<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>You could do</p>
    userdb {<br>
       driver = username_format=%Lu passwd-file<br>
       args = /etc/dovecot/share.passwd<br>
    }<br>
    <br>
    #  /etc/dovecot/share.passwd<br>
    <a class="moz-txt-link-abbreviated" href="mailto:test@onnet.ch">test@onnet.ch</a>::::::: userdb_acl=vfile:/etc/dovecot/dovecot-acl
    userdb_acl_globals_only = yes<br>
    <br>
    should prevent the user from modifying any ACL files. <br>
    <br>
    Aki<br>
    <br>
    <div class="moz-cite-prefix">On 05.08.2018 17:04, Simeon Ott wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:DA7C8A52-7367-48B0-8ECA-0FA85C63BCF1@onnet.ch">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      Hello
      <div class=""><br class="">
      </div>
      <div class="">Is it possible to limit the ability of sharing it’s
        own mailboxes to only a few users?</div>
      <div class="">We have a few sensitive mailboxes of users where the
        ability to share via IMAP SETACL should be prevented.</div>
      <div class=""><br class="">
      </div>
      <div class="">I tried the following so far…</div>
      <div class="">  <span style="font-family: Menlo; background-color:
          rgb(255, 255, 255);" class="">doveadm acl remove -u <a
            href="mailto:test@onnet.ch" class="" moz-do-not-send="true">test@onnet.ch</a>
          INBOX <a href="mailto:user=test@onnet.ch" class=""
            moz-do-not-send="true">user=test@onnet.ch</a> admin</span></div>
      <div class=""><br class="">
      </div>
      <div class="">but when doing this the admin rights are still there</div>
      <div class="">
        <div style="margin: 0px; font-stretch: normal; line-height:
          normal; font-family: Menlo; background-color: rgb(255, 255,
          255);" class=""><span style="font-variant-ligatures:
            no-common-ligatures" class="">  doveadm acl rights -u <a
              href="mailto:test@onnet.ch" class=""
              moz-do-not-send="true">test@onnet.ch</a> INBOX</span></div>
      </div>
      <div style="margin: 0px; font-stretch: normal; line-height:
        normal; font-family: Menlo; background-color: rgb(255, 255,
        255);" class=""><span style="font-variant-ligatures:
          no-common-ligatures" class="">
          <div style="margin: 0px; font-stretch: normal; line-height:
            normal;" class=""><span style="font-variant-ligatures:
              no-common-ligatures" class="">  vmail@buserver:~$ doveadm
              acl rights -u <a href="mailto:test@onnet.ch" class=""
                moz-do-not-send="true">test@onnet.ch</a> INBOX</span></div>
          <div style="margin: 0px; font-stretch: normal; line-height:
            normal;" class=""><span style="font-variant-ligatures:
              no-common-ligatures" class="">  Rights                    
                                                                       
                                               </span></div>
          <div style="margin: 0px; font-stretch: normal; line-height:
            normal;" class=""><span style="font-variant-ligatures:
              no-common-ligatures" class="">  lookup read write
              write-seen write-deleted insert post expunge create delete
              admin</span></div>
        </span></div>
      <div class=""><br class="">
      </div>
      <div class="">Thanks in advance for your help</div>
      <div class="">Simeon</div>
    </blockquote>
    <br>
  </body>
</html>