<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body smarttemplateinserted="true">

    <div id="smartTemplate4-quoteHeader">

      <div style="font-size:10.0pt;font-family:Verdana,Arial">Hi Ellie,<br>

        <br>

        Chen's question made me recheck the docs and now I have a doubt.

        Could you please clarify under what user the LMTP-delivered

        mails enters Cyrus when "<font face="Courier New">-a</font>"

        option is used over TCP with lmtpd (i.e. <font face="Courier

          New">lmtp cmd="lmtpd -a" listen="127.0.0.1:2004"</font>)?<br>

        <br>

        The documentation

(<a class="moz-txt-link-freetext" href="https://cyrusimap.org/imap/concepts/overview_and_concepts.html#local-mail-transfer-protocol-lmtp">https://cyrusimap.org/imap/concepts/overview_and_concepts.html#local-mail-transfer-protocol-lmtp</a>)

        says:<br>

        <br>

        <blockquote>For final delivery via <i>LMTP over a TCP socket,

            it is necessary to use LMTP AUTH</i>. This is accomplished

          using SASL to authenticate the delivering user. If your mail

          server is performing delivery via LMTP AUTH (that is, using a

          SASL mechanism), you will want their authentication id to be

          an LMTP admins (either via the admins imapd.conf option or via

          the <service>_admins option, typically lmtp_admins).<br>

          <br>

          Alternatively you may deliver via <i>LMTP to a unix domain

            socket</i>, and <i>the connection will be preauthenticated

            as an administrative user</i> (and access control is

          accomplished by controlling access to the socket).<br>

        </blockquote>

        <br>

        But it doesn't say anything about the "-a: <i>Preauthorize

          connections initiated on an internet socket</i>, instead of

        requiring LMTP AUTH."

(<a class="moz-txt-link-freetext" href="https://www.cyrusimap.org/imap/reference/manpages/systemcommands/lmtpd.html#cmdoption-lmtpd-a">https://www.cyrusimap.org/imap/reference/manpages/systemcommands/lmtpd.html#cmdoption-lmtpd-a</a>).<br>

        <br>

        Thanks,<br>

        Anatoli<br>

        <br>

      </div>

      <div style="border:none;border-top:solid #B5C4DF

        1.0pt;padding:3.0pt 0cm 0cm

0cm;font-size:10.0pt;font-family:"Tahoma","sans-serif""><b>From:</b>

        Ellie Timoney<br>

        <b>Sent:</b> Friday, May 11, 2018 00:46<br>

        <b>To:</b> Info-cyrus<br>

        <b>Subject:</b> Re: setting acl on autocreate folders<br>

      </div>

      <br>

    </div>

    <span type="cite"

cite="mid:1526010387.1461722.1368258248.2DA1F3AD@webmail.messagingengine.com"

      style="display: block; word-break: break-all; margin: 7px 0 0 0;

      padding: 0; line-height:0"></span>

    <pre wrap="">Hi Chen,

</pre>

    <blockquote type="cite">

      <pre wrap="">So, the question : is it possible to set specific ACLs on autocreated 

folders ? (i.e., ACLs, different from those defined by defaultacl in 

imapd.conf).

</pre>

    </blockquote>

    <pre wrap="">

I believe the autocreate mechanism has no particular knowledge of ACLs all all. It just uses the standard Cyrus policy for assigning them, with no way to override it.

Cheers,

ellie

On Wed, May 9, 2018, at 6:37 PM, Chentao Credungtao via Info-cyrus wrote:

</pre>

    <blockquote type="cite">

      <pre wrap="">Hello,

This question has been asked twice before by different users, but no 

answer has ever be given.

In 2012 : <a class="moz-txt-link-freetext" href="https://www.spinics.net/lists/info-cyrus/msg14612.html">https://www.spinics.net/lists/info-cyrus/msg14612.html</a>

In 2016 : <a class="moz-txt-link-freetext" href="https://www.spinics.net/lists/info-cyrus/msg17385.html">https://www.spinics.net/lists/info-cyrus/msg17385.html</a>

I guess the answer is NO, but just the same I thought i'd asked again to 

be sure.

So, the question : is it possible to set specific ACLs on autocreated 

folders ? (i.e., ACLs, different from those defined by defaultacl in 

imapd.conf).

Thanks,

Chen

----

Cyrus Home Page: <a class="moz-txt-link-freetext" href="http://www.cyrusimap.org/">http://www.cyrusimap.org/</a>

List Archives/Info: <a class="moz-txt-link-freetext" href="http://lists.andrew.cmu.edu/pipermail/info-cyrus/">http://lists.andrew.cmu.edu/pipermail/info-cyrus/</a>

To Unsubscribe:

<a class="moz-txt-link-freetext" href="https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus">https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus</a>

</pre>

    </blockquote>

    <pre wrap="">----

Cyrus Home Page: <a class="moz-txt-link-freetext" href="http://www.cyrusimap.org/">http://www.cyrusimap.org/</a>

List Archives/Info: <a class="moz-txt-link-freetext" href="http://lists.andrew.cmu.edu/pipermail/info-cyrus/">http://lists.andrew.cmu.edu/pipermail/info-cyrus/</a>

To Unsubscribe:

<a class="moz-txt-link-freetext" href="https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus">https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus</a>

</pre>

    <br>

  </body>

</html>