I have users that should be doing POP3 only, however, I grant them access using Roundcube which uses the IMAP interface. I'd also allow them to use IMAP to access the mailbox, they're just not allowed to create more mailboxes than their main INBOX.
What would be the simplest way to make sure that users can't create mailboxes of their own? Since they are the owner, acls don't accomplish much, I presume. So I'm guessing, but something like changing the owner of their mailboxes to a management account, and then granting them access to read and delete messages (not write messages)? Would that be feasible? Does it scale? Any other (simpler) suggestions? -- Stephen. Confidence is that feeling you have before you understand the situation.
