarantining.md.
This commit is contained in:
Zhang Huangbin 2014-12-18 20:40:50 +08:00
parent 3142dd78a9
commit 6fc3ae6bef
5 changed files with 247 additions and 20 deletions

View File

@ -2,7 +2,7 @@
[TOC]
## Summary
Since iRedMail-`0.7.0`, quarantining related settings in Amavisd are configured
by iRedMail but disabled by default, you can easily enable quarantining with
this tutorial.
@ -10,7 +10,7 @@ this tutorial.
With below steps, Virus/Spam/Banned emails will be quarantined into SQL database.
You can then manage quarantined emails with iRedAdmin-Pro.
## Update Amavisd config file to enable quarantining
## Quarantining spam, virus and banned messages
Edit Amavisd config file, find below settings and update them. If it doesn't
exist, please add them.
@ -22,9 +22,10 @@ or `/etc/amavisd.conf`.
* on OpenBSD, it's `/etc/amavisd.conf`.
```
# File: amavisd.conf
# Part of file: /etc/amavisd/amavisd.conf
# Change below 3 parameters to D_DISCARD.
# Change values of below 3 parameters to D_DISCARD.
# Detected spams/virus/banned messages will not be delivered to user's mailbox.
$final_virus_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
@ -37,7 +38,7 @@ $spam_quarantine_method = 'sql:';
$virus_quarantine_to = 'virus-quarantine';
$virus_quarantine_method = 'sql:';
# Quarantine BANNED emails into SQL server.
# Quarantine BANNED message into SQL server.
$banned_quarantine_to = 'banned-quarantine';
$banned_files_quarantine_method = 'sql:';
```
@ -45,7 +46,7 @@ $banned_files_quarantine_method = 'sql:';
Also, make sure you have below lines configured in same config file:
```perl
# For MySQL
# For MySQL/MariaDB/OpenLDAP backends
@storage_sql_dsn = (
['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'password'],
);
@ -56,7 +57,7 @@ Also, make sure you have below lines configured in same config file:
#);
```
Restart amavisd service to make it work.
Restarting amavisd service is required.
## Configure iRedAdmin-Pro to manage quarantined mails
@ -87,9 +88,10 @@ amavisd_quarantine_port = 9998
amavisd_enable_policy_lookup = True
```
Restart Apache web server to make it work.
Restarting Apache web server or `uwsgi` service (if you're running Nginx as
web server) is required.
You can now login to iRedAdmin-Pro, and manage quarantined mails via menu
You can now login to iRedAdmin-Pro, and manage quarantined messages via menu
`System -> Quarantined Mails`. Choose action in drop-down menu list to release
or delete them.

100
howto/mailbox.sharing.md Normal file
View File

@ -0,0 +1,100 @@
# Mailbox sharing (Sharing IMAP folder with other users)
> Since iRedMail-`0.7.0`, mailbox sharing related settings are configured in
> Dovecot but not enabled, what you need to do is enabling "acl" plugin as
> mentioned below.
> Since iRedMail-`0.9.0`, mailbox sharing are enabled by default, you don't need
> to modify any config file.
> Do not mistake "shared folders" for "public folders". For shared folders,
> users must select which folder they want to share and with who, using an
> interface, like IMAP command line or the ones available with Roundcube
> webmail or SOGo and SOGo connectors.
## Enable mailbox sharing
To enable mailbox sharing, please make sure you have plugin `acl` enabled
in Dovecot config file `/etc/dovecot/dovecot.conf` like below:
* For Dovecot-1.2:
```
# Part of file: /etc/dovecot/dovecot.conf
protocol lda {
mail_plugins = ... acl
}
protocol imap {
mail_plugins = ... acl imap_acl
}
```
* For Dovecot-2.x:
```
# Part of file: /etc/dovecot/dovecot.conf
mail_plugins = ... acl
protocol imap {
mail_plugins = ... imap_acl
}
```
Restarting Dovecot service is required.
