setting acl on autocreate folders

Anatoli me at anatoli.ws
Fri May 11 01:20:03 EDT 2018 

Hi Ellie,

Chen's question made me recheck the docs and now I have a doubt. Could 
you please clarify under what user the LMTP-delivered mails enters Cyrus 
when "-a" option is used over TCP with lmtpd (i.e. lmtp cmd="lmtpd -a" 
listen="127.0.0.1:2004")?

The documentation 
(https://cyrusimap.org/imap/concepts/overview_and_concepts.html#local-mail-transfer-protocol-lmtp) 
says:

    For final delivery via /LMTP over a TCP socket, it is necessary to
    use LMTP AUTH/. This is accomplished using SASL to authenticate the
    delivering user. If your mail server is performing delivery via LMTP
    AUTH (that is, using a SASL mechanism), you will want their
    authentication id to be an LMTP admins (either via the admins
    imapd.conf option or via the <service>_admins option, typically
    lmtp_admins).

    Alternatively you may deliver via /LMTP to a unix domain socket/,
    and /the connection will be preauthenticated as an administrative
    user/ (and access control is accomplished by controlling access to
    the socket).


But it doesn't say anything about the "-a: /Preauthorize connections 
initiated on an internet socket/, instead of requiring LMTP AUTH." 
(https://www.cyrusimap.org/imap/reference/manpages/systemcommands/lmtpd.html#cmdoption-lmtpd-a).

Thanks,
Anatoli

*From:* Ellie Timoney
*Sent:* Friday, May 11, 2018 00:46
*To:* Info-cyrus
*Subject:* Re: setting acl on autocreate folders

Hi Chen,

> So, the question : is it possible to set specific ACLs on autocreated
> folders ? (i.e., ACLs, different from those defined by defaultacl in
> imapd.conf).

I believe the autocreate mechanism has no particular knowledge of ACLs all all. It just uses the standard Cyrus policy for assigning them, with no way to override it.

Cheers,

ellie

On Wed, May 9, 2018, at 6:37 PM, Chentao Credungtao via Info-cyrus wrote:

> Hello,
>
> This question has been asked twice before by different users, but no
> answer has ever be given.
>
> In 2012 : https://www.spinics.net/lists/info-cyrus/msg14612.html
>
> In 2016 : https://www.spinics.net/lists/info-cyrus/msg17385.html
>
> I guess the answer is NO, but just the same I thought i'd asked again to
> be sure.
>
> So, the question : is it possible to set specific ACLs on autocreated
> folders ? (i.e., ACLs, different from those defined by defaultacl in
> imapd.conf).
>
> Thanks,
>
> Chen
>
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20180511/14dd9b3e/attachment.html>

More information about the Info-cyrus mailing list