Pine+IMAP+Dovecot on Debian/Ubuntu

I administrate a system that uses Dovecot for IMAP/POP3. One of the nice features of Dovecot is that MBOX mailboxes are indexed, which speeds things up considerably on large mailboxes. Some of our users use Pine, which by default accesses mailboxes directly. Any direct changes to a mailbox invalidates the index, which is obviously bad.

Our solution is to have Pine access mailboxes via Dovecot's IMAP server. To avoid network overhead, we hijack Pine's rsh mechanism to call the IMAP server directly. We also use an SGID mail wrapper to allow the IMAP server to create dotfiles in /var/mail, which is not writeable by normal users. We are trusting Dovecot's IMAP server to prevent clients from messing with mailboxes that don't belong to them. (On our system mail_full_filesystem_access is off in dovecot.conf.)

Add the following to /etc/pine.conf:

# access mailboxes via rimap
folder-collections={localhost}[]
inbox-path={localhost}INBOX
rsh-command="%s %s %s %s"
rsh-path=/usr/uofr/sbin/pine-rsh

/usr/uofr/sbin/pine-rsh is compiled from this source:

#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
#include <pwd.h>

#define PATH "/usr/local/bin:/usr/bin:/bin"

void setup_env() {
        char *term;
        struct passwd *user;
        term = getenv("TERM");
        user = getpwuid(getuid());
        clearenv();
        setenv("TERM", term, 1);
        setenv("HOME", user->pw_dir, 1);
        setenv("SHELL", user->pw_shell, 1);
        setenv("USER", user->pw_name, 1);
        setenv("LOGNAME", user->pw_name, 1);
        setenv("PATH", PATH, 1);
}

int main(int argc, char **argv) {
        setup_env();
        execv(REAL_PATH, argv);
        perror(REAL_PATH);
        exit(1);
}

And built/installed with:

gcc simple-wrapper.c -DREAL_PATH=\"/usr/uofr/sbin/pine-rsh.real\" -o pine-rsh
install -o root -g mail -m 2755 pine-rsh /usr/uofr/sbin/

/usr/uofr/sbin/pine-rsh.real contains:

#!/bin/sh
exec /usr/sbin/dovecot --exec-mail "$3"

That should do it. You can verify that Pine is using IMAP by running it under strace and grepping for mailbox names. If everything's working right, you'll see mailbox names in IMAP "SELECT" strings but not in filesystem access calls.