6.0.0-git
2018-12-17
Last Modified 2007-07-23 by Michael Slusarz

IMP (4.1+) UW-IMAP/Namespace Configuration Tips

Unlike previous versions of IMP, 4.1+ no longer contains the 'namespace', 'hierarchies', or 'folders' parameters in servers.php. Instead, namespace configuration is automatically detected from the remote server.

Unlike before where you had to manually identify the namespaces you wanted to view (via the 'hierarchies' parameter), now by default ALL namespaces visibile on the remote server will be displayed.

This may startle users of UW-IMAP when they discover that both 1) all files in the home directory may now show up in the folders list and 2) all sorts of namespaces appear (i.e. '#ftp/', '#shared/') that didn't appear before.

Additionally, this change may result in drastically increased login times to IMP. For details on why this is happening, see below (quick answer: most likely, UW-IMAP is attempting to build the entire tree structure of a user's home directory by default).

Why did you change this? (a/k/a This is the way UW-IMAP has always worked, and e-mail client X lets us work around this, so why did you break this?)

First off, we haven't broken anything with this change; in fact, we have fixed the behavior. People using UW-IMAP need to understand they need to correctly configure their IMAP server software rather than continue to rely on their mail reading software to work around their lack of proper server configuration. Quite honestly, if you have installed UW-IMAP without understanding the myriad of namespaces you are broadcasting, or the fact that the default namespace will typically allow a user to display all files in a user's home directory, the perfomance issues and gaping security holes you have opened are all your fault.

As a project we are not going to continue to do a completely hackish job of trying to support a single, specific IMAP server (UW-IMAP) simply because "this is the way it has been in the past", even though other e-mail clients may still allow you to do this. If these e-mail clients want to support non-RFC compliant ways of configuring a specific IMAP server, well, good for them. We just have other more important things to be working on instead.

Preferred Method

To disable these extra namespaces and/or restrict UW-IMAP to your mail directories only (rather than your entire home directory), you will need to reconfigure (and then recompile) your imapd daemon. This is precisely what most (if not all) other IMAP servers allow you to configure via a run-time configuration file - unfortunately UW-IMAP does not document this configuration very well, it can only be configured at compile-time, and you need C knowledge to be able to find, and then change, the relevant code. For detailed instructions on how you can change this parameters, please refer to docs/CONFIG1 in the c-client/imapd distribution.

To restrict UW-IMAP to the mail/ directory, while still keeping mbox in ~/, apply the following patch. The patch also removes the mh-related and #public namespaces, and strips off the leading mail/ if some mail clients still have an IMAP server directory set (they shouldn't need it anymore). This patch is to an older version of the imap software - most likely, it will not directly apply to newer versions of the UW-IMAP source code. Instead, you will have to manually scan the source code to make the changes.

--- src/osdep/unix/env_unix.c   2004/08/25 06:11:42

+++  src/osdep/unix/env_unix.c   2004/08/25 06:23:00

@@ -29,7 +29,7 @@
 static char *myMailboxDir = NIL;/* mailbox directory name */
 static char *myLocalHost = NIL;        /* local host name */
 static char *myNewsrc = NIL;   /* newsrc file name */
-static char *mailsubdir = NIL; /* mail subdirectory name */

+ static char *mailsubdir = "mail";      /* mail subdirectory name */

 static char *sysInbox = NIL;   /* system inbox name */
 static char *newsActive = NIL; /* news active file */
 static char *newsSpool = NIL;  /* news spool */
@@ -52,7 +52,7 @@
                                /* advertise filesystem root */
 static short advertisetheworld = NIL;
                                /* only advertise own mailboxes and #shared */
-static short limitedadvertise = NIL;

+ static short limitedadvertise = T;

                                /* disable automatic shared namespaces */
 static short noautomaticsharedns = NIL;
 static short no822tztext = NIL;        /* disable RFC [2]822 timezone text */
@@ -114,7 +114,7 @@
 static NAMESPACE nsmhf = {"#mh/",'/',NIL,NIL};
 static NAMESPACE nsmh = {"#mhinbox",NIL,NIL,&nsmhf};
                                /* home namespace */
-static NAMESPACE nshome = {"",'/',NIL,&nsmh};

+ static NAMESPACE nshome = {"",'/',NIL,NIL};

                                /* UNIX other user namespace */
 static NAMESPACE nsunixother = {"~",'/',NIL,NIL};
                                /* black box other user namespace */
@@ -130,7 +130,7 @@
                                /* world namespace */
 static NAMESPACE nsworld = {"/",'/',NIL,&nsshared};
                                /* only shared and public namespaces */
-static NAMESPACE nslimited = {"#shared/",'/',NIL,&nspublic};

