Patches used at FastMail.FM
Ken Murchison
murch at andrew.cmu.edu
Tue Jan 9 20:33:51 EST 2007
Rob Mueller wrote:
>> but this is in conflict with the the idea that in a large installation
>> of people who don't know each other the 'anyone' permission doesn't
>> make sense.
>>
>> what is really desired for + addressing is to say that messages that
>> arrive via the lmtp interface are allowed to write to all folders (not
>> just the inbox folders) without allowing other users on the system to
>> write arbatrary data to other people's folders via the IMAP interface.
>>
>> at least if it's arriving via the lmtp interface you have reason to
>> believe that it's been (somewhat) validated by your MTA.
>
> That's really what the "p" permission is all about:
>
> p - post (send mail to submission address for mailbox,
> not enforced by IMAP4 itself)
>
> So setting "anyone p" means that email via LMTP can be put into any
> persons folder by the delivery agent, but that folder isn't visible or
> accessible via any IMAP commands.
>
> At least that how I believe it works, and what we've observed. Maybe Ken
> can clarify?
Correct. 'p' is only used by lmtpd and nntpd, not by imapd or pop3d.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
More information about the Info-cyrus
mailing list