Page 2 of 2

Re: Share Entire Mailbox

Posted: Tue Apr 30, 2019 12:58 am
by PaperAdvocate
I was trying to do exactly what GetMeOutOfExchange was doing and followed his guide then tested things out. I found I could re-share the folder that I was granted access to then delete its contents from another account. The attribute "a" allows this so remove it if you want to be sure someone doesn't work around your restrictions. Secondly users would be irritated when they wanted to move stuff out of Inbox into filed folders so I opted to create an "Inbox Archive" and setup a filter so all incoming E-Mail would land here as well, then restrict it to read-only for shares.

GetMeOutOfExchange got me started so I wanted to contribute by adding my notes here as well. Below are my notes after setting things up and testing. This is mainly to create shared mailboxes which will be mounted in the web UI of Zimbra that can be used by multiple people that will also prevent any received or sent messages from being deleted.

Note: you'll still have to select the correct "From" account when sending. I messed with Persona's but using a Persona would cause the sent copy to go to the wrong sent folder...

Note: the shared mailboxes will show up in Outlook if it's configured via activesync and zpush (it also shows up on my Blackberry... a real Blackberry, not the android stuff...).

* Create your accounts that are to be shared
* Create an "Inbox Archive" folder to store an additional copy of all inbound E-mail

Code: Select all

zmmailbox -z -m cf -V message "/Inbox Archive"

* Create a rule to make a copy of any inbound E-Mail to both the "Inbox" and "Inbox Archive", this rule will apply to anything sent after Dec 31st 1940...

Code: Select all

zmmailbox -z -m afrl -f "Inbox Archive: create 2nd copy of inbound E-mail with limited permissions for shared users" active any date after 19401231 fileinto "/Inbox" fileinto "/Inbox Archive" stop

====Add Shared Mailbox to Sharee's Mailbox====

Here the account represents the sharer and represents the sharee.

* Give full permissions (except creating shares) at root of mailbox.

Code: Select all

zmmailbox -z -m mfg / account rwixd

* Give read only permissions for the "Inbox Archive" folder

Code: Select all

zmmailbox -z -m mfg "Inbox Archive" account r

* Give all permissions except delete or share on "Sent" folder

Code: Select all

zmmailbox -z -m mfg /Sent account rwix

* Mount the shared mailbox in the sharee's mailbox under the name of the shared account primary E-Mail address

Code: Select all

zmmailbox -z -m createMountpoint / /

* Grant the sharee Send As permissions to send as the shared mailbox

Code: Select all

zmprov grr account usr sendAs

====Remove Access====

* Remove sendAs permission, this will cause the option to disappear from the "from" account list

Code: Select all

zmprov rvr account usr sendAs

* Remove mailbox permissions by setting permissions to none

Code: Select all

zmmailbox -z -m mfg / account none

* Remove other added permissions. This is still necessary even if root permissions are set to none since you added explicit permissions to other folders.

Code: Select all

zmmailbox -z -m mfg "Inbox Archive" account none
zmmailbox -z -m mfg /Sent account none

* Remove mount in sharee's mailbox

Code: Select all

zmmailbox -z -m deleteFolder /

====Check Permissions====

* First list all folders of the mailbox that might have shares

Code: Select all

zmmailbox -z -m gaf

* Then check specific folders...

Code: Select all

zmmailbox -z -m gfg "/"
zmmailbox -z -m gfg "/Inbox Archive"
zmmailbox -z -m gfg "/Sent"
zmmailbox -z -m gfg "/Inbox"

* Finally check sendAs permissions

Code: Select all

zmprov ckr account sendAs