Non-Admin Roles can't edit Mail Filter objects

[Robbus]

Help Desk Role - Can access mail filter objects, if attempting to add an entry, they get an error pop-up: Permission check failed (403)
Auditor - Same as Help Desk Role, which makes sense in this context
Quarantine Manager - if they even click on anything within Mail Filter, it says "Forbidden - 403"
Only "Administrator" and "root" can successfully edit mail filter objects

----

In the ProxMox Mail Gateway documentation (https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#_user_management):

Administrator
Is allowed to manage settings of Proxmox Mail Gateway, excluding some tasks like network configuration and upgrading.

Quarantine manager
Is allowed to manage quarantines, blacklists and whitelists, but not other settings. Has no right to view any other data.

Auditor
With this role, the user is only allowed to view data and configuration, but not to edit it.

Helpdesk
Combines permissions of the Auditor and the Quarantine Manager role.

----

According to this, Quarantine Manager and Help Desk should be able to audit the blacklist and whitelist.

No modifications have been made to our PMMG instance, other than logo PNGs, and we have a subscription.

 

[Robbus]

Just to clarify, this is not multi-tenancy, as I saw in another thread, when I searched for this issue.

This is one org, one set of IT techs.

 

[Stoiko Ivanov]

Quarantine manager
Is allowed to manage quarantines, blacklists and whitelists, but not other settings. Has no right to view any other data.

That's referring to the user black/whitelists:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_whitelist_overview

so the docs might need a better phrasing.

 

[Robbus]

Is there something I can edit on the server, whether it's a config file, or a script, that allows a non-full-admin role to edit the global mail filters? Is it as simple as a file permission, ala chmod?