Hi Aki,

Thanks for your advice. Yes, I'm aware of this. Yet lowercasing should be the default since Dovecot 2.1.x., isn't it? Yet I wouldn't know where exactly to implement this %L, since the ACLs are set through IMAP commands through the users mailclient like Thunderbird. So in other words, the email address to whom the user want to grant ACLs provided by the user's mailclient, has nothing to do with my auth backend where e.g. %u => %Lu would apply. PLease correct me if I'm wrong here.


It clearly looks like a bug of the internal processing of the "dovecot-acl-list" files. It simply lacks on a lowercase enforcement in the code, like it already seems to do for the "dovecot-acl" file.


Best regards

Leander Schäfer



Am 16.09.16 um 12:53 schrieb Aki Tuomi:

On 16.09.2016 12:54, Leander Schäfer wrote:
Hi,

unfortunately I found a bug in Dovecot's ACL handling for shared
mailboxes. It turns out Dovecot doesn't enforce lower casing the
privileged username to whom the mailbox should be shared to. This
results in a invalid configuration. Users get confused, since they
passed on a valid email address in their ACL setup.

/usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Spam/dovecot-acl

user=leander@mydomain.localdomain eilrwts
^^ works

/usr/local/www/default/mail/leander@mydomain.localdomain/maildir/dovecot-acl

user=test@mydomain.localdomain eilrwts
^^ works

/usr/local/www/default/mail/test@mydomain.localdomain/maildir/.Drafts/dovecot-acl

user=Leander@MyDomain.LocalDomain eilrwts
^^ Doesn't work

Best regards
Leander Schäfer
Hi! Did you know you can use %Lu instead of %u to force lowercasing?

Aki

Reply via email to