[Dovecot] Shared maildirs

Timo Sirainen tss at iki.fi
Sun Feb 5 13:58:56 EET 2006


On Tue, 2006-01-31 at 12:41 -0500, Charles Marcus wrote:
> 1. 'Seen' flags (I know there are more - but these are the only ones I 
> need to be able to configure) - I need to be able to set these as 'Per 
> User', on a per Folder basis. If this option is *not* set on a folder, 
> then the server should maintain the seen state - any user can change it, 
> and all will see the new state.
> 
> It wouldn't matter to me which was the default behavior - ie, if I had 
> to set seen='per user', or seen='server'.

This isn't on my paid-to-do list, but I'll probably add support for this
after ACLs work in general. I'll do it by making Dovecot store the
per-user-flags into index files only, hope that's good enough..

> 2. 'Hide Unreadable' Global flag - if I set it, then users should not 
> even see shared folders that they don't have at least read-only perms. 
> Samba does this really well with shares - any folders inside a share are 
> invisible to users who don't have perms to open them.

IMAP ACLs have separate "can see" and "can open" flags.

> 3. ACLs - ability to set user and group ACLs on a per folder (or per 
> group of folders) basis.

Yep. Although I'm not exactly sure how groups should be configured for
users. If users are in /etc/passwd, using /etc/group is probably a good
idea. But for virtual users then should there be also virtual groups,
and how are they configured?

> Do IMAP ACLs support the ability to set whether a user can add new 
> folders or not (assuming they have read/write perms),

It has a flag to specify if user can create subfolders for a mailbox.
Perhaps I could also make it possible to set those flags for a ""
mailbox, which would control if user can create anything under root.

>  and if they are 
> allowed to, whether the ACLs should propogate to (be inherited by) any 
> new sub-folders or not?

There's no inheritation specified by the spec. I'm not sure if I should
bother doing that for Dovecot either.. Might get difficult to understand
how the configuration works. Or maybe I could support wildcards, so
"box/*" would be possible. But those ACLs couldn't then be modified via
IMAP ACL extension (or maybe they could be, but they just couldn't be
listed).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060205/56785a75/attachment.pgp


More information about the dovecot mailing list