Hi Aki,
Thanks for your advice. Yes, I'm aware of this. Yet lowercasing should be the default since Dovecot 2.1.x., isn't it? Yet I wouldn't know where exactly to implement this %L, since the ACLs are set through IMAP commands through the users mailclient like Thunderbird. So in other words, the email address to whom the user want to grant ACLs provided by the user's mailclient, has nothing to do with my auth backend where e.g. %u => %Lu would apply. PLease correct me if I'm wrong here.
It clearly looks like a bug of the internal processing of the "dovecot-acl-list" files. It simply lacks on a lowercase enforcement in the code, like it already seems to do for the "dovecot-acl" file.
Best regards
Leander Schäfer
Am 16.09.16 um 12:53 schrieb Aki Tuomi:
On 16.09.2016 12:54, Leander Schäfer wrote:
Hi,
unfortunately I found a bug in Dovecot's ACL handling for shared mailboxes. It turns out Dovecot doesn't enforce lower casing the privileged username to whom the mailbox should be shared to. This results in a invalid configuration. Users get confused, since they passed on a valid email address in their ACL setup.
/usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Spam/dovecot-acl
user=leander@mydomain.localdomain eilrwts ^^ works
/usr/local/www/default/mail/leander@mydomain.localdomain/maildir/dovecot-acl
user=test@mydomain.localdomain eilrwts ^^ works
/usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Drafts/dovecot-acl
user=Leander@MyDomain.LocalDomain eilrwts ^^ Doesn't work
Best regards Leander Schäfer Hi! Did you know you can use %Lu instead of %u to force lowercasing?
Aki