That would be a dangerous change. Users with shell access could symlink (or hardlink) other peoples' inboxes to their own folders and read them.
> Francois Gouget <fgou...@free.fr> kirjoitti 13.5.2016 kello 13.49: > > Package: dovecot-core > Version: 1:2.2.23-1 > Severity: normal > > On Debian the mail inboxes belong to the mail group as per the > SystemGroups policy: > https://wiki.debian.org/SystemGroups > > | * mail: Mailboxes in /var/mail are owned by group mail, as explained > | in policy. The user and group are used for other purposes by > | various MTA's as well. > > Furthermore their permissions are 0660 which is the only value that > makes sense. So with the default configuration dovecot cannot access > the inboxes and fails with the following error: > > May 13 20:23:00 amboise dovecot: imap(fgouget): Error: > fchown(/home/fgouget/mail/.imap/INBOX, group=8(mail)) failed: Operation not > permitted (egid=1000(fgouget), group based on /var/mail/fgouget - see > http://wiki2.dovecot.org/Errors/ChgrpNoPerm) > > > The fix is to set 'mail_access_groups = mail' in > /etc/dovecot/conf.d/10-mail.conf, which should be the default for the > Debian package. > > > -- Package-specific info: > > dovecot configuration > --------------------- > # 2.2.23 (806d709): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.13 (7b14904) > # OS: Linux 4.5.0-1-amd64 x86_64 Debian stretch/sid > mail_access_groups = mail > mail_location = mbox:~/mail:INBOX=/var/mail/%u > namespace inbox { > inbox = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = > } > passdb { > driver = pam > } > protocols = " imap" > ssl = required > ssl_cert = </etc/dovecot/dovecot.pem > ssl_key = </etc/dovecot/private/dovecot.key > userdb { > driver = passwd > } > > -- System Information: > Debian Release: stretch/sid > APT prefers testing > APT policy: (990, 'testing'), (500, 'stable') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.5.0-1-amd64 (SMP w/8 CPU cores) > Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages dovecot-core depends on: > ii adduser 3.114 > ii init-system-helpers 1.31 > ii libbz2-1.0 1.0.6-8 > ii libc6 2.22-7 > ii libexttextcat-2.0-0 3.4.4-1 > ii liblz4-1 0.0~r131-2 > ii liblzma5 5.1.1alpha+20120614-2.1 > ii libpam-runtime 1.1.8-3.2 > ii libpam0g 1.1.8-3.2 > ii libssl1.0.2 1.0.2h-1 > ii libstemmer0d 0+svn585-1 > ii libwrap0 7.6.q-25 > ii openssl 1.0.2h-1 > ii ucf 3.0036 > ii zlib1g 1:1.2.8.dfsg-2+b1 > > dovecot-core recommends no packages. > > Versions of packages dovecot-core suggests: > pn dovecot-gssapi <none> > ii dovecot-imapd 1:2.2.23-1 > pn dovecot-ldap <none> > pn dovecot-lmtpd <none> > pn dovecot-lucene <none> > pn dovecot-managesieved <none> > pn dovecot-mysql <none> > pn dovecot-pgsql <none> > pn dovecot-pop3d <none> > pn dovecot-sieve <none> > pn dovecot-solr <none> > pn dovecot-sqlite <none> > ii ntp 1:4.2.8p7+dfsg-3 > > Versions of packages dovecot-core is related to: > ii dovecot-core [dovecot-common] 1:2.2.23-1 > pn dovecot-dbg <none> > pn dovecot-dev <none> > pn dovecot-gssapi <none> > ii dovecot-imapd 1:2.2.23-1 > pn dovecot-ldap <none> > pn dovecot-lmtpd <none> > pn dovecot-managesieved <none> > pn dovecot-mysql <none> > pn dovecot-pgsql <none> > pn dovecot-pop3d <none> > pn dovecot-sieve <none> > pn dovecot-sqlite <none> > > -- no debconf information
