<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body smarttemplateinserted="true">
    <div id="smartTemplate4-quoteHeader">
      <div style="font-size:10.0pt;font-family:Verdana,Arial">Hi Ellie,<br>
        <br>
        Chen's question made me recheck the docs and now I have a doubt.
        Could you please clarify under what user the LMTP-delivered
        mails enters Cyrus when "<font face="Courier New">-a</font>"
        option is used over TCP with lmtpd (i.e. <font face="Courier
          New">lmtp cmd="lmtpd -a" listen="127.0.0.1:2004"</font>)?<br>
        <br>
        The documentation
(<a class="moz-txt-link-freetext" href="https://cyrusimap.org/imap/concepts/overview_and_concepts.html#local-mail-transfer-protocol-lmtp">https://cyrusimap.org/imap/concepts/overview_and_concepts.html#local-mail-transfer-protocol-lmtp</a>)
        says:<br>
        <br>
        <blockquote>For final delivery via <i>LMTP over a TCP socket,
            it is necessary to use LMTP AUTH</i>. This is accomplished
          using SASL to authenticate the delivering user. If your mail
          server is performing delivery via LMTP AUTH (that is, using a
          SASL mechanism), you will want their authentication id to be
          an LMTP admins (either via the admins imapd.conf option or via
          the <service>_admins option, typically lmtp_admins).<br>
          <br>
          Alternatively you may deliver via <i>LMTP to a unix domain
            socket</i>, and <i>the connection will be preauthenticated
            as an administrative user</i> (and access control is
          accomplished by controlling access to the socket).<br>
        </blockquote>
        <br>
        But it doesn't say anything about the "-a: <i>Preauthorize
          connections initiated on an internet socket</i>, instead of
        requiring LMTP AUTH."
(<a class="moz-txt-link-freetext" href="https://www.cyrusimap.org/imap/reference/manpages/systemcommands/lmtpd.html#cmdoption-lmtpd-a">https://www.cyrusimap.org/imap/reference/manpages/systemcommands/lmtpd.html#cmdoption-lmtpd-a</a>).<br>
        <br>
        Thanks,<br>
        Anatoli<br>
        <br>
      </div>
      <div style="border:none;border-top:solid #B5C4DF
        1.0pt;padding:3.0pt 0cm 0cm
0cm;font-size:10.0pt;font-family:"Tahoma","sans-serif""><b>From:</b>
        Ellie Timoney<br>
        <b>Sent:</b> Friday, May 11, 2018 00:46<br>
        <b>To:</b> Info-cyrus<br>
        <b>Subject:</b> Re: setting acl on autocreate folders<br>
      </div>
      <br>
    </div>
    <span type="cite"
cite="mid:1526010387.1461722.1368258248.2DA1F3AD@webmail.messagingengine.com"
      style="display: block; word-break: break-all; margin: 7px 0 0 0;
      padding: 0; line-height:0"></span>
    <pre wrap="">Hi Chen,

</pre>
    <blockquote type="cite">
      <pre wrap="">So, the question : is it possible to set specific ACLs on autocreated 
folders ? (i.e., ACLs, different from those defined by defaultacl in 
imapd.conf).
</pre>
    </blockquote>
    <pre wrap="">
I believe the autocreate mechanism has no particular knowledge of ACLs all all. It just uses the standard Cyrus policy for assigning them, with no way to override it.

Cheers,

ellie

On Wed, May 9, 2018, at 6:37 PM, Chentao Credungtao via Info-cyrus wrote:
</pre>
    <blockquote type="cite">
      <pre wrap="">Hello,

This question has been asked twice before by different users, but no 
answer has ever be given.

In 2012 : <a class="moz-txt-link-freetext" href="https://www.spinics.net/lists/info-cyrus/msg14612.html">https://www.spinics.net/lists/info-cyrus/msg14612.html</a>

In 2016 : <a class="moz-txt-link-freetext" href="https://www.spinics.net/lists/info-cyrus/msg17385.html">https://www.spinics.net/lists/info-cyrus/msg17385.html</a>

I guess the answer is NO, but just the same I thought i'd asked again to 
be sure.

So, the question : is it possible to set specific ACLs on autocreated 
folders ? (i.e., ACLs, different from those defined by defaultacl in 
imapd.conf).

Thanks,

Chen

----
Cyrus Home Page: <a class="moz-txt-link-freetext" href="http://www.cyrusimap.org/">http://www.cyrusimap.org/</a>
List Archives/Info: <a class="moz-txt-link-freetext" href="http://lists.andrew.cmu.edu/pipermail/info-cyrus/">http://lists.andrew.cmu.edu/pipermail/info-cyrus/</a>
To Unsubscribe:
<a class="moz-txt-link-freetext" href="https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus">https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus</a>
</pre>
    </blockquote>
    <pre wrap="">----
Cyrus Home Page: <a class="moz-txt-link-freetext" href="http://www.cyrusimap.org/">http://www.cyrusimap.org/</a>
List Archives/Info: <a class="moz-txt-link-freetext" href="http://lists.andrew.cmu.edu/pipermail/info-cyrus/">http://lists.andrew.cmu.edu/pipermail/info-cyrus/</a>
To Unsubscribe:
<a class="moz-txt-link-freetext" href="https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus">https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus</a>


</pre>
    <br>
  </body>
</html>