nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-06-03 10:50:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

email_server: dovecot: Don't deliver mail to home directory

Browse Source 
Delivering mail to home directory is only needed when users are expected to
login via terminal and use command line tools for accessing their email. In
FreedomBox, we expect users to use GUI tools such as Thunderbird and K-9 Mail to
access their mail. So, POP3 and IMAP access sufficient.

Not trying to compatible with command line mail tools means that high
performance mailbox storage formats can be chosen. This is important to ensure
that accessing mail via IMAP is fast. In future, we can consider enabling full
text search using Apache Solr.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2021-10-22 19:36:53 -07:00 committed by James Valleroy
parent afc958a884
commit 88e372b8f8
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
2 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
plinth/modules/email_server/data/etc/dovecot/conf.d/05-freedombox-mail.conf Normal file
View File

@ -0,0 +1,25 @@
# Direct edits to this file will be lost!
# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
# Users in FreedomBox are not expected to access mail by logging into the
# system. Storing the mail in single location instead of home directories and
# with single UID/GID simplifies security reasoning and backup/restore
# operations.
#
# When FreedomBox has multiple domains a user is expected to get a mailbox that
# is same across the domains. Changing an domain name is not uncommon in
# FreedomBox. So, authenticate and store mails based on username only instead of
# including domain names in storage path.
#
# For authdb and userdb, the passwd driver looks up using NSS. In FreedomBox,
# NSS is configured to lookup LDAP with the help of libnss-ldapd. There is no
# need to configure LDAP lookup separately.
#
# Directories are created under /var/mail as necessary by dovecot. Permissions
# for newly created directories are inherited from parent directory. FreedomBox
# will remove all permissions for 'others' from /var/mail to ensure that mail is
# not read by non-root users.
userdb {
driver = passwd
override_fields = home=/var/mail/%Ln uid=mail gid=mail
}

16
plinth/modules/email_server/data/etc/dovecot/conf.d/15-freedombox-mail.conf Normal file
View File

@ -0,0 +1,16 @@
# Direct edits to this file will be lost!
# Manage your settings on Plinth <https://localhost/plinth/apps/email_server>
# Use sdbox, a format specific to dovecot, for storing mails. The format allows
# better performance with some IMAP queries. When this is combined with Full
# Text Search (FTS), users will get optimal web and desktop mail experience.
# Don't pick mdbox format because is requires regular expunge maintenance. We
# have enabled btrfs filesystem compression by default.
mail_location = sdbox:~/mail
# We try to deliver all mail using a single UID 'mail' and a single GID 'mail'.
# In Debian, UID of mail user is 8 and GID of mail user is 8 as set in
# /usr/share/base-passwd/{passwd|group}.master. By default first valid UID in
# dovecot is 500.
first_valid_uid = 8
last_valid_uid = 8