On Tue, 23 Jan 2007, Mark Crispin wrote:
Tried the above with imap-2006e.DEV.SNAP-0701181849, using the following
/etc/c-client.cf:
I accept the risk
set black-box-directory /mail/folders
set new-folder-format mbx
set restrict-mailbox-access root otherusers
That combination of black-box-directory and restrict-mailbox-access makes no
sense. You can not simultaneously be a blackbox and a restrictbox. As
matters stand, the blackbox setting completely overrides the restrictbox
settings.
Without the last line, thunderbird works for a few minutes, and then
presents all our 6,500 mailboxes for subscription (which of course
doesn't work due to file protection, but the delay is very annoying).
With restrict-mailbox-access this doesn't happen, so the must be
something that blackbox mode doesn't override.
But to be honest, I haven't tested this behaviour since imap-2004e,
so maybe this is fixed in more recent versions.
To sum things up, .mailboxlist seems well protected, but why is it offered
for subscription in the first platce?
I'm a novice when it comes to the imap protocol, so I assumed that
.mailboxlist was offered for subscription by the imap server. But if the
subscritions are handled just like you would retreive any other mailbox,
it is of course impossible to protect it. In that case the name
.mailboxlist must be reserved in the imap protocol, and should be hidden
from the use by the by the client.
If the user didn't subscribe to that name, and the client just subscribed to
it automatically without being told to do so...well, I don't have anything
good to say about a client that behaves that way. 'nuff said.
I subscribed manually, so we can't blame thunderbird other than for
making the file available for subscription. I trid the same thing in
other imap client, and .mailboxlist did not appear.
/Per
_______________________________________________
Imap-uw mailing list
[email protected]
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
