Felix created JAMES-4097:
----------------------------
Summary: Allow cross-domain sharing of mailboxes via config
Key: JAMES-4097
URL: https://issues.apache.org/jira/browse/JAMES-4097
Project: James Server
Issue Type: Improvement
Components: mailbox
Reporter: Felix
As discussed on the server-dev mailing list (subject: `Shared mailboxes via
IMAP`), we think that the current single-domain restriction for mailbox sharing
is too strict for some use cases.
The restriction prevents that a mailbox of one domain can be shared with users
of another domain and was introduced with
[#318](https://issues.apache.org/jira/browse/MAILBOX-318).
This is one of multiple security layers to prevent unauthorized access to a
mailbox. In a multi-tenancy deployment, users of different tenants cannot
access other mailboxes because of missing ACL rights and the cross-domain
restriction serves as a fallback barrier.
However, there are also companies using different domains (e.g. it's common to
have a `student.` domain in universities) where collaboration between users of
different domains via shared mailboxes would be helpful.
To not influence existing deployments and keep the security benefit for default
deployments, we propose to add a configuration switch (by default disabled) to
allow sharing of mailboxes across domain boundaries.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
