[asterisk-users] 1.4.0, IMAP and Dovecot

Thu Dec 28 12:57:53 MST 2006

Tzafrir wrote:
> On Thu, Dec 28, 2006 at 12:35:57PM +1300, Ray Jackson wrote:
>>  Dan,
>>  
>> I have IMAP support working now with Courier IMAP.  Since Courier
(and 
>> probably Dovecot) do not support a single authuser connection that
may 
>> access any mailbox, you have to omit the 'authuser' and
'authpassword' 
>> settings in voicemail.conf and then add the username/password login
per 
>> extension... e.g.

> Are you sure that this is an explicit support in the mail server?

> Here's what Mark Crispin (the author of both UW-imapd and c-client)
> wrote recently:

>| > Does UW-IMAP have an admin user?  If so, where is it configured?
>| 
>| It's hidden in the release notes file.
>| 
>| Any user who is in a UNIX group called "mailadm" has administrator
>| rights in UW imapd and ipop3d.  "Administrator rights" are the right
to 
>| log in as any other user.
>| 
>| For c-client based client programs (mailutil, Pine, Alpine, etc.),
the 
>| /authuser flag is used by the mail administrator.  For example the 
>| mailbox name specifier:
>| 
>|  	{imap.example.com/authuser=fred/user=joe}INBOX
>| 
>| will open a connection to imap.example.com and log in as user
>| joe using user fred's password, and then open joe's INBOX.  This
assumes
>| that user fred is in group mailadm on the imap.example.com.
Fedora does not have a mailadm group, or at least did not when I
installed
this system, but this was yet another good clue.

> So can you do this trick manually? authenticate as one user and read
> another user's mailbox?

> Here's an example with root and pre-authentication. I figure that some
> tricks with pam and such will get you further:

> root at server# MAIL=maildir:/home/tzafrir/Maildir /usr/lib/dovecot/imap
> * PREAUTH [CAPABILITY IMAP4rev1 SORT THREAD=REFERENCES MULTIAPPEND
> * UNSELECT LITERAL+ IDLE CHILDREN LISTEXT LIST-SUBSCRIBED NAMESPACE]
> * Logged in as root
> 1 list "" "*"
> * LIST (\HasNoChildren) "." INBOX
> 1 OK List completed.
> 2 select INBOX
> * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
> * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)]
> * Flags permitted.
> * 0 EXISTS
> * 0 RECENT
> * OK [UIDVALIDITY 1161851409] UIDs valid
> * OK [UIDNEXT 1] Predicted next UID
> 2 OK [READ-WRITE] Select completed.
> * logout
> * BYE Logging out
> * OK Logout completed.

I played around with mtest in the c-client package somemore and found
that Dovecot does not permit root logons period.  So I added a basic
Unprivilaged account and set the authuser/authpassword in voicemail.conf
to use that account.  Now it works, except maybe the expunge bit, which
is likely a config issue.

> This is dovecot 0.99.14 on Debian Sarge. Note that I actually don't
use
> that imap mailbox normally.

Thanks to everyone for the help.  I'm looking forward to some of the
IMAP
enhancements listed in the bugtracker.  My mother-in-law has an
extension
on my system, but no mailbox, so I would love to have her extension use
legacy VM and my wife and I get the new IMAP storage.

Dan