+ static NAMESPACE nslimited = {"#shared/",'/',NIL,NIL};

 
 #include "write.c"             /* include safe writing routines */
 #include "crexcl.c"            /* include exclusive create */
@@ -924,6 +924,9 @@
   case '~':                    /* other user access */
                                /* bad syntax or anonymous can't win */
     if (!*++name || anonymous) dst = NIL;

+                                /* Translate ~/mail/foo to foo */

+    else if (*name == '/' && !strncmp (name+1,"mail/",5))

+       sprintf (dst,"%s/%s",mymailboxdir (),name+6);

                                /* ~/ equivalent to ordinary name */
     else if (*name == '/') sprintf (dst,"%s/%s",mymailboxdir (),name+1);
                                /* other user forbidden if closed/restricted */
@@ -950,7 +953,11 @@
                                /* don't allow ~root/ if restricted root */
        if ((restrictBox & RESTRICTROOT) && !*pw->pw_dir) dst = NIL;
                                /* build final name w/ subdir if needed */
-       else if (mailsubdir) sprintf (dst,"%s/%s/%s",pw->pw_dir,mailsubdir,name);

+        else if (mailsubdir) {

+         /* Make sure mailsubdir is not included twice */

+          if (!strncmp(name,"mail/",5)) name+=5;

+         sprintf (dst,"%s/%s/%s",pw->pw_dir,mailsubdir,name);

+        }

        else sprintf (dst,"%s/%s",pw->pw_dir,name);
       }
       else dst = NIL;          /* no such user */
@@ -965,6 +972,16 @@
       else *dst = '\0';                /* otherwise driver selects the name */
       break;
     }

+   case 'm':                    /* make sure "mbox" is found in ~/, not mailsubdir */

+    if (!strcmp (name+1,"box")) {

+       sprintf (dst,"%s",name);

+      break;

+     }

+    /* mail/foo -> foo */

+     else if (!strncmp (name+1,"ail/",4)) {

+      sprintf (dst,"%s/%s",mymailboxdir (),name+5);

+       break;

+    }
                                /* drop into to ordinary name case */
   default:                     /* ordinary name is easy */
     sprintf (dst,"%s/%s",mymailboxdir (),name);

Terrill Yuhas of the University of Arizona has provided a source RPM of the uw-imap 2004g distribution with this change compiled into the server. This RPM can be downloaded from ftp://ftp.horde.org/pub/imp/contrib/uw-imap-2004g-ARL.2.src.rpm. Please note that neither Terrill Yuhas nor The Horde Project provide support for this RPM or guarantee its operation on your server.

Alternative Method 1 (Unsupported)

If you can not, or do not want to, recompile your UW-IMAP server you can try using this unsupported method of setting the mail subdirectory (folder) location. Here, unsupported means primarily that the UW-IMAP authors do not support this setup - therefore Horde does not fully support this method either. However, many have reported good success with this setup. For more information on this method, refer to docs/imaprc.txt2 in the c-client/imapd distribution.

Create a file called /etc/c-client.cf and insert the following two lines. The last part of the second line is the subdirectory that you want the c-client to use for accessing folders (which is 'mail/' in the following example).

I accept the risk
set mail-subdirectory mail

The first line is required to state that you are accepting the risk of using an unsupported configuration file. The second line sets the mail subdirectory that the c-client routines will use (in the above example, it is set to 'mail/').

Note: If you have any other mail clients configured to use a folder prefix (e.g. 'mail/' or similar) they will now need to be reconfigured to remove this setting.

You may also be able able to use this same file to remove unwanted namespace entries. Again, this is totally unsupported. If you want to try this unsupported method of removing shared namespaces (such as #news for example), try adding the following lines to your /etc/c-client.cf file:

set news-state-file /etc/news
set restrict-mailbox-access all

Note the above would be in addition to any previously mentioned lines; in particular you always need the "I accept the risk" line in order to your the c-client.cf file.

Alternative Method 2 (Unsupported)

You can also manually set the namespace parameters in your IMP configuration to work around this issue. Note that this method is unsupported by the Horde Project.

Alternative Method 3 (Unsupported)

If you just installed your ftp daemon in order to make Ingo (Vacation, Forwards) running and suddenly you see #ftp namespace, try chmod'ing the FTP's directory. For example:

chmod 700 /home/ftp

PS: forget about

set disable-automatic-shared-namespaces

to /etc/c-client.cf.