[Dovecot] master user and ACL's

9 Feb 2014


      Hi,
Quick question...I read in the docs that:
"Master user is still subject to ACLs just like any other user, which
means that by default the master user has no access to any mailboxes of
the user."
... and that the standard workaround is to return master_user=%u from
the userdb.
But why is the master_user authn-id used in the ACLs and not the
authz-id (requested-login-user) ?
Isn't the whole point of SASL authz-id semantics to have authorization
resolved based on the authz-id?
/Peter

[Dovecot] master user and ACL's

Peter Mogensen