On Wed, 2007-05-23 at 17:30 +0200, Marc Delling wrote:
first of all: this works to some point but is such a configuration
valid? can a public namespace be the maildir of a user?
Yes.
now the problem: the whole mail system runs with one uid/gid and virtual users, which
has the effect that some user can delete mails in the public
namespace or drop mails into it, create folders etc. this is not
wanted. i wanted a read-only public namespace. so i decided to use
acls. as namespace prefixes are ignored i needed to create them
globally.
That's exactly the reason why I think you shouldn't use global ACLs. You could instead create dovecot-acl file to the maildir itself.
/etc/dovecot/acls/Support:
owner lrwstiekxa authenticated lr
which lead to the result that other users than all@mydomain cannot
manipulate the public namespace at all, including setting their /Seen
flag. that was the first surprise to me as i thought this flag would
be managed seperately in the users homes.
Well, yes, but you're explicitly telling the ACL plugin to prevent even that.
after a (very short) thought i came to this (allow setting the /Seen
flag for others):owner lrwstiekxa authenticated lrs
which lead to another unexpected result: the /Seen flag is now set
globally. if one user marks a mail /Seen, it is /Seen for all other
users too.
ACL plugin shouldn't have anything to do with that decision. The \Seen flag is stored privately if you have created dovecot-shared file to the maildir. There isn't yet support for separate shared and private flags (and I'm not sure if there ever will be).