Bug: Shared Mailbox - Case Sensitivity

Leander Schäfer info at netocean.de
Fri Sep 16 09:54:14 UTC 2016


unfortunately I found a bug in Dovecot's ACL handling for shared 
mailboxes. It turns out Dovecot doesn't enforce lower casing the 
privileged username to whom the mailbox should be shared to. This 
results in a invalid configuration. Users get confused, since they 
passed on a valid email address in their ACL setup.

/usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Spam/dovecot-acl
user=leander at mydomain.localdomain eilrwts
^^ works

/usr/local/www/default/mail/leander at mydomain.localdomain/maildir/dovecot-acl
user=test at mydomain.localdomain eilrwts
^^ works

/usr/local/www/default/mail/test at mydomain.localdomain/maildir/.Drafts/dovecot-acl
user=Leander at MyDomain.LocalDomain eilrwts
^^ Doesn't work

Best regards
Leander Schäfer

More information about the dovecot mailing list