This is what originally occurred to me, but consider the case of a
single domain server which then upgrades to virtdomains. Any mailbox which uses anyone/anonymous in an ACL is now open to anyone/anonymous in ANY domain on the server. I don't think we can assume that this is what the admin intended.
I think that's ok personally, since if you upgrade to virtual domains you're starting with everyone in the default domain anyway, it's up to you as the administrator to start "fixing" things by renaming people into the right domains, and fixing their appropriate ACL's as well...
Of course, if the admin sets the defaultdomain to coincide with the original single domain, then anyone/anonymous becomes [EMAIL PROTECTED]/[EMAIL PROTECTED], which follows your logic. I'll have to think about this some more, because I think I'm forgetting another issue with inter-domains ACLs.
If it's just an issue of administrators having to define what they mean by anyone/anonymous, rather than an implementation one, I think it would be good to do the implementation, and then let administrators decide if they want to enable the ability or not...
Rob
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
