[Dovecot] some clarification re: ACL?

Matt Zukowski mzukowski at urbacon.net
Wed May 2 19:40:33 EEST 2007

The ACL documentation is at http://wiki.dovecot.org/ACL is a bit 
vague... I'd be happy to update it myself, but I need some clarification:

For example, I have a dovecot-acl file with:

group=portal_admin lrw
anyone l

To me this means that any user in the portal_admin group should be able 
to open and read messages in the shared mailbox where this dovecot-acl 
file resides. All other users should be able to see the mailbox, but 
won't be able to open it.

What I'm finding is that in actuality NO ONE can open the mailbox. Users 
in the portal_admin group cannot open it.

Am I misreading how ACL is supposed to work? Or does the group= 
identifier simply not work? I guess I should mention that these groups 
are coming from active directory hooked up on the back-end with winbind, 
but I think this should be transparent to dovecot (i.e. dovecot 
shouldn't know the difference between groups originating from active 
directory versus local groups.... after all, it doesn't seem to 
differentiate between active directory users versus local users.... or 
am I wrong about this?)

Secondly, what is the group-override identifier supposed to do?

Thirdly, are spaces and other special characters allowed in the 
group/username identifiers?



This e-mail message is privileged, confidential and subject to copyright. Any unauthorized use or disclosure is prohibited. 
Le contenu du pr'esent courriel est privil'egi'e, confidentiel et soumis `a des droits d'auteur. Il est interdit de l'utiliser ou de le divulguer sans autorisation.

More information about the dovecot mailing list