I have configured an public namespace "Test" for a group of users:
| namespace public { | separator = . | prefix = Test. | location = maildir:/mailroot/public/Test | hidden = no | list = yes | subscriptions = yes | }
Using each users own subscription file for a public mailbox doesn't make sense when the mailbox is heavily used. Every directory operation (create/rename) needs to be synced between all subscribers automatically and immediately. So I set "subscriptions = yes".
My ACLS look like this:
| user=mark lrwstiekx | user=tim lrwstiekx | user=max lr | user=jenny lrwstiekx | user=louis lr
Nevertheless _all_ my mail users still have access to the namespace's directory tree. It is my understanding that when a user doesn't has 'lookup' access, he should not be able to subscribe to this mailbox. In my opinion this is a security problem. ACLs must be processed _before_ a shared subscrition file is parsed.
regards Lars