
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <p>You could do</p>

    userdb {<br>

       driver = username_format=%Lu passwd-file<br>

       args = /etc/dovecot/share.passwd<br>

    }<br>

    <br>

    #  /etc/dovecot/share.passwd<br>

    <a class="moz-txt-link-abbreviated" href="mailto:test@onnet.ch">test@onnet.ch</a>::::::: userdb_acl=vfile:/etc/dovecot/dovecot-acl

    userdb_acl_globals_only = yes<br>

    <br>

    should prevent the user from modifying any ACL files. <br>

    <br>

    Aki<br>

    <br>

    <div class="moz-cite-prefix">On 05.08.2018 17:04, Simeon Ott wrote:<br>

    </div>

    <blockquote type="cite"

      cite="mid:DA7C8A52-7367-48B0-8ECA-0FA85C63BCF1@onnet.ch">

      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

      Hello

      <div class=""><br class="">

      </div>

      <div class="">Is it possible to limit the ability of sharing it’s

        own mailboxes to only a few users?</div>

      <div class="">We have a few sensitive mailboxes of users where the

        ability to share via IMAP SETACL should be prevented.</div>

      <div class=""><br class="">

      </div>

      <div class="">I tried the following so far…</div>

      <div class="">  <span style="font-family: Menlo; background-color:

          rgb(255, 255, 255);" class="">doveadm acl remove -u <a

            href="mailto:test@onnet.ch" class="" moz-do-not-send="true">test@onnet.ch</a>

          INBOX <a href="mailto:user=test@onnet.ch" class=""

            moz-do-not-send="true">user=test@onnet.ch</a> admin</span></div>

      <div class=""><br class="">

      </div>

      <div class="">but when doing this the admin rights are still there</div>

      <div class="">

        <div style="margin: 0px; font-stretch: normal; line-height:

          normal; font-family: Menlo; background-color: rgb(255, 255,

          255);" class=""><span style="font-variant-ligatures:

            no-common-ligatures" class="">  doveadm acl rights -u <a

              href="mailto:test@onnet.ch" class=""

              moz-do-not-send="true">test@onnet.ch</a> INBOX</span></div>

      </div>

      <div style="margin: 0px; font-stretch: normal; line-height:

        normal; font-family: Menlo; background-color: rgb(255, 255,

        255);" class=""><span style="font-variant-ligatures:

          no-common-ligatures" class="">

          <div style="margin: 0px; font-stretch: normal; line-height:

            normal;" class=""><span style="font-variant-ligatures:

              no-common-ligatures" class="">  vmail@buserver:~$ doveadm

              acl rights -u <a href="mailto:test@onnet.ch" class=""

                moz-do-not-send="true">test@onnet.ch</a> INBOX</span></div>

          <div style="margin: 0px; font-stretch: normal; line-height:

            normal;" class=""><span style="font-variant-ligatures:

              no-common-ligatures" class="">  Rights                    

                                                                       

                                               </span></div>

          <div style="margin: 0px; font-stretch: normal; line-height:

            normal;" class=""><span style="font-variant-ligatures:

              no-common-ligatures" class="">  lookup read write

              write-seen write-deleted insert post expunge create delete

              admin</span></div>

        </span></div>

      <div class=""><br class="">

      </div>

      <div class="">Thanks in advance for your help</div>

      <div class="">Simeon</div>

    </blockquote>

    <br>

  </body>

</html>