Another look at shared spam folder under Courier IMAP
This article is meant to be a continuation from my previous attempt to integrate SpamAssassin with Courier IMAP. Quite a few people emailed me asking about receiving new emails on a shared Courier IMAP folder. In my original implementation, all the flagged spams will be delivered to a shared maildir by procmail, however Courier does not seem to pick them up if you are not the recipient of these new emails, i.e. you don’t actually own the files in the maildir. I didn’t really care until recently. But now I want to try some Bayesian spam classifiers that is built into later versions of SpamAssassin, and would like to get shared IMAP folders to work so I can set up spam and ham buckets. Thus I started my quest to look again at receiving new emails in shared folders in Courier IMAP.
At the point of writing, my mail server is still running an older version of Courier IMAP, on my old Mandrake 9.0. Version 1.6.2 to be exact, where as 2.1.0 is already available on their website. I might upgrade when I can overcome procrastination.
Documentation
First of all, there are some of the official documentations on the shared folder implementation on Courier IMAP.
Step Through
My aim is to ask procmail to deliver everyone’s spam emails into “shared.System.Spam” IMAP folder. All my mail-receiving users belong to a unix group called “users“.
-
I need to create the shared maildir first. I put all my shared folders under “/var/spool/Maildir“, so first I will create a “System” sharable maildir, and then create a “Spam” folder inside it. Run these commands as root.
# maildirmake -S /var/spool/Maildir/System # maildirmake -s write -f Spam /var/spool/Maildir/System # ls -lF /var/spool/Maildir/System/.Spam total 2 drwxrwxrwt 2 root root 48 Aug 20 07:28 cur/ -rw------- 1 root root 0 Aug 20 07:28 maildirfolder drwxrwxrwt 2 root root 48 Aug 20 07:28 new/ drwxrwxrwt 2 root root 48 Aug 20 07:28 tmp/ -
The problem with the default “maildirmake -s write” is that it creates directories with mode 1777. Because of this sticky bit (mode ‘t‘ displayed in directory listing), you cannot remove files that does not belong to you. However, it is necessary for Courier IMAP to move all email files from ‘new/‘ to ‘cur/‘ when a user tries to select that folder. Thus the files that cannot be moved, i.e. files belong to other users, will not be picked up by Courier IMAP. That is the reason you cannot see other users’ newly delivered emails, even though these files do exist in the shared folder.
The quick ‘n’ dirty solution would be turning off the sticky bit. But we also want to restrict the access to our user group only. So..
# chgrp -R users /var/spool/Maildir/System/.Spam # chmod 1770 /var/spool/Maildir/System/.Spam/[cnt]??
-
Finally, you want to link the shared folder to your own maildir. Run this as a regular user.
$ maildirmake --add System=/var/spool/Maildir/System $HOME/Maildir
You might need to run the above command for every user which needs to access the sharable maildir. Alternatively, you can set up a file called “/etc/maildirshared” (check the maildirmake man page for the exact location) to have the following configuration:
System /var/spool/Maildir/System
Note that it is a <tab> character between “System” and the directory.
-
Now you should be able to subscribe to the shared IMAP folder through your favourite mail user agent (Mozilla Mail in my case)! You should also be able to see all the new emails delivered to this folder, even if they are addressed to another user.
Now I also use the same shared folder to feed the Bayesian spam classifier, in case any spam email slipped through SpamAssassin’s heavy guard. All I need to do is to drag that uncaught spam from my INBOX and drop it into the “shared.System.Spam” folder, and Bayesian learner will step in once a day to analyse the spams.
Links to This Article
Comments
Satpat,
I am not that familiar with IMAP to tell you how it can be implemented. However, with Courier IMAP each user has his/her list of subscribed folders listed under a plain text file “Maildir/courierimapsubscribed”. Maybe you can have a script that manipulate that file?
Maybe there is a better way to do things…
Hello,
i think you are explaining just the same Problem that i have:
I set up a shared folder which should be filled with mail by postfix. When i send a mail to the email adress which is associated with the shared folder, the mail still remains in the new-Folder, although i did the changes you mentioned.
The mails are owned by the user, i set up for the shared folder (and who is in the same group as i). But the mails are saved with the following rights: rw–, so i cannot access them. How can i make it, that Postfix stores mails with the accessrights for the whole user group?!?
Thanks, Hans.
Hi,
i cant use procmail, because i use virtual Mailusers in postfix (which are stored in a LDAP Directory). What else can i do to change the rights of the files?
I am using Postfix+Amavis+Spamassassin+Courier Imap. I would like to have a Spam folder for each user, not a public or shared one, is it possible ?
I solved the problem using Maildrop with Mysql, very easy to install, configure and use. I have to say that I had to install an rpm because the debian package does not support mysql.
i have suse 9.1 running with cyrus and postfix. I can see the mails in my mail directory non the server. But when i use pop3 or IMAP, i cannot see any mails…please advice on the configuration…
thanks for your useful info.
Another problem I found is that I want to have most users accessing the shard folder in read-only basis, leaving one admin user having read-write access.
The problem is: unless the admin user reads the incoming mails of the shared folder (means moving from the ‘new’ folder to ‘cur’ folder), other users can’t see the mail incoming.
anyways to force courier to put the mail to ‘cur’, even before any user reads it?
Very interesting, as i am looking into shared folders as a replacement for mailling lists. Thanks for the tips.
Thanks for this, just the right inspiration I needed.
For maildrop users. To solve the problem where by maildrop delivers mail to shared folders, setting the permissions to 600 and ownership to the “–user ” maildrop is called to deliver for. To get all users to have read and write permission, allowing the move from ./tmp to ./cur to happen…
chmod 2770 .maildir/ .maildir/.[cnt]*
In /etc/maildroprc or ~/.mailfilter add a UMASK= before and after the section that delivers shared mailbox mail.
EG:
UMASK=007
if ( /^.*To: shared/ )
{
to $SHARED/.global
}
UMASK=077
Asides changing the perms on existing mail in ./cur ./new ./tmp there shouldn’t be a problem anymore.
Paul
Add a comment
Gravatar is used. Email address is required but will not be displayed. Please keep your comment on topic. No spamming and/or bad language. First time poster will be moderated. Scott reserves the right to delete/edit your comments.
Playground is the personal weblog of Scott Yang, a Chinese-Australian Christian who works as a software developer in Sydney Australia.
Hello,
thank you for the excellent publication online. Though it has helped me alot, I still have some loose ends to tie with my configuration of LDAP+MailDrop+Postfix+Squirrelmail and I was hoping if you would be kind enough to give some insights into it. This is a project I am doing as my final year project and am a few days from my deadline. I’d really appreciate your help. I want to auto-subscribe newly created “spam” folder without user interaction, currently user has to subscribe from squirrelmail which i want to do once for all virtual users, can you suggest a way or script through which i can achieve this.
thank you very much.
Satpal