Hello Timo, On Thu, 04 Apr 2013, Timo Sirainen wrote: > On 2.4.2013, at 15.37, Lutz Preßler <lutz.press...@sernet.de> wrote: > > > Only user1.test and user1.test.test2 have ACLs that allow testuser to access > > them. > > > > host:~# doveadm mailbox status -u testuser all INBOX.shared.user1.privat > > INBOX.shared.user1.privat messages=37 recent=0 uidnext=70 > > uidvalidity=1060291494 unseen=7 highestmodseq=1 vsize=1618757 > > guid=9a71cb399c249d4ce10e0000c93908ca > > > > Access with search and fetch (and probably any other doveadm command) is > > possible, too. > > Is this how it's supposed to work? Commands in testuser IMAP session > > respects ACLs. > > My guess: You have acl plugin enabled in protocol imap {}, but not globally? No. It's enabled in global mail_plugins: mail_plugins = " virtual acl zlib notify mail_log quota listescape stats fts fts_lucene mailbox_alias" imap_acl only in protocol imap, of course.
Lutz