KONSEC work on Cyrus IMAPd
Gerd v. Egidy
lists at egidy.de
Thu Aug 17 12:53:05 EDT 2006
didn't expect to read from you, thought you were on vacation ;)
> > As an underlying principal, I think it is reasonable for an admin to
> > have control over what a client can store on the server.
> Hmm,... I fail to understand this. How is folder METADATA different from
> foldernames or messages. For neither folder names nor messages we limit the
> allowed contents/names beyond what is required by the standard or
> unfortunate side effects of the implementation.
> I am considering a simple solution which means that the mailbox acl (per
> folder) controls the access to the contents and the metadata of the folder.
> I don't want to restrict the contents of either a folder or the meta data.
> The resources used for both shall be accounted for when doing the quota
> How can you imagine abuse which needs to be prevented?
I think Ken worries about annotations that are used to control server
behavior. Currently e.g. squatter and cyr_expire can be controlled through
In some environments it may make sense to limit access to these kind of knobs,
at least for some users.
More information about the Cyrus-devel