IMAP Administration at CAL

Occasionally, you'll need to do something to a large number of user's imap accounts (such as the mass-subscription to the spam subfolders prompted by #361).

If you have an administrative krb5 principal loaded, you can do that with simple shell scripting:

[0 xx@bar ~]$ cat ./subscribing
A001 SUBSCRIBE "INBOX.missed-spam"
A002 SUBSCRIBE "INBOX.not-spam"
A003 SUBSCRIBE "INBOX.spam"
A004 LOGOUT
[0 xx@bar ~]$ for foo in $(ldapsearch -LLL -ZZ -x '(objectClass=posixAccount)' uid | grep '^uid: ' | sed 's/uid: //'); do
  echo "   $foo:"
  imtest -u "$foo" -a xx/admin -t '' -f ./subscribing mail | grep '^A00[1-4]'
done | less
[0 xx@bar ~]$ 

A few things to note about this construct:

• the looping construct walks through a list of all current posixAccounts, as specified in LDAP:

  ldapsearch -LLL -ZZ -x '(objectClass=posixAccount)' uid | grep '^uid: ' | sed 's/uid: //'
  

• imtest is used to authenticate (-a) as one user (the admin principal), while connecting as (-u) another one (the looped instance).
• imtest uses TLS authentication (-t '')
• imtest runs the commands listed in the subscribing file after connection and authentication.
• i'm filtering the output of the imtest run here to only show the commands themselves and their responses, so that it makes for an easier scan/review to tell whether anything went wrong.