On 26.11.2010, at 5.49, Timo Sirainen wrote: > Plan #2: Add support for per-user default namespace ACLs. In the mail root > directory if "dovecot-default-acl" file exists, it's used as the default > ACLs. I'm not entirely sure what should happen if it conflicts with the > global ACLs. Probably they both should be simply merged, since both can only > be created by an admin. Probably the per-user ACL should be allowed to > override the global ACLs.
Oh, a thought: A default ACL is about what ACLs are applied to a mailbox that doesn't yet have any ACL (or copying ACLs to a newly created mailbox on namespace root level). But would it be also useful to have ACLs that are always added on top of existing ACLs for a mailbox, even if it already has some ACLs set for it? Global ACLs already do this, but would it be useful to have also per-namespace "global" ACLs that acted that way? Possibly not.. But how useful would default ACLs be either? Maybe global ACLs with support for wildcards are all that is needed.
