diff --git a/howto/2-quarantining.md b/howto/2-quarantining.md index ddf5ff23..fe02f22f 100644 --- a/howto/2-quarantining.md +++ b/howto/2-quarantining.md @@ -2,7 +2,7 @@ [TOC] -## Summary + Since iRedMail-`0.7.0`, quarantining related settings in Amavisd are configured by iRedMail but disabled by default, you can easily enable quarantining with this tutorial. @@ -10,7 +10,7 @@ this tutorial. With below steps, Virus/Spam/Banned emails will be quarantined into SQL database. You can then manage quarantined emails with iRedAdmin-Pro. -## Update Amavisd config file to enable quarantining +## Quarantining spam, virus and banned messages Edit Amavisd config file, find below settings and update them. If it doesn't exist, please add them. @@ -22,9 +22,10 @@ or `/etc/amavisd.conf`. * on OpenBSD, it's `/etc/amavisd.conf`. ``` -# File: amavisd.conf +# Part of file: /etc/amavisd/amavisd.conf -# Change below 3 parameters to D_DISCARD. +# Change values of below 3 parameters to D_DISCARD. +# Detected spams/virus/banned messages will not be delivered to user's mailbox. $final_virus_destiny = D_DISCARD; $final_spam_destiny = D_DISCARD; $final_banned_destiny = D_DISCARD; @@ -37,7 +38,7 @@ $spam_quarantine_method = 'sql:'; $virus_quarantine_to = 'virus-quarantine'; $virus_quarantine_method = 'sql:'; -# Quarantine BANNED emails into SQL server. +# Quarantine BANNED message into SQL server. $banned_quarantine_to = 'banned-quarantine'; $banned_files_quarantine_method = 'sql:'; ``` @@ -45,7 +46,7 @@ $banned_files_quarantine_method = 'sql:'; Also, make sure you have below lines configured in same config file: ```perl -# For MySQL +# For MySQL/MariaDB/OpenLDAP backends @storage_sql_dsn = ( ['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'password'], ); @@ -56,7 +57,7 @@ Also, make sure you have below lines configured in same config file: #); ``` -Restart amavisd service to make it work. +Restarting amavisd service is required. ## Configure iRedAdmin-Pro to manage quarantined mails @@ -87,9 +88,10 @@ amavisd_quarantine_port = 9998 amavisd_enable_policy_lookup = True ``` -Restart Apache web server to make it work. +Restarting Apache web server or `uwsgi` service (if you're running Nginx as +web server) is required. -You can now login to iRedAdmin-Pro, and manage quarantined mails via menu +You can now login to iRedAdmin-Pro, and manage quarantined messages via menu `System -> Quarantined Mails`. Choose action in drop-down menu list to release or delete them. diff --git a/howto/mailbox.sharing.md b/howto/mailbox.sharing.md new file mode 100644 index 00000000..532c4939 --- /dev/null +++ b/howto/mailbox.sharing.md @@ -0,0 +1,100 @@ +# Mailbox sharing (Sharing IMAP folder with other users) + +> Since iRedMail-`0.7.0`, mailbox sharing related settings are configured in +> Dovecot but not enabled, what you need to do is enabling "acl" plugin as +> mentioned below. + +> Since iRedMail-`0.9.0`, mailbox sharing are enabled by default, you don't need +> to modify any config file. + +> Do not mistake "shared folders" for "public folders". For shared folders, +> users must select which folder they want to share and with who, using an +> interface, like IMAP command line or the ones