but this is in conflict with the the idea that in a large installation of
people who don't know each other the 'anyone' permission doesn't make
sense.
what is really desired for + addressing is to say that messages that
arrive via the lmtp interface are allowed to write to all folders (not
just the inbox folders) without allowing other users on the system to
write arbatrary data to other people's folders via the IMAP interface.
at least if it's arriving via the lmtp interface you have reason to
believe that it's been (somewhat) validated by your MTA.
That's really what the "p" permission is all about:
p - post (send mail to submission address for mailbox,
not enforced by IMAP4 itself)
So setting "anyone p" means that email via LMTP can be put into any persons
folder by the delivery agent, but that folder isn't visible or accessible
via any IMAP commands.
At least that how I believe it works, and what we've observed. Maybe Ken can
clarify?
Rob
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