## Test shared folder
Example: share from@domain.ltd's `Sent` folder to user `testing@domain.ltd`.
> WARNING: Do not forget the dot before IMAP command.
```
# telnet localhost 143 # <- Type this.
* OK [...] Dovecot ready.
. login from@domain.ltd passwd # <- Type this.
# Login with full email address and password
. OK [... ACL ..] Logged in
. SETACL Sent testing@domain.ltd rli # <- Type this.
# Share folder `Sent` with user testing@domain.ltd,
# with permissions: read (r), lookup (l) and insert (i).
. OK Setacl complete.
^] # <- Press `Ctrl + ]` to exit telnet.
telnet> quit
```
Log into Roundcube webmail or SOGo as user `testing@domain.ltd`, you should
see the shared folder.
Some more details:
* After you shared folder with `SETACL` command, dovecot will insert a record
in MySQL database.
* With OpenLDAP backend, it's stored in `iredadmin.share_folder`.
* With MySQL/MariaDB/PostgreSQL backends, it's stored in `vmail.share_folder`.
```
# mysql -uroot -p
mysql> USE vmail;
mysql> SELECT * FROM share_folder;
+-----------------+--------------------+-------+
| from_user | to_user | dummy |
+-----------------+--------------------+-------+
| from@domain.ltd | testing@domain.ltd | 1 |
+-----------------+--------------------+-------+
```
## References
* Dovecot wiki:
* [Mailbox sharing between users (v2.0+)](http://wiki2.dovecot.org/SharedMailboxes/Shared)
* [Mailbox sharing between users (v1.2+)](http://wiki.dovecot.org/SharedMailboxes/Shared)
* Roundcubemail has official plugin `acl` to manage mailbox sharing.
* SOGo groupware supports mailbox sharing by default: right-click IMAP folder, choose `Sharing`.
* [Imap-ACL-Extension for Thunderbird](https://addons.mozilla.org/en-US/thunderbird/addon/imap-acl-extension/), manage acls/permissions for shared mailboxes/folders on imap servers.

View File

@ -57,6 +57,7 @@
<li><a href="ldap.add.mail.alias.html">LDAP: Add a mail alias account</a></li>
<li><a href="ldap.add.mail.list.html">LDAP: Add a mail list account</a></li>
<li><a href="ldap.user.mail.forwarding.html">LDAP: User mail forwarding.</a></li>
<li><a href="mailbox.sharing.html">Mailbox sharing (Sharing IMAP folder with other users)</a></li>
<li><a href="monitor.incoming.and.outgoing.mails.with.bcc.html">Monitor incoming and outgoing mails with BCC</a></li>
<li><a href="pipe.incoming.email.for.certain.user.to.external.script.html">Pipe incoming email for certain user to external script </a></li>
<li><a href="recalculate.mailbox.quota.html">Force Dovecot to recalculate mailbox quota</a></li>

124
html/mailbox.sharing.html Normal file
View File

@ -0,0 +1,124 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Mailbox sharing (Sharing IMAP folder with other users)</title>
<link href="./css/markdown.css" rel="stylesheet"></head>
</head>
<body>
<div id="navigation">
<a href="http://www.iredmail.org" target="_blank">iRedMail web site</a>
// <a href="./index.html">Document Index</a>
</div><h1 id="mailbox-sharing-sharing-imap-folder-with-other-users">Mailbox sharing (Sharing IMAP folder with other users)</h1>
<blockquote>
<p>Since iRedMail-<code>0.7.0</code>, mailbox sharing related settings are configured in
Dovecot but not enabled, what you need to do is enabling "acl" plugin as
mentioned below.</p>
<p>Since iRedMail-<code>0.9.0</code>, mailbox sharing are enabled by default, you don't need
to modify any config file.</p>
<p>Do not mistake "shared folders" for "public folders". For shared folders,
users must select which folder they want to share and with who, using an
interface, like IMAP command line or the ones available with Roundcube
webmail or SOGo and SOGo connectors.</p>
</blockquote>
<h2 id="enable-mailbox-sharing">Enable mailbox sharing</h2>
<p>To enable mailbox sharing, please make sure you have plugin <code>acl</code> enabled
in Dovecot config file <code>/etc/dovecot/dovecot.conf</code> like below:</p>
<ul>
<li>For Dovecot-1.2:</li>
</ul>