available with Roundcube +> webmail or SOGo and SOGo connectors. + +## Enable mailbox sharing + +To enable mailbox sharing, please make sure you have plugin `acl` enabled +in Dovecot config file `/etc/dovecot/dovecot.conf` like below: + +* For Dovecot-1.2: +``` +# Part of file: /etc/dovecot/dovecot.conf + +protocol lda { + mail_plugins = ... acl +} + +protocol imap { + mail_plugins = ... acl imap_acl +} +``` + +* For Dovecot-2.x: +``` +# Part of file: /etc/dovecot/dovecot.conf + +mail_plugins = ... acl + +protocol imap { + mail_plugins = ... imap_acl +} +``` + +Restarting Dovecot service is required. + +## Test shared folder + +Example: share from@domain.ltd's `Sent` folder to user `testing@domain.ltd`. + +> WARNING: Do not forget the dot before IMAP command. + +``` +# telnet localhost 143 # <- Type this. +* OK [...] Dovecot ready. + +. login from@domain.ltd passwd # <- Type this. + # Login with full email address and password +. OK [... ACL ..] Logged in + +. SETACL Sent testing@domain.ltd rli # <- Type this. + # Share folder `Sent` with user testing@domain.ltd, + # with permissions: read (r), lookup (l) and insert (i). +. OK Setacl complete. + +^] # <- Press `Ctrl + ]` to exit telnet. +telnet> quit +``` + +Log into Roundcube webmail or SOGo as user `testing@domain.ltd`, you should +see the shared folder. + +Some more details: + +* After you shared folder with `SETACL` command, dovecot will insert a record + in MySQL database. + + * With OpenLDAP backend, it's stored in `iredadmin.share_folder`. + * With MySQL/MariaDB/PostgreSQL backends, it's stored in `vmail.share_folder`. + +``` +# mysql -uroot -p +mysql> USE vmail; +mysql> SELECT * FROM share_folder; ++-----------------+--------------------+-------+ +| from_user | to_user | dummy | ++-----------------+--------------------+-------+ +| from@domain.ltd | testing@domain.ltd | 1 | ++-----------------+--------------------+-------+ +``` + +## References + +* Dovecot wiki: + + * [Mailbox sharing between users (v2.0+)](http://wiki2.dovecot.org/SharedMailboxes/Shared) + * [Mailbox sharing between users (v1.2+)](http://wiki.dovecot.org/SharedMailboxes/Shared) + +* Roundcubemail has official plugin `acl` to manage mailbox sharing. +* SOGo groupware supports mailbox sharing by default: right-click IMAP folder, choose `Sharing`. +* [Imap-ACL-Extension for Thunderbird](https://addons.mozilla.org/en-US/thunderbird/addon/imap-acl-extension/), manage acls/permissions for shared mailboxes/folders on imap servers. diff --git a/html/index.html b/html/index.html index ffcd79f3..aaa19e73 100644 --- a/html/index.html +++ b/html/index.html @@ -57,6 +57,7 @@
  • LDAP: Add a mail alias account
  • LDAP: Add a mail list account
  • LDAP: User mail forwarding.
    • +
  • Mailbox sharing (Sharing IMAP folder with other users)
  • Monitor incoming and outgoing mails with BCC
  • Pipe incoming email for certain user to external script
  • Force Dovecot to recalculate mailbox quota
    • diff --git a/html/mailbox.sharing.html b/html/mailbox.sharing.html new file mode 100644 index 00000000..30bdd511 --- /dev/null +++ b/html/mailbox.sharing.html @@ -0,0 +1,124 @@ + + + + Mailbox sharing (Sharing IMAP folder with other users) + + + + +

