Search K
Appearance
Vault (vault) Plugin
Note
The vault plugin is not distributed as part of the base Dovecot Pro package. This plugin requires separate licensing to use. Contact Open-Xchange Support for further information.
The vault plugin performs the job of storing the incoming mail first to a configurable, read-only mailbox location (e.g., ARCHIVE) and, if that succeeds, then to user’s INBOX. It also adds the \Seen flag to the message.
Settings
vault_mailbox
| Default | [None] |
|---|---|
| Value | string |
This setting enables the vault plugin and identifies where to store a copy of the message.
Configuration
The vault plugin should be configured to store messages in a read-only namespace.
This section describes how this can be done via Dovecot configuration.
ARCHIVE Namespace
Store the archived emails in the ARCHIVE namespace to a slightly different location:
namespace {
prefix = ARCHIVE/
separator = /
hidden = yes
# Note that other settings aren’t currently possible to set inside
# namespace, so, for example, 'obox_fs' can’t be changed.
location = obox:%2Mu/%2.3Mu/ARCHIVE/%u:INDEX=~/archive:CONTROL=~/archive
mailbox "" {
auto = create
}
}Read-only Archive
Enable the ACL plugin to set mailbox read-only when accessed with IMAP protocol:
protocol imap {
mail_plugins = $mail_plugins acl
plugin {
acl = vfile:/etc/dovecot/dovecot-acls
}
}ARCHIVE owner lrIncoming Emails
The incoming mails are sent to Dovecot using LMTP protocol. The vault plugin performs the job of storing the incoming mail first to ARCHIVE and, if that succeeded, then to user’s INBOX. It also adds the \Seen flag to the message.
protocol lmtp {
mail_plugins = $mail_plugins vault
plugin {
vault_mailbox = ARCHIVE
}
}Outgoing Emails
Dovecot Submission Server
⚠️ TODO
Provide example configuration
External SMTP Server
Configure that outgoing mails first go to an external SMTP server. This server (e.g., Postfix) is configured to BCC the messages to Dovecot LMTP via another port, which stores the mails to ARCHIVE.
service lmtp {
inet_listener {
port = 2400
}
}service lmtp-out {
client_limit = 1
# run only the global sieve, no user sieve
executable = lmtp -o plugin/vault_mailbox= \
-o plugin/sieve=/etc/dovecot/global-outgoing.sieve
inet_listener {
port = 2400
}
}
protocol lmtp {
mail_plugins = $mail_plugins sieve
}require ["imap4flags", "fileinto"];
addflag "\\Seen";
fileinto "ARCHIVE";The Sieve script needs to be manually compiled:
console
sievec /etc/dovecot/global-outgoing.sieveEncryption
Enable mail-crypt plugin:
mail_plugins = $mail_plugins mail_crypt
plugin {
mail_crypt_curve = secp521r1
mail_crypt_global_public_key = </etc/dovecot/mail-crypt-pub.pem
mail_crypt_global_private_key = </etc/dovecot/mail-crypt-priv.pem
}Quotas
Make sure quotas aren’t enabled for the ARCHIVE namespace.
Deleting Old Mails
Run a nightly cronjob that deletes all old emails:
console
doveadm expunge -A mailbox ARCHIVE savedbefore 90d