<pre><code># Part of file: /etc/dovecot/dovecot.conf
protocol lda {
mail_plugins = ... acl
}
protocol imap {
mail_plugins = ... acl imap_acl
}
</code></pre>
<ul>
<li>For Dovecot-2.x:</li>
</ul>
<pre><code># Part of file: /etc/dovecot/dovecot.conf
mail_plugins = ... acl
protocol imap {
mail_plugins = ... imap_acl
}
</code></pre>
<p>Restarting Dovecot service is required.</p>
<h2 id="test-shared-folder">Test shared folder</h2>
<p>Example: share from@domain.ltd's <code>Sent</code> folder to user <code>testing@domain.ltd</code>.</p>
<blockquote>
<p>WARNING: Do not forget the dot before IMAP command.</p>
</blockquote>
<pre><code># telnet localhost 143 # &lt;- Type this.
* OK [...] Dovecot ready.
. login from@domain.ltd passwd # &lt;- Type this.
# Login with full email address and password
. OK [... ACL ..] Logged in
. SETACL Sent testing@domain.ltd rli # &lt;- Type this.
# Share folder `Sent` with user testing@domain.ltd,
# with permissions: read (r), lookup (l) and insert (i).
. OK Setacl complete.
^] # &lt;- Press `Ctrl + ]` to exit telnet.
telnet&gt; quit
</code></pre>
<p>Log into Roundcube webmail or SOGo as user <code>testing@domain.ltd</code>, you should
see the shared folder.</p>
<p>Some more details:</p>
<ul>
<li>
<p>After you shared folder with <code>SETACL</code> command, dovecot will insert a record
in MySQL database.</p>
<ul>
<li>With OpenLDAP backend, it's stored in <code>iredadmin.share_folder</code>.</li>
<li>With MySQL/MariaDB/PostgreSQL backends, it's stored in <code>vmail.share_folder</code>.</li>
</ul>
</li>
</ul>
<pre><code># mysql -uroot -p
mysql&gt; USE vmail;
mysql&gt; SELECT * FROM share_folder;
+-----------------+--------------------+-------+
| from_user | to_user | dummy |
+-----------------+--------------------+-------+
| from@domain.ltd | testing@domain.ltd | 1 |
+-----------------+--------------------+-------+
</code></pre>
<h2 id="references">References</h2>
<ul>
<li>
<p>Dovecot wiki:</p>
<ul>
<li><a href="http://wiki2.dovecot.org/SharedMailboxes/Shared">Mailbox sharing between users (v2.0+)</a></li>
<li><a href="http://wiki.dovecot.org/SharedMailboxes/Shared">Mailbox sharing between users (v1.2+)</a></li>
</ul>
</li>
<li>
<p>Roundcubemail has official plugin <code>acl</code> to manage mailbox sharing.</p>
</li>
<li>SOGo groupware supports mailbox sharing by default: right-click IMAP folder, choose <code>Sharing</code>.</li>
<li><a href="https://addons.mozilla.org/en-US/thunderbird/addon/imap-acl-extension/">Imap-ACL-Extension for Thunderbird</a>, manage acls/permissions for shared mailboxes/folders on imap servers.</li>
</ul><p style="text-align: center; color: grey;">Document published under a <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">CC BY-ND 3.0</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<!-- Google Analytics -->
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-3293801-14");
pageTracker._trackPageview();
} catch(err) {}
</script>
</body></html>

View File

@ -14,8 +14,7 @@
<div class="toc">
<ul>
<li><a href="#quarantining">Quarantining</a><ul>
<li><a href="#summary">Summary</a></li>
<li><a href="#update-amavisd-config-file-to-enable-quarantining">Update Amavisd config file to enable quarantining</a></li>
<li><a href="#quarantining-spam-virus-and-banned-messages">Quarantining spam, virus and banned messages</a></li>
<li><a href="#configure-iredadmin-pro-to-manage-quarantined-mails">Configure iRedAdmin-Pro to manage quarantined mails</a></li>
<li><a href="#quarantine-clean-emails">Quarantine clean emails</a></li>
<li><a href="#screenshots">Screenshots</a></li>
@ -23,13 +22,12 @@
</li>
</ul>
</div>
<h2 id="summary">Summary</h2>
<p>Since iRedMail-<code>0.7.0</code>, quarantining related settings in Amavisd are configured
by iRedMail but disabled by default, you can easily enable quarantining with
this tutorial.</p>
<p>With below steps, Virus/Spam/Banned emails will be quarantined into SQL database.
