[Dovecot] Private message flags in shared mailboxes

[Ben Morrow]

At  8PM +0200 on 16/02/13 you (Timo Sirainen) wrote:
> 
> 1. What would be a good place to configure which flags are shared and
> which are private? [...] Another possibility would
> be in dovecot-acl file, but public mailboxes might be enabled without
> ACL plugin. 
[...]
> 
> 4. Private keywords aren't supported. I guess not much worse than
> system flags, but more code complexity. Wonder if anyone would care
> about them.

Does this mean non-owners can't set keywords, or that keywords they set
are set for everyone? I can see the latter being irritating, since some
clients (like Thunderbird) tend to set keywords without being asked to.
Denying 'w' would presumably prevent this, but that rather reduces the
point of having shared flags other than \Seen in the first place.

I think ideally one would want an extension to ACL, which supports a
per-flag (or keyword) per-mailbox per-user permission which can be
either no access, read, write shared, or write private. I don't think
this can sensibly be stuffed into the existing ACL extension (the only
reasonable place to put the flag name is as part of the user identifier,
which is confusing and crude), so this would mean a new GETFLAGACL/
SETFLAGACL/MYFLAGRIGHTS IMAP extension. Unless you think this can be
sensibly set via METADATA (I'm not familiar with that extension, so I
don't know whether using it for access control would be reasonable)?

Personally I don't think it's worth worrying about the case of shared
mailboxes without ACL.

Ben