Shared folders

former03 | Baltasar Cevc baltasar.cevc at
Tue Aug 15 06:04:27 EDT 2006

Hi Rudy, hi list,

On 14.08.2006, at 23:18, Rudy Gevaert wrote:
> former03 | Baltasar Cevc wrote:
> I don't fully understand the above.
> Say I want the following shared folders: support at, 
> admins at
Just to make that clear to everyone because it is not very obvious 
using virtual domain support.
In case you use the normal namespace (in contract to altnamespace, see for details): the 
email address support at corresponds to the folder 
user/support at if you use unixhierarchysep, to at otherwise. The folder namespaces for different 
domains are completely separated, and the "" in cyradm's 
output denotes which domain they belong to. However, the domain _is 
not_ part of the folder name (as you can see from the logfiles, cyrus 
uses a different notation internally (which is more like!folder).

> I would create those mailboxes with cyradm:
> cm "support at"
> cm "admins at"
> sam "support at" ?? p
> sam "admins at ?? p
> I've tried user cyrus but that doesn't work.  Lmtp says:
> Aug 14 23:09:26 oeral mail2/lmtp[10712]: 
> verify_user(!support) failed: Mailbox does not exist
> Setting 'p' for 'anyone', works.  But I wonder if that is safe enough?
That sounds like a typical permission problem (granted, the message 
given does not tell it - somewhere I've seen a message 'mailbox does 
not exist or you don't have permission to see it' which would be more 

The user depends on your setup - I think it's postman or something 
similar if you use preauthed LMTP, however, I have the impression that 
preauthed LMTP won't require any special permissions to post to any 
folder. If you have your MTA authenticate you may specify any user (I 
did that on some system and it worked fine using Postfix), but as far 
as I remember I had to fiddle around for some time to get it working.

The 'p' for 'anyone' depends on your environment, I'd say. We've 
granted quite a lot of rights to anyone as all of the persons that have 
an email account in our domain should have access, however in bigger 
environments that's probably not what you want.

> In your case you would make a mailbox 'shared at', right?  
> At let the users mail to 'shared+subfolder at".  Correct?
If you use this address, it won't be a real shared folder but a shared 
personal folder (you would grant your folks the permission to access 
the mailbox of the user 'shared'). Which is perfectly legitimate - e.g. 
you could use sieve scripts here which is something you can't directly 
do for a real shared folder.
A real shared folder would look like "+shared/subfolder at" 
respectively "+shared.subfolder at" depending on thich 
hierarchy separator you use.
The difference in the folder hierarchy looks like that

Domain 1 (that's the top level of the email acount) => real shared 
    + my personal subfolder
  + Hosting (shared folder) - access using +Hosting at
    + SubFolter -  using +Hosting at
  + Spam (shared folder)
  + Some other shared folder
    + with another subfolder

Domain 2 (top level of the account) => shared user folders
    + Virus
    + Spam
  + user
    + administratoren (the shared postbox) (deliver as 
administratoren at
    + buero (dito, deliver as buero at

You can combine both variants as you like. For example I have a user 
"hosting at" with a sieve script that delivers spam into the 
shared mailbox spam and everything else to hosting, while some systems 
directly send mail to "+Hosting/Subfolder at".

Don't confuse this with altnamespace 
(, which is user 
specific), the things I described here look like this for any user on 
the domain, while in altnamespace the folders on that level would be 
strictly personal:
  + my other personal folder
  + Shared Folders
    + Shared folder 1
(I never tried this, probably delivery is somewhat different here, too).


Baltasar Cevc

_____ former 03 gmbh
_____ infanteriestraße 19 haus 6 eg
_____ D-80797 muenchen


More information about the Info-cyrus mailing list