On Wed, 10 Jan 2007, Rob Mueller wrote:
the usual reason for allowing the "anyone" ACL is to allow for + addressing
to
work.
is there another way to do this?
The admin user can still set the anyone acl, it's just non-admin users can't
change/set it. The way we do this to allow + addressing is when we create the
users top level folder, we set the "anyone p" acl on it, and any new folders
created after that by the user automatically inherit it.
but this is in conflict with the the idea that in a large installation of people
who don't know each other the 'anyone' permission doesn't make sense.
what is really desired for + addressing is to say that messages that arrive via
the lmtp interface are allowed to write to all folders (not just the inbox
folders) without allowing other users on the system to write arbatrary data to
other people's folders via the IMAP interface.
at least if it's arriving via the lmtp interface you have reason to believe that
it's been (somewhat) validated by your MTA.
David Lang
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
