On 5/3/2013 3:44 PM, Timo Sirainen wrote:
On 4.5.2013, at 1.27, Kelsey Cummings <kgc@corp.sonic.net> wrote:
On 2013-05-03 09:14, Timo Sirainen wrote:
GMail doesn't delete mails when POP3 client issues a DELE command for it. Instead they just become invisible for future POP3 sessions, but they still exist for IMAP/webmail. The same could be implemented pretty easily for Dovecot:
How does the usage case by your large customer differ from that allowed by the lazy_expunge plugin?
I didn't ask what their main reason for this was, but for me it would be: "Oops, I accidentally configured my new email client as POP3 instead of IMAP, and now it deleted everything from my INBOX." With lazy_expunge the user would have to explicitly go and undelete the mails, and it would also undelete those mails that were intentionally deleted. With this feature nothing at all would go wrong on IMAP/webmail side.
I agree with AJAX. This seems to be a matter of convenience and features versus privacy rights. Do the desires of the mail handling organization outweigh the privacy needs of individuals. This is a long standing argument.
I am glad that this was brought up. History is littered with inventions and creations that were designed for one purpose, but misused for another.
It seems this mod was designed to deal with stupid users who are unable to set up their email correctly, and the IT departments who are too lazy to manage the situation properly. I think this attempt to make the software idiot proof will fail, however.
There is a saying the goes something like "You cannot make anything idiot proof because idiots are so ingenious."
If someone is worried about end users setting up POP accidentally and deleting emails, then firewall ports 110 and 995. Simple solution. Problem solved with no inadvertent introduction of privacy and legal violations.
What worries me, is that as an end user, I now have no idea if this "feature" is turned on or not. When I specify that an email be deleted from the server, I expect that it is *deleted*. I feel that a feature like this is ripe for abuse.
Is there any way for the end user to know that this feature is turned on? What if a hacker got access to the server and changed the value of this setting? As pointed out by AJAX, POP3 comes with an expectation of privacy. There should be some way that the end user gets notified that his deleted POP emails are not actually deleted.
If Timo wants to add these features to private copies of the software for specific organizations, that is a matter between him, his client and the law. However, I do not feel it belongs in the mainstream release.
Dem