Feature request: Actually remove mailbox data when deleting mailbox.
d19dotca last edited by girish
I noticed that when removing a mailbox, it only sets up the mail server to bounce emails to it, but doesn't delete any mail data itself. I'd love to see an option where there's a checkbox on that dialogue pop-up where data can be deleted too. It seems weird to me that no data would be deleted, when generally that's what users I would think want done when they remove a mailbox.
I see the following benefits from implementing this feature:
- Improved efficiency in the workflow for deleting accounts when the admin intends for all the data to be removed too. Saves time.
- Prevents accidental missteps in the CLI by removing the need to SSH to the box in the first place.
Personally I believe that (almost) anytime a user needs to SSH to the server to achieve something on a Cloudron box, this is an opportunity for Cloudron to improve and "sell" a new feature to attract users who aren't interested in doing the system administration. As we've seen from recent posts, Cloudron seems to be attracting a lot of "newbie" sysadmins (which I think is great, that shows how user friendly Cloudron is!), and they may not be as willing to dwelve into the command line to remove data that we'd expect Cloudron to do for us when trashing a mailbox, for example. And heck, even the seasoned sysadmin can easily make mistakes and delete more than they intended (the rm -rf is a powerful command, lol) - we're all human. I think every time a user can achieve something from Cloudron instead of via command line makes it so much safer for the masses of Cloudron users.
@d19dotca Do you think we can make this the default behavior?
marcusquinn last edited by
@girish Maybe optional - accidents do happen!
I made an issue for this now - https://git.cloudron.io/cloudron/box/-/issues/720
d19dotca last edited by
@girish I'd say most use-cases will intend for the data to be deleted so it could definitely be the default, but maybe there should be a different button for simply "disabling" it which is basically what the trash icon does now?
marcusquinn last edited by
@d19dotca One button for
Archiveand another for
Archiving is useful for former users where we need the records in case compliance or investigation issues happen but we no longer want the address(es) accepting new emails.
d19dotca last edited by d19dotca
@marcusquinn Yes, that's pretty much what I think I said (or at least meant to say) haha. I just chose the word "disable" instead of "archive", but it's all the same thing in the end (mailbox will no longer accept mail and is not removed).
If this is disabled or archived, this also means that it is still "known" to the system, currently the data simply is not removed from the disk, but other relevant information is purged from the database.
So I agree, that deleting an account should also delete the mailbox data, if there is no proper way to restore that (currently you have to create a new mailbox record with the same mailbox handle and magically the data comes back). For that some archived state could be the solution to have a structured way to restore.