Shared Mailboxes with DBMail
Author: Wolfram A. Kraushaar
I've written this page because I spent a large amount of time to figure out, how this is actually done in DBMail. I'm not sure if this the perfect way to do that, but it worked for me.
Shared Mailboxes in DBMail are implemented using the IMAP ACL and NAMESPACE Extensions as defined in the RFCs 2086 and 2342
There are two types of shared Mailboxes available in DBMail:
Public Mailboxes in the ”#Public” namespace and
Personal shared Mailboxes in the ”#Users” namespace.
To use Public Mailboxes you need to add a user with the userid
in the dbmail_users table and assign one or more mailboxes in dbmail_mailboxes to this user.
INSERT INTO dbmail_users (userid, password) VALUES ('__public__','<password_to_be_kept_very_secret>');
I actually didn't dig very deep in the sourcecode if this user would be able to login, so maybe the password isn't necessary. (Brad: I don't think a public password is necessary either.) The other attributes will be filled with default values, you may specify more options if you want to.
dbmail-user -a __public__ -w somesecret
will also do the trick. If you use authldap, it is the *only* way because you need a user in ldap as well as a shadow user in sql with the same uid number.
Check the er-model for an explanation of the attributes.
NOTE: If you are using Cyrus SASL for SMTP-Auth it might be useful to specify this user as exclusion statement in the password query.
You can retrieve the automatically assigned user_idnr with the following query:
SELECT user_idnr FROM dbmail_users WHERE userid='__public__';
In the next step you create a mailbox, which will be visible to some of the users with lookup rights under the ”#Public” Namespace.
In the following example we create a public mailbox named “projects”.
INSERT INTO dbmail_mailboxes (owner_idnr, name, seen_flag, answered_flag, deleted_flag, flagged_flag, recent_flag, draft_flag, permission) VALUES (<the_retrieved_public_useridnumber>, 'projects', 1, 1, 1, 1, 1, 1, 2 );
You can retrieve the assigned mailbox_idnr with the following query:
SELECT mailbox_idnr FROM dbmail_mailboxes WHERE owner_idnr=<the_retrieved_public_useridnumber> AND name='projects';
Afterwards you have to assign permissions to each user you want to grant access in the dbmail_acl table for this public mailbox.
INSERT INTO dbmail_acl VALUES ( <user_idnr_to_grant_access_to>, <retrieved_public_mailbox_idnr>, ,<valid_permissions_for_that_user> );
For Example: If the project mailbox has the mailbox_idnr 35 and the user you want to grant full access to this mailbox has the user_idnr 5, you do the following:
INSERT INTO dbmail_acl VALUES ( 5, 35, 1, 1, 1, 1, 1, 1, 1, 1, 1 );
NOTE: Have a look at the er-model before you grant full access to a user. The various flags allow to define fine grained access controls to a mailbox.
For personal shared mailboxes the user granting access to one of his mailboxes needs an IMAP Client supporting the IMAP ACL Extensions commands.
Nonetheless this can also be done with SQL Queries like the ones shown for public mailboxes.
Using a MUA like Mulberry you have to know the login name aka userid of the user you want to grant access to one or more of your mailboxes and assign this userid the required rights.
Personal shared Mailboxes are NOT shown to the IMAP user by default. If you want to access another users shared Mailbox you have to know his userid aka. login name.
Personal shared Mailboxes can be looked up by specifying the following lookup base: #Users/<userid>
If the IMAP Client doesn't support looking up Mailboxes like this you can as well add this mailbox_idnr and the user_idnr to the dbmail_subscriptions table and it will show up on the next LSUB command of the users IMAP Client.
For the Example above:
INSERT INTO dbmail_subscription VALUES ( 5, 35 );
However all of these tasks ask for a neat web interface providing the functionality mentioned above.
If you want to provide a central mailbox for *all* users that is also possible.
Create a mailbox owned by
Retrieve the user_idnr for the 'anyone' user.
Grant access to 'anyone' on the mailbox.
Such a mailbox is very useful as a maildrop for spam that slipped through your spamassassin/dspam setup.
Author: Dennis T. Kaplan
If user_idnr for public = 3
INSERT INTO `dbmail_aliases` ( `alias_idnr` , `alias` , `deliver_to` , `client_idnr` ) VALUES ( '5', 'email@example.com', '3', '0' );
Then (for people using dbmail-2.0)
INSERT INTO `dbmail_filters` ( `user_id` , `filter_id` , `filter_field` , `filter_value` , `mailbox` ) VALUES ( '3', '0', 'To', 'projects', 'projects' );