    Mailbox sharing (Sharing IMAP folder with other users)

    +
    +

    Since iRedMail-0.7.0, mailbox sharing related settings are configured in +Dovecot but not enabled, what you need to do is enabling "acl" plugin as +mentioned below.

    +

    Since iRedMail-0.9.0, mailbox sharing are enabled by default, you don't need +to modify any config file.

    +

    Do not mistake "shared folders" for "public folders". For shared folders, +users must select which folder they want to share and with who, using an +interface, like IMAP command line or the ones available with Roundcube +webmail or SOGo and SOGo connectors.

    +
    +

    Enable mailbox sharing

    +

    To enable mailbox sharing, please make sure you have plugin acl enabled +in Dovecot config file /etc/dovecot/dovecot.conf like below:

    + +
    # Part of file: /etc/dovecot/dovecot.conf
+
+protocol lda {
+    mail_plugins = ... acl
+}
+
+protocol imap {
+    mail_plugins = ... acl imap_acl
+}
+
    + + +
    # Part of file: /etc/dovecot/dovecot.conf
+
+mail_plugins = ... acl
+
+protocol imap {
+    mail_plugins = ... imap_acl
+}
+
    + +

    Restarting Dovecot service is required.

    +

    Test shared folder

    +

    Example: share from@domain.ltd's Sent folder to user testing@domain.ltd.

    +
    +

    WARNING: Do not forget the dot before IMAP command.

    +
    +
    # telnet localhost 143                # <- Type this.
+* OK [...] Dovecot ready.
+
+. login from@domain.ltd passwd        # <- Type this.
+                                      # Login with full email address and password
+. OK [... ACL ..] Logged in
+
+. SETACL Sent testing@domain.ltd rli  # <- Type this.
+                                      # Share folder `Sent` with user testing@domain.ltd,
+                                      # with permissions: read (r), lookup (l) and insert (i).
+. OK Setacl complete.
+
+^]                                    # <- Press `Ctrl + ]` to exit telnet.
+telnet> quit
+
    + +

    Log into Roundcube webmail or SOGo as user testing@domain.ltd, you should +see the shared folder.

    +

    Some more details:

    + +
    # mysql -uroot -p
+mysql> USE vmail;
+mysql> SELECT * FROM share_folder;
++-----------------+--------------------+-------+
+| from_user       | to_user            | dummy |
++-----------------+--------------------+-------+
+| from@domain.ltd | testing@domain.ltd | 1     |
++-----------------+--------------------+-------+
+
    + +

    References

    +

    Document published under a CC BY-ND 3.0 license. If you found something wrong, please do contact us to fix it. + + + \ No newline at end of file diff --git a/html/quarantining.html b/html/quarantining.html index cda6b626..dd9860f8 100644 --- a/html/quarantining.html +++ b/html/quarantining.html @@ -14,8 +14,7 @@

    -

    Summary

    Since iRedMail-0.7.0, quarantining related settings in Amavisd are configured by iRedMail but disabled by default, you can easily enable quarantining with this tutorial.

    With below steps, Virus/Spam/Banned emails will be quarantined into SQL database. You can then manage quarantined emails with iRedAdmin-Pro.

    -

    Update Amavisd config file to enable quarantining

    +

    Quarantining spam, virus and banned messages

    Edit Amavisd config file, find below settings and update them. If it doesn't exist, please add them.

    -
    # File: amavisd.conf
+
    # Part of file: /etc/amavisd/amavisd.conf
 
-# Change below 3 parameters to D_DISCARD.
+# Change values of below 3 parameters to D_DISCARD.
+# Detected spams/virus/banned messages will not be delivered to user's mailbox.
 $final_virus_destiny = D_DISCARD;
 $final_spam_destiny = D_DISCARD;
 $final_banned_destiny = D_DISCARD;
@@ -54,13 +53,13 @@ $spam_quarantine_method = 'sql:';
 $virus_quarantine_to = 'virus-quarantine';
 $virus_quarantine_method = 'sql:';
 
-# Quarantine BANNED emails into SQL server.
+# Quarantine BANNED message into SQL server.
 $banned_quarantine_to = 'banned-quarantine';
 $banned_files_quarantine_method = 'sql:';
 
    
 
 
    Also, make sure you have below lines configured in same config file:
    
-
    # For MySQL
+
    # For MySQL/MariaDB/OpenLDAP backends
 @storage_sql_dsn = (
     ['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'password'],
 );
@@ -71,7 +70,7 @@ $banned_files_quarantine_method = 'sql:';
 #);
 
    
 
-
    Restart amavisd service to make it work.
    
+
    Restarting amavisd service is required.
    
 
    Configure iRedAdmin-Pro to manage quarantined mails
    
 
    Update iRedAdmin-Pro config file, make sure you have correct settings for Amavisd:
    
 
      
@@ -99,8 +98,9 @@ amavisd_quarantine_port = 9998
 amavisd_enable_policy_lookup = True
 
    
 
-
    Restart Apache web server to make it work.
    
-
    You can now login to iRedAdmin-Pro, and manage quarantined mails via menu
+
    Restarting Apache web server or uwsgi service (if you're running Nginx as
+web server) is required.
    
+
    You can now login to iRedAdmin-Pro, and manage quarantined messages via menu
 System -> Quarantined Mails. Choose action in drop-down menu list to release
 or delete them.
    
 
    Screenshots attached at the bottom.