<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p><br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 06.08.2018 08:26, Aki Tuomi wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:e4d1fd54-c020-8390-4182-cd724b20a666@dovecot.fi">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <p>You could do</p>
      userdb {<br>
         driver = username_format=%Lu passwd-file<br>
         args = /etc/dovecot/share.passwd<br>
      }<br>
      <br>
      #  /etc/dovecot/share.passwd<br>
      <a class="moz-txt-link-abbreviated" href="mailto:test@onnet.ch"
        moz-do-not-send="true">test@onnet.ch</a>:::::::
      userdb_acl=vfile:/etc/dovecot/dovecot-acl userdb_acl_globals_only
      = yes<br>
      <br>
      should prevent the user from modifying any ACL files. <br>
      <br>
      Aki<br>
      <br>
    </blockquote>
    <br>
    userdb_acl_globals_only=yes should be written without spaces...<br>
    <br>
    Aki<br>
    <br>
    <blockquote type="cite"
      cite="mid:e4d1fd54-c020-8390-4182-cd724b20a666@dovecot.fi">
      <div class="moz-cite-prefix">On 05.08.2018 17:04, Simeon Ott
        wrote:<br>
      </div>
      <blockquote type="cite"
        cite="mid:DA7C8A52-7367-48B0-8ECA-0FA85C63BCF1@onnet.ch">
        <meta http-equiv="Content-Type" content="text/html;
          charset=utf-8">
        Hello
        <div class=""><br class="">
        </div>
        <div class="">Is it possible to limit the ability of sharing
          it’s own mailboxes to only a few users?</div>
        <div class="">We have a few sensitive mailboxes of users where
          the ability to share via IMAP SETACL should be prevented.</div>
        <div class=""><br class="">
        </div>
        <div class="">I tried the following so far…</div>
        <div class="">  <span style="font-family: Menlo;
            background-color: rgb(255, 255, 255);" class="">doveadm acl
            remove -u <a href="mailto:test@onnet.ch" class=""
              moz-do-not-send="true">test@onnet.ch</a> INBOX <a
              href="mailto:user=test@onnet.ch" class=""
              moz-do-not-send="true">user=test@onnet.ch</a> admin</span></div>
        <div class=""><br class="">
        </div>
        <div class="">but when doing this the admin rights are still
          there</div>
        <div class="">
          <div style="margin: 0px; font-stretch: normal; line-height:
            normal; font-family: Menlo; background-color: rgb(255, 255,
            255);" class=""><span style="font-variant-ligatures:
              no-common-ligatures" class="">  doveadm acl rights -u <a
                href="mailto:test@onnet.ch" class=""
                moz-do-not-send="true">test@onnet.ch</a> INBOX</span></div>
        </div>
        <div style="margin: 0px; font-stretch: normal; line-height:
          normal; font-family: Menlo; background-color: rgb(255, 255,
          255);" class=""><span style="font-variant-ligatures:
            no-common-ligatures" class="">
            <div style="margin: 0px; font-stretch: normal; line-height:
              normal;" class=""><span style="font-variant-ligatures:
                no-common-ligatures" class="">  vmail@buserver:~$
                doveadm acl rights -u <a href="mailto:test@onnet.ch"
                  class="" moz-do-not-send="true">test@onnet.ch</a>
                INBOX</span></div>
            <div style="margin: 0px; font-stretch: normal; line-height:
              normal;" class=""><span style="font-variant-ligatures:
                no-common-ligatures" class="">  Rights                  
                                                                       
                                                     </span></div>
            <div style="margin: 0px; font-stretch: normal; line-height:
              normal;" class=""><span style="font-variant-ligatures:
                no-common-ligatures" class="">  lookup read write
                write-seen write-deleted insert post expunge create
                delete admin</span></div>
          </span></div>
        <div class=""><br class="">
        </div>
        <div class="">Thanks in advance for your help</div>
        <div class="">Simeon</div>
      </blockquote>
      <br>
    </blockquote>
    <br>
  </body>
</html>