Rob Mueller wrote:
but this is in conflict with the the idea that in a large installation
of people who don't know each other the 'anyone' permission doesn't
make sense.
what is really desired for + addressing is to say that messages that
arrive via the lmtp interface are allowed to write to all folders (not
just the inbox folders) without allowing other users on the system to
write arbatrary data to other people's folders via the IMAP interface.
at least if it's arriving via the lmtp interface you have reason to
believe that it's been (somewhat) validated by your MTA.
That's really what the "p" permission is all about:
p - post (send mail to submission address for mailbox,
not enforced by IMAP4 itself)
So setting "anyone p" means that email via LMTP can be put into any
persons folder by the delivery agent, but that folder isn't visible or
accessible via any IMAP commands.
At least that how I believe it works, and what we've observed. Maybe Ken
can clarify?
Correct. 'p' is only used by lmtpd and nntpd, not by imapd or pop3d.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
