Patches used at FastMail.FM
David Lang
david.lang at digitalinsight.com
Tue Jan 9 19:43:16 EST 2007
On Wed, 10 Jan 2007, Rob Mueller wrote:
>> but this is in conflict with the the idea that in a large installation of
>> people who don't know each other the 'anyone' permission doesn't make
>> sense.
>>
>> what is really desired for + addressing is to say that messages that arrive
>> via the lmtp interface are allowed to write to all folders (not just the
>> inbox folders) without allowing other users on the system to write
>> arbatrary data to other people's folders via the IMAP interface.
>>
>> at least if it's arriving via the lmtp interface you have reason to believe
>> that it's been (somewhat) validated by your MTA.
>
> That's really what the "p" permission is all about:
>
> p - post (send mail to submission address for mailbox,
> not enforced by IMAP4 itself)
>
> So setting "anyone p" means that email via LMTP can be put into any persons
> folder by the delivery agent, but that folder isn't visible or accessible via
> any IMAP commands.
>
> At least that how I believe it works, and what we've observed. Maybe Ken can
> clarify?
Ok, I thought that 'post' pre-dated lmtp and was the IMAP function to write a
message into the folder.
i.e. a program like imapsync would need the 'p' permission to write the
messages, (but would need other permissions to check for messages, set flags,
etc)
I'll play around with things a bit while waiting for clarification.
David Lang
More information about the Info-cyrus
mailing list