You can then manage quarantined emails with iRedAdmin-Pro.</p>
<h2 id="update-amavisd-config-file-to-enable-quarantining">Update Amavisd config file to enable quarantining</h2>
<h2 id="quarantining-spam-virus-and-banned-messages">Quarantining spam, virus and banned messages</h2>
<p>Edit Amavisd config file, find below settings and update them. If it doesn't
exist, please add them.</p>
<ul>
@ -39,9 +37,10 @@ or <code>/etc/amavisd.conf</code>.</li>
<li>on FreeBSD, it's <code>/usr/local/etc/amavisd.conf</code>.</li>
<li>on OpenBSD, it's <code>/etc/amavisd.conf</code>.</li>
</ul>
<pre><code># File: amavisd.conf
<pre><code># Part of file: /etc/amavisd/amavisd.conf
# Change below 3 parameters to D_DISCARD.
# Change values of below 3 parameters to D_DISCARD.
# Detected spams/virus/banned messages will not be delivered to user's mailbox.
$final_virus_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
@ -54,13 +53,13 @@ $spam_quarantine_method = 'sql:';
$virus_quarantine_to = 'virus-quarantine';
$virus_quarantine_method = 'sql:';
# Quarantine BANNED emails into SQL server.
# Quarantine BANNED message into SQL server.
$banned_quarantine_to = 'banned-quarantine';
$banned_files_quarantine_method = 'sql:';
</code></pre>
<p>Also, make sure you have below lines configured in same config file:</p>
<pre><code class="perl"># For MySQL
<pre><code class="perl"># For MySQL/MariaDB/OpenLDAP backends
@storage_sql_dsn = (
['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'password'],
);
@ -71,7 +70,7 @@ $banned_files_quarantine_method = 'sql:';
#);
</code></pre>
<p>Restart amavisd service to make it work.</p>
<p>Restarting amavisd service is required.</p>
<h2 id="configure-iredadmin-pro-to-manage-quarantined-mails">Configure iRedAdmin-Pro to manage quarantined mails</h2>
<p>Update iRedAdmin-Pro config file, make sure you have correct settings for Amavisd:</p>
<ul>
@ -99,8 +98,9 @@ amavisd_quarantine_port = 9998
amavisd_enable_policy_lookup = True
</code></pre>
<p>Restart Apache web server to make it work.</p>
<p>You can now login to iRedAdmin-Pro, and manage quarantined mails via menu
<p>Restarting Apache web server or <code>uwsgi</code> service (if you're running Nginx as
web server) is required.</p>
<p>You can now login to iRedAdmin-Pro, and manage quarantined messages via menu
<code>System -&gt; Quarantined Mails</code>. Choose action in drop-down menu list to release
or delete them.</p>
<p>Screenshots attached at the bottom.</p>