Hello,

I've a Dovecot Server Version 2.2.30.2 running on CentOS 6.9 and there's a problem with acls on shared folder. We have some mailboxes which are shared and used as a "group mailbox" and also some user who share their inbox and only the inbox when they are on holiday e.g.. When I set

"acl_defaults_from_inbox = yes"

it's not possible to restrict the access to only the inbox, meaning that the user who wants to share only their inbox have to share the whole mailbox. On the other hand when I set

"acl_defaults_from_inbox = no"

it is not possible to create a folder direct under the inbox of a "group mailbox" and one gets a "permission denied" message. Is this the normal behavior normal? Although the user who wants to create the folder has all rights he gets a "permission denied" message? Why? Am I missing something important? Does anyone who uses shared mailboxes had the same problem and solved this? Any suggestion or information, that I probably miss is welcome.

If needed here's my Dovecot configuration:

# 2.2.30.2 (c0c463e): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 2.6.32-696.3.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) ext4 auth_debug = yes auth_master_user_separator = * auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no mail_debug = yes mail_location = maildir:/export/home/imap/%Lu/Maildir mail_plugins = acl zlib mail_log notify mailbox_idle_check_interval = 10 secs mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext mbox_write_locks = fcntl namespace { hidden = no ignore_on_failure = no inbox = no list = children location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u prefix = shared/%%u/ separator = / subscriptions = yes type = shared } namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX/ separator = / type = private } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_shared_dict = file:/export/home/shared-db/shared-mailboxes mail_log_events = append delete undelete expunge copy mailbox_delete mailbox_rename flag_change mail_log_fields = uid box msgid size from flags sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global = /var/lib/dovecot/sieve/global/ sieve_user_log = ~/.dovecot.sieve.log zlib_save = gz zlib_save_level = 6 } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = vmail mode = 0660 user = vmail } } service imap-login { process_limit = 500 process_min_avail = 20 } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 24 } } service managesieve-login { inet_listener sieve { port = 4190 } inet_listener sieve_deprecated { port = 2000 } } ssl = required ssl_cert =

TIA & Regards, Thomas